diff --git a/.github/workflows/PublishGitHubPages.yml b/.github/workflows/PublishGitHubPages.yml index bf85a3d7be..5db8507be7 100644 --- a/.github/workflows/PublishGitHubPages.yml +++ b/.github/workflows/PublishGitHubPages.yml @@ -38,6 +38,10 @@ jobs: needs: GenerateResource runs-on: ubuntu-latest + permissions: + contents: write + pages: write + # Only when run from the main repo if: github.repository == 'microsoft/Microsoft365DSC' diff --git a/CHANGELOG.md b/CHANGELOG.md index 3238c424ab..03548b85ac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,15 @@ # UNRELEASED +* AADGroup + * Fixed issue where group owners were removed from existing groups when unspecified in the config + FIXES [#4390](https://github.com/microsoft/Microsoft365DSC/issues/4390) +* EXOHostedContentFilterPolicy + * Add support for IntraOrgFilterState parameter + FIXES [#4424](https://github.com/microsoft/Microsoft365DSC/issues/4424) +* EXOHostedContentFilterRule + * Fixed issue in case of different names of filter rule and filter policy + FIXES [#4401](https://github.com/microsoft/Microsoft365DSC/issues/4401) * IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy * Added support for assignment GroupDisplayName and improve error handling from Get-TargetResource * IntuneAccountProtectionLocalUserGroupMembershipPolicy @@ -43,8 +52,41 @@ * IntuneDeviceConfigurationEndpointProtectionPolicyWindows10 * Added support for assignment GroupDisplayName and improve error handling from Get-TargetResource * Fixed an issue with the parameter InterfaceTypes from firewallrules defined as a string instead of string[] -* M365DSCDRGUtil - * Added support for groupDisplayName to all devices and all users groups +* IntuneDeviceConfigurationPKCSCertificatePolicyWindows10 + * Add property RootCertificateDisplayName in order to support assigning root + certificates by display name since their Ids in a blueprint might be from a + different source tenant + FIXES [#3965](https://github.com/microsoft/Microsoft365DSC/issues/3965) +* IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator + * Fixed policy assignment retrieval when Id is from other tenant, bogus or + null + FIXES [#3970](https://github.com/microsoft/Microsoft365DSC/issues/3970) +* IntuneDeviceConfigurationPolicyAndroidOpenSourceProject + * Fixed policy assignment retrieval when Id is from other tenant, bogus or + null + FIXES [#3971](https://github.com/microsoft/Microsoft365DSC/issues/3971) + * Fixed compare logic for CIM instances in Test-TargetResource +* M365DSCRuleEvaluation + * Fix issue when it didn't find any matching resources and it tried to make a + comparison +* O365OrgSettings + * Add read permission for extracting M365 apps installation settings instead + of extracting them only with read/write permissions + FIXES [#4418](https://github.com/microsoft/Microsoft365DSC/issues/4418) +* TeamsVoiceRoute + * Fix policy removal and also comparison in Test-TargetResource +* DEPENDENCIES + * Updated DSCParser to version 1.4.0.4. + * Updated Microsoft.Graph to version 2.15.0. + * Updated MicrosoftTeams to version 6.0.0. +* MISC + * Enhancement to obfuscate password from verbose logging and avoid empty lines + FIXES [#4392](https://github.com/microsoft/Microsoft365DSC/issues/4392) + * Fix example in documentation for Update-M365DSCAzureAdApplication + * Added support for groupDisplayName to all devices and all users groups + +# 1.24.228.1 + * AADApplication * Show current values of resource in Test-TargetResource * AADAuthorizationPolicy @@ -81,17 +123,24 @@ * EXOActiveSyncDeviceAccessRule * Remove extra property GUID that is stopping EXO integration tests from running +* IntuneDeviceConfigurationScepCertificatePolicyWindows10 + * Fixes an issue where the keyUsage property format was not correctly handled * IntuneExploitProtectionPolicyWindows10SettingCatalog * Fix update and removal of resource when Identity is from another tenant FIXES [#3962](https://github.com/microsoft/Microsoft365DSC/issues/3962) * SPOAccessControlSettings * Added support for the ConditionalAccessPolicy parameter based on the PNP Module +* Teams resources + * Updated required application permissions to support [Application Based Authentication](https://learn.microsoft.com/en-us/microsoftteams/teams-powershell-application-authentication) * TeamsCallQueue * Reduce the number of Calls for Export using new cache pattern FIXES [[#4191](https://github.com/microsoft/Microsoft365DSC/issues/4192)] * TeamsGuestMeetingConfiguration * Added the missing parameter AllowTranscription. FIXES [#4363](https://github.com/microsoft/Microsoft365DSC/issues/4363) +* TeamsTeam + * Corrected Parameters for Graph Commands when creating a new Team + FIXES [#4383](https://github.com/microsoft/Microsoft365DSC/issues/4383) * MISC * M365DSCDRGUtil Add new parameter for customizable assignment identifier @@ -224,6 +273,7 @@ * Fix IntuneDeviceEnrolllmentPlatformRestriction comparison in report FIXES [#4291](https://github.com/microsoft/Microsoft365DSC/issues/4291) * Added new QA test to check for missing description in resource schema + * Added new QA test to check for falsely assigned write-premissions in settings.json # 1.24.207.2 @@ -243,7 +293,7 @@ * SCDLPComplianceRule * Properly escapes fancy quotes in the Get method. * TeamsMeetingPolicy - * Ignore the AllowUserToJoinExternalMeeting parameterfor drift evaluation + * Ignore the AllowUserToJoinExternalMeeting parameter for drift evaluation since it doesn't do anything based on official documentation. * DEPENDENCIES * Updated Microsoft.PowerApps.Administration.PowerShell to version 2.0.180. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 index 939662c622..21752f97dc 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 @@ -75,7 +75,7 @@ function Get-TargetResource if (-not [System.String]::IsNullOrEmpty($Id)) { - $getValue = Get-MgBetaPolicyAuthenticationStrengthPolicy -AuthenticationStrengthPolicyId $Id + $getValue = Get-MgBetaPolicyAuthenticationStrengthPolicy -AuthenticationStrengthPolicyId $Id -ErrorAction 'SilentlyContinue' } if ($null -eq $getValue) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json index 6dbd672a14..3a9096b509 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json @@ -15,9 +15,6 @@ "read": [ { "name": "EntitlementManagement.Read.All" - }, - { - "name": "EntitlementManagement.ReadWrite.All" } ], "update": [ @@ -33,9 +30,6 @@ "read": [ { "name": "EntitlementManagement.Read.All" - }, - { - "name": "EntitlementManagement.ReadWrite.All" } ], "update": [ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 index f7462b3563..29641d1a6a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 @@ -618,48 +618,52 @@ function Set-TargetResource if ($Ensure -ne 'Absent') { #Owners - $currentOwnersValue = @() - if ($currentParameters.Owners.Length -gt 0) + if ($PSBoundParameters.ContainsKey('Owners')) { - $currentOwnersValue = $backCurrentOwners - } - $desiredOwnersValue = @() - if ($Owners.Length -gt 0) - { - $desiredOwnersValue = $Owners - } - if ($backCurrentOwners -eq $null) - { - $backCurrentOwners = @() - } - $ownersDiff = Compare-Object -ReferenceObject $backCurrentOwners -DifferenceObject $desiredOwnersValue - foreach ($diff in $ownersDiff) - { - $user = Get-MgUser -UserId $diff.InputObject - - if ($diff.SideIndicator -eq '=>') + $currentOwnersValue = @() + if ($currentParameters.Owners.Length -gt 0) { - Write-Verbose -Message "Adding new owner {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}" - $ownerObject = @{ - '@odata.id' = "https://graph.microsoft.com/v1.0/users/{$($user.Id)}" - } - try - { - New-MgGroupOwnerByRef -GroupId ($currentGroup.Id) -BodyParameter $ownerObject -ErrorAction Stop | Out-Null - } - catch + $currentOwnersValue = $backCurrentOwners + } + $desiredOwnersValue = @() + if ($Owners.Length -gt 0) + { + $desiredOwnersValue = $Owners + } + if ($backCurrentOwners -eq $null) + { + $backCurrentOwners = @() + } + $ownersDiff = Compare-Object -ReferenceObject $backCurrentOwners -DifferenceObject $desiredOwnersValue + foreach ($diff in $ownersDiff) + { + $user = Get-MgUser -UserId $diff.InputObject + + if ($diff.SideIndicator -eq '=>') { - if ($_.Exception.Message -notlike '*One or more added object references already exist for the following modified properties*') + Write-Verbose -Message "Adding new owner {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}" + $ownerObject = @{ + '@odata.id' = "https://graph.microsoft.com/v1.0/users/{$($user.Id)}" + } + try + { + New-MgGroupOwnerByRef -GroupId ($currentGroup.Id) -BodyParameter $ownerObject -ErrorAction Stop | Out-Null + } + catch { - throw $_ + if ($_.Exception.Message -notlike '*One or more added object references already exist for the following modified properties*') + { + throw $_ + } } } + elseif ($diff.SideIndicator -eq '<=') + { + Write-Verbose -Message "Removing new owner {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}" + Remove-MgGroupOwnerByRef -GroupId ($currentGroup.Id) -DirectoryObjectId ($user.Id) | Out-Null + } } - elseif ($diff.SideIndicator -eq '<=') - { - Write-Verbose -Message "Removing new owner {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}" - Remove-MgGroupOwnerByRef -GroupId ($currentGroup.Id) -DirectoryObjectId ($user.Id) | Out-Null - } + } #Members diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 index c5266516d2..ecd106f47e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 @@ -154,16 +154,15 @@ else { Write-Verbose -Message "Getting Role Eligibility by PrincipalId and RoleDefinitionId" + Write-Verbose -Message "Retrieving principal {$Principal} of type {$PrincipalType}" if ($PrincipalType -eq 'User') { - Write-Verbose -Message "Retrieving principal {$Principal} of type {$PrincipalType}" $PrincipalIdValue = Get-MgUser -Filter "UserPrincipalName eq '$Principal'" -ErrorAction SilentlyContinue $PrincipalTypeValue = 'User' } if ($null -eq $PrincipalIdValue -or $PrincipalType -eq 'Group') { - Write-Verbose -Message "Retrieving principal {$Principal} of type {$PrincipalType}" $PrincipalIdValue = Get-MgGroup -Filter "DisplayName eq '$Principal'" -ErrorAction SilentlyContinue $PrincipalTypeValue = 'Group' } @@ -817,10 +816,10 @@ function Export-TargetResource } foreach ($request in $Script:exportedInstances) { - $displayedKey = $request.Id + $RoleDefinitionId = Get-MgBetaRoleManagementDirectoryRoleDefinition -UnifiedRoleDefinitionId $request.RoleDefinitionId + $displayedKey = $RoleDefinitionId.DisplayName + " - " + $request.PrincipalId Write-Host " |---[$i/$($Script:exportedInstances.Count)] $displayedKey" -NoNewline - $RoleDefinitionId = Get-MgBetaRoleManagementDirectoryRoleDefinition -UnifiedRoleDefinitionId $request.RoleDefinitionId $params = @{ Id = $request.Id Principal = $request.PrincipalId diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/settings.json index e6d4aedab2..920f41deef 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/settings.json @@ -14,7 +14,7 @@ "application": { "read": [ { - "name": "RoleEligibilitySchedule.ReadWrite.Directory" + "name": "RoleEligibilitySchedule.Read.Directory" } ], "update": [ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 index a88e290821..fb4fd4a2e7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 @@ -164,6 +164,18 @@ function Get-TargetResource [System.Boolean] $EligibleAssignmentAssigneeNotificationOnlyCritical, + [Parameter()] + [System.Boolean] + $AuthenticationContextRequired, + + [Parameter()] + [System.String] + $AuthenticationContextId, + + [Parameter()] + [System.String] + $AuthenticationContextName, + [Parameter()] [ValidateSet('Present')] [System.String] @@ -217,7 +229,7 @@ function Get-TargetResource $RoleDefintion = $null if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $RoleDefinition = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $RoleDefinition = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } elseif (-not [System.String]::IsNullOrEmpty($Id)) { @@ -229,7 +241,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $RoleDefinition = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $RoleDefinition = $Script:exportedInstances | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } else { @@ -245,7 +257,7 @@ function Get-TargetResource $Script:PolicyAssignments = Get-MgBetaPolicyRoleManagementPolicyAssignment -Filter $allFilter -All } - $Policy = $Script:PolicyAssignments | Where-Object -FilterScript {$_.RoleDefinitionId -eq $RoleDefinition.Id} + $Policy = $Script:PolicyAssignments | Where-Object -FilterScript { $_.RoleDefinitionId -eq $RoleDefinition.Id } } catch { @@ -269,6 +281,13 @@ function Get-TargetResource $ActivationReqJustification = (($role | Where-Object { $_.Id -eq 'Enablement_EndUser_Assignment' }).AdditionalProperties.enabledRules) -contains 'Justification' $ActivationReqTicket = (($role | Where-Object { $_.Id -eq 'Enablement_EndUser_Assignment' }).AdditionalProperties.enabledRules) -contains 'Ticketing' $ActivationReqMFA = (($role | Where-Object { $_.Id -eq 'Enablement_EndUser_Assignment' }).AdditionalProperties.enabledRules) -contains 'MultiFactorAuthentication' + $AuthenticationContext = ($role | Where-Object { $_.Id -eq 'AuthenticationContext_EndUser_Assignment' }).AdditionalProperties + $AuthenticationContextRequired = $AuthenticationContext.isEnabled + if ($AuthenticationContextRequired) + { + $AuthenticationContextId = $AuthenticationContext.claimValue + $AuthenticationContextName = (Get-MgBetaIdentityConditionalAccessAuthenticationContextClassReference -AuthenticationContextClassReferenceId $AuthenticationContextId).DisplayName + } $ApprovaltoActivate = (($role | Where-Object { $_.Id -eq 'Approval_EndUser_Assignment' }).AdditionalProperties.setting.isApprovalRequired) [array]$ActivateApprovers = (($role | Where-Object { $_.Id -eq 'Approval_EndUser_Assignment' }).AdditionalProperties.setting.approvalStages.primaryApprovers) [string[]]$ActivateApprover = @() @@ -369,6 +388,9 @@ function Get-TargetResource EligibleAssignmentAssigneeNotificationDefaultRecipient = $EligibleAssignmentAssigneeNotificationDefaultRecipient EligibleAssignmentAssigneeNotificationAdditionalRecipient = [System.String[]]$EligibleAssignmentAssigneeNotificationAdditionalRecipient EligibleAssignmentAssigneeNotificationOnlyCritical = $EligibleAssignmentAssigneeNotificationOnlyCritical + AuthenticationContextRequired = $AuthenticationContextRequired + AuthenticationContextId = $AuthenticationContextId + AuthenticationContextName = $AuthenticationContextName Ensure = 'Present' ApplicationId = $ApplicationId TenantId = $TenantId @@ -557,6 +579,18 @@ function Set-TargetResource [System.Boolean] $EligibleAssignmentAssigneeNotificationOnlyCritical, + [Parameter()] + [System.Boolean] + $AuthenticationContextRequired, + + [Parameter()] + [System.String] + $AuthenticationContextId, + + [Parameter()] + [System.String] + $AuthenticationContextName, + [Parameter()] [ValidateSet('Present')] [System.String] @@ -591,6 +625,7 @@ function Set-TargetResource #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies + #$PSBoundParameters.Remove('AuthenticationContextName') | Out-Null #region Telemetry $ResourceName = $MyInvocation.MyCommand.ModuleName -replace 'MSFT_', '' @@ -1083,6 +1118,22 @@ function Set-TargetResource } } } + elseif ($role.Id -match 'AuthenticationContext_EndUser_Assignment') + { + if ($PSBoundParameters.ContainsKey('AuthenticationContextRequired') ` + -and $PSBoundParameters.ContainsKey('AuthenticationContextId')) + { + $params = @{ + '@odata.type' = $odatatype + 'id' = $role.Id + 'isEnabled' = $true + 'claimValue' = $AuthenticationContextId + target = @{ + '@odata.type' = 'microsoft.graph.unifiedRoleManagementPolicyRuleTarget' + } + } + } + } if ($params.Count -gt 0) { @@ -1269,6 +1320,18 @@ function Test-TargetResource [System.Boolean] $EligibleAssignmentAssigneeNotificationOnlyCritical, + [Parameter()] + [System.Boolean] + $AuthenticationContextRequired, + + [Parameter()] + [System.String] + $AuthenticationContextId, + + [Parameter()] + [System.String] + $AuthenticationContextName, + [Parameter()] [ValidateSet('Present')] [System.String] diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.schema.mof index 9239601277..6b7e78718c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.schema.mof @@ -41,6 +41,9 @@ class MSFT_AADRoleSetting : OMI_BaseResource [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), default recipient (True/False)")] Boolean EligibleAssignmentAssigneeNotificationDefaultRecipient; [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), additional recipient (UPN)")] String EligibleAssignmentAssigneeNotificationAdditionalRecipient[]; [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), only critical Email (True/False)")] Boolean EligibleAssignmentAssigneeNotificationOnlyCritical; + [Write, Description("Authorization context is required (True/False)")] Boolean AuthenticationContextRequired; + [Write, Description("Descriptive name of associated authorization context")] String AuthenticationContextName; + [Write, Description("Authorization context id")] String AuthenticationContextId; [Write, Description("Specify if the Azure AD role setting should exist or not."), ValueMap{"Present"}, Values{"Present"}] String Ensure; [Write, Description("Credentials for the Microsoft Graph delegated permissions."), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.psm1 index 90c58d92c2..2e1f5f4a5f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.psm1 @@ -99,6 +99,11 @@ function Get-TargetResource [System.Boolean] $InlineSafetyTipsEnabled = $true, + [Parameter()] + [ValidateSet('Default', 'HighConfidencePhish', 'Phish', 'HighConfidenceSpam', 'Spam', 'Disabled')] + [System.String] + $IntraOrgFilterState = 'Default', + [Parameter()] [ValidateSet('Off', 'On', 'Test')] [System.String] @@ -356,6 +361,7 @@ function Get-TargetResource HighConfidenceSpamAction = $HostedContentFilterPolicy.HighConfidenceSpamAction HighConfidenceSpamQuarantineTag = $HostedContentFilterPolicy.HighConfidenceSpamQuarantineTag InlineSafetyTipsEnabled = $HostedContentFilterPolicy.InlineSafetyTipsEnabled + IntraOrgFilterState = $HostedContentFilterPolicy.IntraOrgFilterState IncreaseScoreWithBizOrInfoUrls = $HostedContentFilterPolicy.IncreaseScoreWithBizOrInfoUrls IncreaseScoreWithImageLinks = $HostedContentFilterPolicy.IncreaseScoreWithImageLinks IncreaseScoreWithNumericIps = $HostedContentFilterPolicy.IncreaseScoreWithNumericIps @@ -517,6 +523,11 @@ function Set-TargetResource [System.Boolean] $InlineSafetyTipsEnabled = $true, + [Parameter()] + [ValidateSet('Default', 'HighConfidencePhish', 'Phish', 'HighConfidenceSpam', 'Spam', 'Disabled')] + [System.String] + $IntraOrgFilterState = 'Default', + [Parameter()] [ValidateSet('Off', 'On', 'Test')] [System.String] @@ -857,6 +868,11 @@ function Test-TargetResource [System.Boolean] $InlineSafetyTipsEnabled = $true, + [Parameter()] + [ValidateSet('Default', 'HighConfidencePhish', 'Phish', 'HighConfidenceSpam', 'Spam', 'Disabled')] + [System.String] + $IntraOrgFilterState = 'Default', + [Parameter()] [ValidateSet('Off', 'On', 'Test')] [System.String] diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.schema.mof index 6bf606d1ac..65ae9c3bc5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.schema.mof @@ -27,6 +27,7 @@ class MSFT_EXOHostedContentFilterPolicy : OMI_BaseResource [Write, Description("The IncreaseScoreWithNumericIps parameter increases the spam score of messages that contain links to IP addresses. Valid values for this parameter are Off, On or Test. The default value is Off."), ValueMap{"Off","On","Test"}, Values{"Off","On","Test"}] String IncreaseScoreWithNumericIps; [Write, Description("The IncreaseScoreWithRedirectToOtherPort parameter increases the spam score of messages that contain links that redirect to other TCP ports. Valid values for this parameter are Off, On or Test. The default value is Off."), ValueMap{"Off","On","Test"}, Values{"Off","On","Test"}] String IncreaseScoreWithRedirectToOtherPort; [Write, Description("The InlineSafetyTipsEnabled parameter specifies whether to enable or disable safety tips that are shown to recipients in messages. The default is $true")] Boolean InlineSafetyTipsEnabled; + [Write, Description("The IntraOrgFilterState parameter specifies whether to enable anti-spam filtering for messages sent between internal users (users in the same organization)."), ValueMap{"Default","HighConfidencePhish","Phish","HighConfidenceSpam","Spam","Disabled"}, Values{"Default","HighConfidencePhish","Phish","HighConfidenceSpam","Spam","Disabled"}] String IntraOrgFilterState; [Write, Description("The LanguageBlockList parameter specifies the languages to block when messages are blocked based on their language. Valid input for this parameter is a supported ISO 639-1 lowercase two-letter language code. You can specify multiple values separated by commas. This parameter is only use when the EnableRegionBlockList parameter is set to $true.")] String LanguageBlockList[]; [Write, Description("The MakeDefault parameter makes the specified content filter policy the default content filter policy. The default value is $false")] Boolean MakeDefault; [Write, Description("The MarkAsSpamBulkMail parameter classifies the message as spam when the message is identified as a bulk email message. Valid values for this parameter are Off, On or Test. The default value is On."), ValueMap{"Off","On","Test"}, Values{"Off","On","Test"}] String MarkAsSpamBulkMail; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterRule/MSFT_EXOHostedContentFilterRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterRule/MSFT_EXOHostedContentFilterRule.psm1 index ff9a042c4b..8a09720c02 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterRule/MSFT_EXOHostedContentFilterRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterRule/MSFT_EXOHostedContentFilterRule.psm1 @@ -114,7 +114,7 @@ function Get-TargetResource { try { - $HostedContentFilterRule = Get-HostedContentFilterRule -Identity $HostedContentFilterPolicy -ErrorAction Stop + $HostedContentFilterRule = Get-HostedContentFilterRule -Identity $Identity -ErrorAction Stop } catch { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 index 8d468a7d9b..32e9eba66b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 @@ -283,7 +283,14 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' try { - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $id -ErrorAction SilentlyContinue + if (-not [System.String]::IsNullOrEmpty($Id)) + { + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $id -ErrorAction SilentlyContinue + } + else + { + $getValue = $null + } if ($null -eq $getValue) { @@ -370,11 +377,18 @@ function Get-TargetResource } if ($null -eq $getValue) { - Write-Verbose -Message "Nothing with id {$id} was found" + if (-not [String]::IsNullOrEmpty($Id)) + { + Write-Verbose -Message "Nothing with id {$Id} was found" + } + else + { + Write-Verbose -Message "Nothing with display name {$DisplayName} was found" + } return $nullResult } - Write-Verbose -Message "Found something with id {$id}" + Write-Verbose -Message "Found something with id {$($getValue.Id)}" $results = @{ #region resource generator code @@ -440,7 +454,7 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id + $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $getValue.Id $assignmentResult = @() foreach ($assignmentEntry in $AssignmentsValues) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 index 72f8b9ab6e..ae5c70951f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 @@ -135,7 +135,14 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' try { - $getValue = $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $id -ErrorAction SilentlyContinue + if (-not [System.String]::IsNullOrEmpty($Id)) + { + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $id -ErrorAction SilentlyContinue + } + else + { + $getValue = $null + } #region resource generator code if ($null -eq $getValue) @@ -149,11 +156,19 @@ function Get-TargetResource if ($null -eq $getValue) { - Write-Verbose -Message "Nothing with id {$id} was found" + if (-not [String]::IsNullOrEmpty($Id)) + { + Write-Verbose -Message "Nothing with id {$Id} was found" + } + else + { + Write-Verbose -Message "Nothing with display name {$DisplayName} was found" + } + return $nullResult } - Write-Verbose -Message "Found something with id {$id}" + Write-Verbose -Message "Found something with id {$($getValue.Id)}" $results = @{ #region resource generator code @@ -183,7 +198,7 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id + $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $getValue.Id $assignmentResult = @() foreach ($assignmentEntry in $AssignmentsValues) { @@ -596,34 +611,19 @@ function Test-TargetResource } $testResult = $true + #Compare Cim instances foreach ($key in $PSBoundParameters.Keys) { - if ($PSBoundParameters[$key].getType().Name -like '*CimInstance*') + $source = $PSBoundParameters.$key + $target = $CurrentValues.$key + if ($source.getType().Name -like '*CimInstance*') { - $CIMArraySource = @() - $CIMArrayTarget = @() - $CIMArraySource += $PSBoundParameters[$key] - $CIMArrayTarget += $CurrentValues.$key - if ($CIMArraySource.count -ne $CIMArrayTarget.count) - { - Write-Verbose -Message "Configuration drift:Number of items does not match: Source=$($CIMArraySource.count) Target=$($CIMArrayTarget.count)" - $testResult = $false - break - } - $i = 0 - foreach ($item in $CIMArraySource ) - { - $testResult = Compare-M365DSCComplexObject ` - -Source (Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $CIMArraySource[$i]) ` - -Target ($CIMArrayTarget[$i]) + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $source + + $testResult = Compare-M365DSCComplexObject ` + -Source ($source) ` + -Target ($target) - $i++ - if (-Not $testResult) - { - $testResult = $false - break - } - } if (-Not $testResult) { $testResult = $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.psm1 index d4e2473c17..38e2374751 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.psm1 @@ -22,7 +22,7 @@ function Get-TargetResource [Parameter()] [ValidateSet('keyEncipherment','digitalSignature')] - [System.String] + [System.String[]] $KeyUsage, [Parameter()] @@ -73,6 +73,10 @@ function Get-TargetResource [System.String] $SubjectNameFormat, + [Parameter()] + [System.String] + $RootCertificateDisplayName, + [Parameter()] [System.String] $RootCertificateId, @@ -250,12 +254,16 @@ function Get-TargetResource } #endregion + $RootCertificate = Get-DeviceConfigurationPolicyRootCertificate -DeviceConfigurationPolicyId $getValue.Id + $RootCertificateId = $RootCertificate.Id + $RootCertificateDisplayName = $RootCertificate.DisplayName + $results = @{ #region resource generator code CertificateStore = $enumCertificateStore HashAlgorithm = $enumHashAlgorithm KeySize = $enumKeySize - KeyUsage = $enumKeyUsage + KeyUsage = $enumKeyUsage.Split(',') ScepServerUrls = $getValue.AdditionalProperties.scepServerUrls SubjectAlternativeNameFormatString = $getValue.AdditionalProperties.subjectAlternativeNameFormatString SubjectNameFormatString = $getValue.AdditionalProperties.subjectNameFormatString @@ -267,7 +275,8 @@ function Get-TargetResource RenewalThresholdPercentage = $getValue.AdditionalProperties.renewalThresholdPercentage SubjectAlternativeNameType = $enumSubjectAlternativeNameType SubjectNameFormat = $enumSubjectNameFormat - RootCertificateId = Get-DeviceConfigurationPolicyRootCertificateId -DeviceConfigurationPolicyId $getValue.Id + RootCertificateId = $RootCertificateId + RootCertificateDisplayName = $RootCertificateDisplayName Description = $getValue.Description DisplayName = $getValue.DisplayName Id = $getValue.Id @@ -332,7 +341,7 @@ function Set-TargetResource [Parameter()] [ValidateSet('keyEncipherment','digitalSignature')] - [System.String] + [System.String[]] $KeyUsage, [Parameter()] @@ -383,6 +392,10 @@ function Set-TargetResource [System.String] $SubjectNameFormat, + [Parameter()] + [System.String] + $RootCertificateDisplayName, + [Parameter()] [System.String] $RootCertificateId, @@ -460,6 +473,7 @@ function Set-TargetResource $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters $CreateParameters.Remove('Id') | Out-Null + $CreateParameters['keyUsage'] = $CreateParameters['keyUsage'] -join ',' $keys = (([Hashtable]$CreateParameters).clone()).Keys foreach ($key in $keys) @@ -469,6 +483,38 @@ function Set-TargetResource $CreateParameters.$key = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $CreateParameters.$key } } + + $RootCertificate = Get-MgBetaDeviceManagementDeviceConfiguration ` + -DeviceConfigurationId $RootCertificateId ` + -ErrorAction SilentlyContinue | ` + Where-Object -FilterScript { + $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" + } + + if ($null -eq $RootCertificate) + { + Write-Verbose -Message "Could not find trusted root certificate with Id {$RootCertificateId}, searching by display name {$RootCertificateDisplayName}" + + $RootCertificate = Get-MgBetaDeviceManagementDeviceConfiguration ` + -Filter "DisplayName eq '$RootCertificateDisplayName'" ` + -ErrorAction SilentlyContinue | ` + Where-Object -FilterScript { + $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" + } + $RootCertificateId = $RootCertificate.Id + + if ($null -eq $RootCertificate) + { + throw "Could not find trusted root certificate with Id {$RootCertificateId} or display name {$RootCertificateDisplayName}" + } + + Write-Verbose -Message "Found trusted root certificate with Id {$($RootCertificate.Id)} and DisplayName {$($RootCertificate.DisplayName)}" + } + else + { + Write-Verbose -Message "Found trusted root certificate with Id {$RootCertificateId}" + } + #region resource generator code $CreateParameters.Add("rootCertificate@odata.bind", "https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations('$RootCertificateId')") $CreateParameters.Add("@odata.type", "#microsoft.graph.windows81SCEPCertificateProfile") @@ -492,11 +538,13 @@ function Set-TargetResource Write-Verbose -Message "Updating the Intune Device Configuration Scep Certificate Policy for Windows10 with Id {$($currentInstance.Id)}" $BoundParameters.Remove("Assignments") | Out-Null $BoundParameters.Remove('RootCertificateId') | Out-Null + $BoundParameters.Remove('RootCertificateDisplayName') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters $UpdateParameters.Remove('Id') | Out-Null + $UpdateParameters['keyUsage'] = $UpdateParameters['keyUsage'] -join ',' $keys = (([Hashtable]$UpdateParameters).clone()).Keys foreach ($key in $keys) @@ -522,6 +570,37 @@ function Set-TargetResource -Repository 'deviceManagement/deviceConfigurations' #endregion + $RootCertificate = Get-MgBetaDeviceManagementDeviceConfiguration ` + -DeviceConfigurationId $RootCertificateId ` + -ErrorAction SilentlyContinue | ` + Where-Object -FilterScript { + $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" + } + + if ($null -eq $RootCertificate) + { + Write-Verbose -Message "Could not find trusted root certificate with Id {$RootCertificateId}, searching by display name {$RootCertificateDisplayName}" + + $RootCertificate = Get-MgBetaDeviceManagementDeviceConfiguration ` + -Filter "DisplayName eq '$RootCertificateDisplayName'" ` + -ErrorAction SilentlyContinue | ` + Where-Object -FilterScript { + $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" + } + $RootCertificateId = $RootCertificate.Id + + if ($null -eq $RootCertificate) + { + throw "Could not find trusted root certificate with Id {$RootCertificateId} or display name {$RootCertificateDisplayName}" + } + + Write-Verbose -Message "Found trusted root certificate with Id {$($RootCertificate.Id)} and DisplayName {$($RootCertificate.DisplayName)}" + } + else + { + Write-Verbose -Message "Found trusted root certificate with Id {$RootCertificateId}" + } + Update-DeviceConfigurationPolicyRootCertificateId ` -DeviceConfigurationPolicyId $currentInstance.id ` -RootCertificateId $RootCertificateId @@ -559,7 +638,7 @@ function Test-TargetResource [Parameter()] [ValidateSet('keyEncipherment','digitalSignature')] - [System.String] + [System.String[]] $KeyUsage, [Parameter()] @@ -610,6 +689,10 @@ function Test-TargetResource [System.String] $SubjectNameFormat, + [Parameter()] + [System.String] + $RootCertificateDisplayName, + [Parameter()] [System.String] $RootCertificateId, @@ -713,6 +796,10 @@ function Test-TargetResource $ValuesToCheck.Remove('ApplicationId') | Out-Null $ValuesToCheck.Remove('TenantId') | Out-Null $ValuesToCheck.Remove('ApplicationSecret') | Out-Null + if ($null -ne $ValuesToCheck.RootCertificateDisplayName) + { + $ValuesToCheck.Remove('RootCertificateId') | Out-Null + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" @@ -907,7 +994,7 @@ function Export-TargetResource } } -function Get-DeviceConfigurationPolicyRootCertificateId +function Get-DeviceConfigurationPolicyRootCertificate { [CmdletBinding()] [OutputType([System.String])] @@ -920,7 +1007,7 @@ function Get-DeviceConfigurationPolicyRootCertificateId $Uri = " https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations('$DeviceConfigurationPolicyId')/microsoft.graph.windows81SCEPCertificateProfile/rootCertificate" $result = Invoke-MgGraphRequest -Method Get -Uri $Uri -ErrorAction Stop - return $result.id + return $result } function Update-DeviceConfigurationPolicyRootCertificateId diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.schema.mof index a97c29ff40..90c392fbe6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.schema.mof @@ -27,7 +27,7 @@ class MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10 : OMI_BaseRes [Write, Description("Target store certificate. Possible values are: user, machine."), ValueMap{"user","machine"}, Values{"user","machine"}] String CertificateStore; [Write, Description("SCEP Hash Algorithm. Possible values are: sha1, sha2."), ValueMap{"sha1","sha2"}, Values{"sha1","sha2"}] String HashAlgorithm; [Write, Description("SCEP Key Size. Possible values are: size1024, size2048, size4096."), ValueMap{"size1024","size2048","size4096"}, Values{"size1024","size2048","size4096"}] String KeySize; - [Write, Description("SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature."), ValueMap{"keyEncipherment","digitalSignature"}, Values{"keyEncipherment","digitalSignature"}] String KeyUsage; + [Write, Description("SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature."), ValueMap{"keyEncipherment","digitalSignature"}, Values{"keyEncipherment","digitalSignature"}] String KeyUsage[]; [Write, Description("SCEP Server Url(s).")] String ScepServerUrls[]; [Write, Description("Custom String that defines the AAD Attribute.")] String SubjectAlternativeNameFormatString; [Write, Description("Custom format to use with SubjectNameFormat = Custom. Example: CN={{UserName}},E={{EmailAddress}},OU=Enterprise Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US")] String SubjectNameFormatString; @@ -39,6 +39,7 @@ class MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10 : OMI_BaseRes [Write, Description("Certificate renewal threshold percentage. Valid values 1 to 99")] UInt32 RenewalThresholdPercentage; [Write, Description("Certificate Subject Alternative Name Type. Possible values are: none, emailAddress, userPrincipalName, customAzureADAttribute, domainNameService, universalResourceIdentifier."), ValueMap{"none","emailAddress","userPrincipalName","customAzureADAttribute","domainNameService","universalResourceIdentifier"}, Values{"none","emailAddress","userPrincipalName","customAzureADAttribute","domainNameService","universalResourceIdentifier"}] String SubjectAlternativeNameType; [Write, Description("Certificate Subject Name Format. Possible values are: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, commonNameAsDurableDeviceId."), ValueMap{"commonName","commonNameIncludingEmail","commonNameAsEmail","custom","commonNameAsIMEI","commonNameAsSerialNumber","commonNameAsAadDeviceId","commonNameAsIntuneDeviceId","commonNameAsDurableDeviceId"}, Values{"commonName","commonNameIncludingEmail","commonNameAsEmail","custom","commonNameAsIMEI","commonNameAsSerialNumber","commonNameAsAadDeviceId","commonNameAsIntuneDeviceId","commonNameAsDurableDeviceId"}] String SubjectNameFormat; + [Write, Description("Trusted Root Certificate DisplayName")] String RootCertificateDisplayName; [Write, Description("Trusted Root Certificate Id")] String RootCertificateId; [Write, Description("Admin provided description of the Device Configuration.")] String Description; [Key, Description("Admin provided name of the device configuration.")] String DisplayName; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 index 41367ee930..732ce5594e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 @@ -205,56 +205,61 @@ function Test-TargetResource $result = ($instances.Length - $DSCConvertedInstances.Length) -eq 0 - if (-not [System.String]::IsNullOrEmpty($AfterRuleCountQuery)) + $message = [System.Text.StringBuilder]::New() + [void]$message.AppendLine("ResourceName:`r`n$ResourceName`r`n") + [void]$message.AppendLine("RuleDefinition:`r`n$RuleDefinition`r`n") + + if ($instances.Length -eq 0) { - Write-Verbose -Message "Checking the After Rule Count" - $afterRuleCountQueryString = "`$instances.Length $AfterRuleCountQuery" - $afterRuleCountQueryBlock = [Scriptblock]::Create($afterRuleCountQueryString) - $result = [Boolean](Invoke-Command -ScriptBlock $afterRuleCountQueryBlock) - $message = [System.Text.StringBuilder]::New() - if ($instances.Length -eq 0) - { - [void]$message.AppendLine("No instances were found for the given Rule Definition.") - } - elseif (-not $result) + [void]$message.AppendLine("No instances were found for the given Rule Definition.") + } + else + { + if (-not [System.String]::IsNullOrEmpty($AfterRuleCountQuery)) { - $invalidInstancesLogNames = '' - foreach ($invalidInstance in $instances) + Write-Verbose -Message "Checking the After Rule Count" + $afterRuleCountQueryString = "`$instances.Length $AfterRuleCountQuery" + $afterRuleCountQueryBlock = [Scriptblock]::Create($afterRuleCountQueryString) + $result = [Boolean](Invoke-Command -ScriptBlock $afterRuleCountQueryBlock) + if (-not $result) { - $invalidInstancesLogNames += "[$ResourceName]$($invalidInstance.ResourceInstanceName)`r`n" - } + $invalidInstances = $instances.ResourceInstanceName - [void]$message.AppendLine("The following resource instance(s) failed a rule validation:`r`n$invalidInstancesLogNames") - [void]$message.AppendLine("`r`nRuleDefinition:`r`n$RuleDefinition") - [void]$message.AppendLine("`r`AfterRuleCountQuery:`r`n$AfterRuleCountQuery") - Add-M365DSCEvent -Message $message.ToString() ` - -EventType 'RuleEvaluation' ` - -EntryType 'Warning' ` - -EventID 1 -Source $CurrentResourceName + [void]$message.AppendLine("AfterRuleCountQuery:`r`n$AfterRuleCountQuery`r`n") + $MessagePrefix = "The following resource instance(s) matched a rule validation, but did not meet the AfterRuleCountQuery:`r`n" + } } - } - elseif (-not $result) - { - $invalidInstances = Compare-Object -ReferenceObject $DSCConvertedInstances.ResourceInstanceName -DifferenceObject $instances.ResourceInstanceName - # Log drifts for each invalid instances found. - $invalidInstancesLogNames = '' - foreach ($invalidInstance in $invalidInstances) + else { - $invalidInstancesLogNames += "[$ResourceName]$($invalidInstance.InputObject)`r`n" + $invalidInstances = Compare-Object -ReferenceObject $DSCConvertedInstances.ResourceInstanceName -DifferenceObject $instances.ResourceInstanceName + $invalidInstances = $invalidInstances.InputObject + + $MessagePrefix = "The following resource instance(s) failed a rule validation:`r`n" } if (-not $result) { - $message = [System.Text.StringBuilder]::New() - [void]$message.AppendLine("The following resource instance(s) failed a rule validation:`r`n$invalidInstancesLogNames") - [void]$message.AppendLine("`r`nRuleDefinition:`r`n$RuleDefinition") - Add-M365DSCEvent -Message $message.ToString() ` - -EventType 'RuleEvaluation' ` - -EntryType 'Warning' ` - -EventID 1 -Source $CurrentResourceName + # Log drifts for each invalid instances found. + $invalidInstancesLogNames = '' + foreach ($invalidInstance in $invalidInstances) + { + $invalidInstancesLogNames += "[$ResourceName]$invalidInstance`r`n" + } + + [void]$message.AppendLine("$MessagePrefix$invalidInstancesLogNames") } } + + if (-not $result) + { + Add-M365DSCEvent -Message $message.ToString() ` + -EventType 'RuleEvaluation' ` + -EntryType 'Warning' ` + -EventID 1 -Source $CurrentResourceName + } + Write-Verbose -Message "Test-TargetResource returned $result" + return $result } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/settings.json index fbf73c095e..0cb2978d9e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/settings.json @@ -11,6 +11,9 @@ { "name": "ReportSettings.Read.All" }, + { + "name": "OrgSettings-Microsoft365Install.Read.All" + }, { "name": "OrgSettings-Forms.Read.All" }, @@ -31,6 +34,9 @@ { "name": "ReportSettings.ReadWrite.All" }, + { + "name": "OrgSettings-Microsoft365Install.ReadWrite.All" + }, { "name": "OrgSettings-Forms.ReadWrite.All" }, @@ -53,6 +59,9 @@ { "name": "ReportSettings.Read.All" }, + { + "name": "OrgSettings-Microsoft365Install.Read.All" + }, { "name": "OrgSettings-Forms.Read.All" }, @@ -77,7 +86,7 @@ "name": "ReportSettings.ReadWrite.All" }, { - "name": "83f7232f-763c-47b2-a097-e35d2cbe1da5" + "name": "OrgSettings-Microsoft365Install.ReadWrite.All" }, { "name": "OrgSettings-Forms.ReadWrite.All" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/settings.json index 577d81ca16..eccfc5b5b6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/settings.json index f358c5184a..cf65623433 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/settings.json index 02459e9dbb..315e33218f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/settings.json index c0ba8680fe..0a02727b6d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/settings.json index 6740f367ef..46844aa6e1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/settings.json index 64fe70d0ef..00003096ca 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallingPolicy/settings.json index 0b8110a144..8879faeb06 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelsPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelsPolicy/settings.json index e03f33559c..156a518f63 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelsPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelsPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsClientConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsClientConfiguration/settings.json index 80fc97c6bb..b841c9e6c6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsClientConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsClientConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/settings.json index 93d00a00ad..24bbf15a2f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/settings.json index 5751ac389c..1e54208f4c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsDialInConferencingTenantSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsDialInConferencingTenantSettings/settings.json index f69501007c..215b531525 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsDialInConferencingTenantSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsDialInConferencingTenantSettings/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallingPolicy/settings.json index db23adfa8b..a55c81a8a4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/settings.json index ed291895d7..daa1172c7f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEventsPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEventsPolicy/settings.json index b8a36afd9d..052f6182a9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEventsPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEventsPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFederationConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFederationConfiguration/settings.json index d8dc2dfae9..d0337ae301 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFederationConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFederationConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/settings.json index 6668c9de46..4c276464d8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/settings.json index 8eb20a3b38..738a57bc27 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/settings.json index 71d9d50fb6..2da9dc49bf 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestCallingConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestCallingConfiguration/settings.json index 902494401a..a326647bf5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestCallingConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestCallingConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/settings.json index a93b6b9a53..74a075d298 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMessagingConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMessagingConfiguration/settings.json index daf2772dc1..e0fb501874 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMessagingConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMessagingConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/settings.json index 60e07fed7c..f6ae4193eb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastConfiguration/settings.json index ffabcd4e7d..b34b17d280 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastPolicy/settings.json index 432676cf64..2900ffb062 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingConfiguration/settings.json index 984857cb67..21c86a0dce 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingPolicy/settings.json index 32c8428a98..6ddc930616 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/settings.json index 5db17c3de8..cada36dde0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/settings.json index 36a2ba660c..fdc0920ac6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/settings.json index b9f4fee0ec..0bf17bd572 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoiceUser/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoiceUser/settings.json index 7faa945073..3548e00137 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoiceUser/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoiceUser/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailPolicy/settings.json index ce987abcaf..a76fc4a517 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailUserSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailUserSettings/settings.json index ef7c36a88d..954e881fa2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailUserSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailUserSettings/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/settings.json index c98543bb2b..8f51aaedff 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/settings.json @@ -16,8 +16,16 @@ "update": [] }, "application": { - "read": [], - "update": [] + "read": [ + { + "name": "Organization.Read.All" + } + ], + "update": [ + { + "name": "Organization.Read.All" + } + ] } } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/settings.json index 7f3188173e..a95c14abe1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/settings.json index e123113879..66fb222829 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/MSFT_TeamsTeam.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/MSFT_TeamsTeam.psm1 index f100145246..836e0d6174 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/MSFT_TeamsTeam.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/MSFT_TeamsTeam.psm1 @@ -178,7 +178,9 @@ function Get-TargetResource Write-Verbose -Message "Getting Team {$DisplayName} Owners" [array]$Owners = Get-TeamUser -GroupId $team.GroupId | Where-Object { $_.Role -eq 'owner' } - if ($null -eq $Owners) { # Without Users, Get-TeamUser return null instead on empty array + if ($null -eq $Owners) + { + # Without Users, Get-TeamUser return null instead on empty array $Owners = @() } @@ -426,22 +428,23 @@ function Set-TargetResource { $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` -InboundParameters $PSBoundParameters - $group = New-MgGroup -DisplayName $DisplayName -GroupTypes 'Unified' -MailEnabled $true -SecurityEnabled $true -MailNickname $MailNickName + $group = New-MgGroup -DisplayName $DisplayName -GroupTypes 'Unified' -MailEnabled -SecurityEnabled -MailNickname $MailNickName -ErrorAction Stop $currentOwner = (($CurrentParameters.Owner)[0]) Write-Verbose -Message "Retrieving Group Owner {$currentOwner}" - $ownerUser = Get-MgUser -Search $currentOwner + $ownerUser = Get-MgUser -Search $currentOwner -ConsistencyLevel eventual + $ownerOdataID = "https://graph.microsoft.com/v1.0/directoryObjects/$($ownerUser.Id)" - Write-Verbose -Message "Adding Owner {$($ownerUser.ObjectId)} to Group {$($group.Id)}" + Write-Verbose -Message "Adding Owner {$($ownerUser.Id)} to Group {$($group.Id)}" try { - New-MgGroupOwnerByRef -GroupId $group.Id -RefObjectId $ownerUser.ObjectId -ErrorAction Stop + New-MgGroupOwnerByRef -GroupId $group.Id -OdataId $ownerOdataID -ErrorAction Stop } catch { Write-Verbose -Message 'Adding Owner - Sleeping for 15 seconds' Start-Sleep -Seconds 15 - New-MgGroupOwnerByRef -GroupId $group.Id -RefObjectId $ownerUser.ObjectId + New-MgGroupOwnerByRef -GroupId $group.Id -OdataId $ownerOdataID -ErrorAction Stop } try @@ -452,7 +455,7 @@ function Set-TargetResource { Write-Verbose -Message 'Creating Team - Sleeping for 15 seconds' Start-Sleep -Seconds 15 - New-Team -GroupId $group.Id + New-Team -GroupId $group.Id -ErrorAction Stop } } else diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/settings.json index 00f8da9c9c..b0a859acdd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/settings.json @@ -9,23 +9,59 @@ "graph": { "delegated": { "read": [], - "update": [ + "update": [] + }, + "application": { + "read": [ { - "name": "Group.ReadWrite.All" + "name": "Organization.Read.All" }, { "name": "User.Read.All" + }, + { + "name": "Group.ReadWrite.All" + }, + { + "name": "AppCatalog.ReadWrite.All" + }, + { + "name": "TeamSettings.ReadWrite.All" + }, + { + "name": "Channel.Delete.All" + }, + { + "name": "ChannelSettings.ReadWrite.All" + }, + { + "name": "ChannelMember.ReadWrite.All" } - ] - }, - "application": { - "read": [], + ], "update": [ { - "name": "Group.ReadWrite.All" + "name": "Organization.Read.All" }, { "name": "User.Read.All" + }, + { + "name": "Group.ReadWrite.All" + }, + { + "name": "AppCatalog.ReadWrite.All" + }, + { + "name": "TeamSettings.ReadWrite.All" + }, + { + "name": "Channel.Delete.All" + }, + { + "name": "ChannelSettings.ReadWrite.All" + }, + { + "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/settings.json index 930b841931..65cd70b275 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/settings.json index 97e8cd9738..7cd9f6f960 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/settings.json index a15ecdb7ee..73ceee74ee 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/settings.json index 5744117c04..9964a6c676 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/settings.json index 91cd91a901..6e5f9a2ed3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/settings.json index 3e5b195cdd..1ff8eda6ba 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/settings.json @@ -9,5 +9,24 @@ "Teams Administrator" ] }, - "permissions": [] + "permissions": { + "graph": { + "delegated": { + "read": [], + "update": [] + }, + "application": { + "read": [ + { + "name": "Organization.Read.All" + } + ], + "update": [ + { + "name": "Organization.Read.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/settings.json index 9f39a6b7d4..81b9cc1e06 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/settings.json index dd94199bdc..8dd2e125fe 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/settings.json index a2492103b3..1d93d16c77 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/settings.json index 5e06cb2af3..8f51aaedff 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/settings.json index 3183036251..168d5f2898 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserCallingSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserCallingSettings/settings.json index 5f96938eab..316f1aabb6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserCallingSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserCallingSettings/settings.json @@ -16,8 +16,16 @@ "update": [] }, "application": { - "read": [], - "update": [] + "read": [ + { + "name": "Organization.Read.All" + } + ], + "update": [ + { + "name": "Organization.Read.All" + } + ] } } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/settings.json index 8dc4e8a2fa..a401206d90 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/settings.json index 8b7863510a..adff164f18 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/MSFT_TeamsVoiceRoute.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/MSFT_TeamsVoiceRoute.psm1 index 0e93d5c877..61bf169a38 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/MSFT_TeamsVoiceRoute.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/MSFT_TeamsVoiceRoute.psm1 @@ -171,6 +171,7 @@ function Set-TargetResource [Switch] $ManagedIdentity ) + #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -191,7 +192,7 @@ function Set-TargetResource $notFoundUsageList = @() foreach ($usage in $OnlinePstnUsages) { - if ( -not ($existingUsages -match $usage)) + if (-not ($existingUsages -match $usage)) { $notFoundUsageList += $usage } @@ -208,34 +209,27 @@ function Set-TargetResource $notFoundGatewayList = @() foreach ($gateway in $OnlinePstnGatewayList) { - if ( -not ($existingGateways -match $gateway)) + if (-not ($existingGateways -match $gateway)) { $notFoundGatewayList += $gateway } } - if ($notFoundUsageList) + if ($notFoundGatewayList) { $notFoundGateways = $notFoundGatewayList -join ',' - throw "Please create the Voice Gateway object(s) ($notFoundGateways) using `"TeamsVoiceRoute`"" + throw "Please create the Voice Gateway object(s) ($notFoundGateways) using cmdlet `"New-CsOnlinePSTNGateway`"" } Write-Verbose -Message "Setting Voice Route {$Identity}" $CurrentValues = Get-TargetResource @PSBoundParameters - - $SetParameters = $PSBoundParameters - $SetParameters.Remove('Ensure') | Out-Null - $SetParameters.Remove('Credential') | Out-Null - $SetParameters.Remove('ApplicationId') | Out-Null - $SetParameters.Remove('TenantId') | Out-Null - $SetParameters.Remove('CertificateThumbprint') | Out-Null - $SetParameters.Remove('ManagedIdentity') | Out-Null + $PSBoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters if ($Ensure -eq 'Present' -and $CurrentValues.Ensure -eq 'Absent') { Write-Verbose -Message "Creating a new Voice Route {$Identity}" - New-CsOnlineVoiceRoute @SetParameters + New-CsOnlineVoiceRoute @PSBoundParameters } elseif ($Ensure -eq 'Present' -and $CurrentValues.Ensure -eq 'Present') { @@ -244,12 +238,12 @@ function Set-TargetResource into the Set-CsOnlineVoiceRoute cmdlet. #> Write-Verbose -Message "Updating settings for Voice Route {$Identity}" - Set-CsOnlineVoiceRoute @SetParameters + Set-CsOnlineVoiceRoute @PSBoundParameters } elseif ($Ensure -eq 'Absent' -and $CurrentValues.Ensure -eq 'Present') { Write-Verbose -Message "Removing existing Voice Route {$Identity}" - Remove-CsOnlineVoiceRoute -Identity $Identity -Confirm:$false + Remove-CsOnlineVoiceRoute -Identity $Identity } } @@ -308,6 +302,7 @@ function Test-TargetResource [Switch] $ManagedIdentity ) + #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -323,16 +318,31 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Voice Route {$Identity}" $CurrentValues = Get-TargetResource @PSBoundParameters + $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() + $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck - Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" - Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" + if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + { + Write-Verbose -Message "Test-TargetResource returned $false" + return $false + } + if ($CurrentValues.Ensure -eq 'Absent' -and $PSBoundParameters.Ensure -eq 'Absent') + { + Write-Verbose -Message "Test-TargetResource returned $true" + return $true + } + $TestResult = $true - $ValuesToCheck = $PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" + Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys + if ($TestResult) + { + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys + } Write-Verbose -Message "Test-TargetResource returned $TestResult" @@ -365,6 +375,7 @@ function Export-TargetResource [Switch] $ManagedIdentity ) + $InformationPreference = 'Continue' $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftTeams' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/settings.json index 234e57b78a..741fe4ab9f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoutingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoutingPolicy/settings.json index 3e98c36a43..63ce1df103 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoutingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoutingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/settings.json index 2fdbdb1053..1e851bdd4e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 index 7183bc25aa..4c14b55f3f 100644 --- a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 +++ b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 @@ -2,7 +2,7 @@ Dependencies = @( @{ ModuleName = 'DSCParser' - RequiredVersion = '1.4.0.2' + RequiredVersion = '1.4.0.4' }, @{ ModuleName = 'ExchangeOnlineManagement' @@ -10,71 +10,71 @@ }, @{ ModuleName = 'Microsoft.Graph.Applications' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Authentication' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Devices.CorporateManagement' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement.Administration' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement.Enrollment' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.DirectoryManagement' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.Governance' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.SignIns' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Reports' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Teams' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.DeviceManagement.Administration' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DirectoryObjects' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Groups' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Planner' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Users' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Users.Actions' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.PowerApps.Administration.PowerShell' @@ -82,7 +82,7 @@ }, @{ ModuleName = 'MicrosoftTeams' - RequiredVersion = '5.9.0' + RequiredVersion = '6.0.0' }, @{ ModuleName = "MSCloudLoginAssistant" diff --git a/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/1-Create.ps1 b/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/1-Create.ps1 index ad945407c9..ea3febcd48 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/1-Create.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/1-Create.ps1 @@ -43,7 +43,7 @@ Configuration Example HashAlgorithm = "sha2"; KeySize = "size2048"; KeyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp"; - KeyUsage = "digitalSignature"; + KeyUsage = @("digitalSignature"); RenewalThresholdPercentage = 25; ScepServerUrls = @("https://mydomain.com/certsrv/mscep/mscep.dll"); SubjectAlternativeNameType = "none"; diff --git a/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/2-Update.ps1 b/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/2-Update.ps1 index ee0f026049..93e40032e6 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/2-Update.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/2-Update.ps1 @@ -43,7 +43,7 @@ Configuration Example HashAlgorithm = "sha2"; KeySize = "size2048"; KeyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp"; - KeyUsage = "digitalSignature"; + KeyUsage = @("digitalSignature"); RenewalThresholdPercentage = 30; # Updated Property ScepServerUrls = @("https://mydomain.com/certsrv/mscep/mscep.dll"); SubjectAlternativeNameType = "none"; diff --git a/Modules/Microsoft365DSC/Microsoft365DSC.psd1 b/Modules/Microsoft365DSC/Microsoft365DSC.psd1 index 78deeb1f7e..1c4aa91e5d 100644 --- a/Modules/Microsoft365DSC/Microsoft365DSC.psd1 +++ b/Modules/Microsoft365DSC/Microsoft365DSC.psd1 @@ -3,7 +3,7 @@ # # Generated by: Microsoft Corporation # -# Generated on: 2024-02-21 +# Generated on: 2024-02-28 @{ @@ -11,7 +11,7 @@ # RootModule = '' # Version number of this module. - ModuleVersion = '1.24.221.1' + ModuleVersion = '1.24.228.1' # Supported PSEditions # CompatiblePSEditions = @() @@ -141,37 +141,66 @@ # ReleaseNotes of this module ReleaseNotes = '* AADApplication - * Expose the description field in the resource. + * Show current values of resource in Test-TargetResource + * AADAuthorizationPolicy + * Show current values of resource in Test-TargetResource * AADConditionalAccessPolicy - * Fixing issue where Membership kinds no longer accepted empty values. - ROLLING BACK [#4344](https://github.com/microsoft/Microsoft365DSC/issues/4344) - FIXES [#4347](https://github.com/microsoft/Microsoft365DSC/issues/4347) - * Throws an error if role, user or group was not found in the Set method. - FIXES [#4342](https://github.com/microsoft/Microsoft365DSC/issues/4342) - * EXOAuthenticationPolicyAssignment - * Improved performance by using a filter to retrieve assignments. - * Export now retrieves the user principal name instead of the user id. - * EXOAvailabilityConfig - * Export now retrieves the user principal name instead of the user id. - * EXOCASMailboxPlan - * Added the DisplayName property. - * EXODataClassification - * Added logic to retrieve by name in the GET method if no match found by id. - * EXOMailboxAutoReplyConfiguration - * Added the owner property. - * EXOMailboxPlan - * Added the DisplayName property. - * EXOMailboxSettings - * Export now retrieves instances by User Principal Name instead of GUID. - * EXOPlace - * Added the DisplayName property. - * EXORecipientPermission - * Export now retrieves instances by User Principal Name instead of GUID. - * EXOSharedMailbox - * Added the Identity parameter. + * Improved verbose logging to show that items are being skipped. + * Show current values of resource in Test-TargetResource + * AADExternalIdentityPolicy + * Show current values of resource in Test-TargetResource + * AADGroup + * Fixed issue with single quotes in the display name. + FIXES [#4358](https://github.com/microsoft/Microsoft365DSC/issues/4358) + * Show current values of resource in Test-TargetResource + * AADGroupLifecyclePolicy + * Show current values of resource in Test-TargetResource + * AADGroupsNamingPolicy + * Show current values of resource in Test-TargetResource + * AADGroupsSettings + * Show current values of resource in Test-TargetResource + * AADNamedLocationPolicy + * Show current values of resource in Test-TargetResource + * AADRoleDefinition + * Show current values of resource in Test-TargetResource + * AADRoleSetting + * Show current values of resource in Test-TargetResource + * AADSecurityDefaults + * Show current values of resource in Test-TargetResource + * AADServicePrincipal + * Show current values of resource in Test-TargetResource + * AADTenantDetails + * Show current values of resource in Test-TargetResource + * AADTokenLifetimePolicy + * Show current values of resource in Test-TargetResource + * EXOActiveSyncDeviceAccessRule + * Remove extra property GUID that is stopping EXO integration tests from + running + * IntuneDeviceConfigurationScepCertificatePolicyWindows10 + * Fixes an issue where the keyUsage property format was not correctly handled + * IntuneExploitProtectionPolicyWindows10SettingCatalog + * Fix update and removal of resource when Identity is from another tenant + FIXES [#3962](https://github.com/microsoft/Microsoft365DSC/issues/3962) + * SPOAccessControlSettings + * Added support for the ConditionalAccessPolicy parameter based on the PNP Module + * Teams resources + * Updated required application permissions to support [Application Based Authentication](https://learn.microsoft.com/en-us/microsoftteams/teams-powershell-application-authentication) + * TeamsCallQueue + * Reduce the number of Calls for Export using new cache pattern + FIXES [[#4191](https://github.com/microsoft/Microsoft365DSC/issues/4192)] + * TeamsGuestMeetingConfiguration + * Added the missing parameter AllowTranscription. + FIXES [#4363](https://github.com/microsoft/Microsoft365DSC/issues/4363) + * TeamsTeam + * Corrected Parameters for Graph Commands when creating a new Team + FIXES [#4383](https://github.com/microsoft/Microsoft365DSC/issues/4383) * MISC - * Uninstall-M365DSCOutdatedDependencies - * Outdated Microsoft365DSC-modules are now removed in their entirety.' + * M365DSCDRGUtil + Add new parameter for customizable assignment identifier + * M365DSCUtil + Change heuristics on how to find the mandatory key of the resources to + include them as part of the ResourceInstanceName during their export + FIXES [#4333](https://github.com/microsoft/Microsoft365DSC/issues/4333)' # Flag to indicate whether the module requires explicit user acceptance for install/update # RequireLicenseAcceptance = $false diff --git a/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 index dda43e2796..15f1e908c3 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 @@ -91,59 +91,68 @@ function Add-M365DSCTelemetryEvent $Data.Remove('Principal') | Out-Null # Capture PowerShell Version Info - $Data.Add('PSMainVersion', $PSVersionTable.PSVersion.Major.ToString() + '.' + $PSVersionTable.PSVersion.Minor.ToString()) - $Data.Add('PSVersion', $PSVersionTable.PSVersion.ToString()) - $Data.Add('PSEdition', $PSVersionTable.PSEdition.ToString()) + if (-not $Data.Keys.Contains('PSMainVersion')) + { + $Data.Add('PSMainVersion', $PSVersionTable.PSVersion.Major.ToString() + '.' + $PSVersionTable.PSVersion.Minor.ToString()) + } + if (-not $Data.Keys.Contains('PSVersion')) + { + $Data.Add('PSVersion', $PSVersionTable.PSVersion.ToString()) + } + if (-not $Data.Keys.Contains('PSEdition')) + { + $Data.Add('PSEdition', $PSVersionTable.PSEdition.ToString()) + } - if ($null -ne $PSVersionTable.BuildVersion) + if ($null -ne $PSVersionTable.BuildVersion -and -not $Data.Keys.Contains('PSBuildVersion')) { $Data.Add('PSBuildVersion', $PSVersionTable.BuildVersion.ToString()) } - if ($null -ne $PSVersionTable.CLRVersion) + if ($null -ne $PSVersionTable.CLRVersion -and -not $Data.Keys.Contains('PSCLRVersion')) { $Data.Add('PSCLRVersion', $PSVersionTable.CLRVersion.ToString()) } # Capture Console/Host Information - if ($host.Name -eq 'ConsoleHost' -and $null -eq $env:WT_SESSION) + if ($host.Name -eq 'ConsoleHost' -and $null -eq $env:WT_SESSION -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'Console') } - elseif ($host.Name -eq 'Windows PowerShell ISE Host') + elseif ($host.Name -eq 'Windows PowerShell ISE Host' -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'ISE') } - elseif ($host.Name -eq 'ConsoleHost' -and $null -ne $env:WT_SESSION) + elseif ($host.Name -eq 'ConsoleHost' -and $null -ne $env:WT_SESSION -and -not $Data.Keys.Contains('PowerShellAgent')) { - $Data.Add('PowerShellAgent', 'Windows Terminal') + $Data.Add('PowerShellAgent', 'Windows Terminal' -and -not $Data.Keys.Contains('PowerShellAgent')) } elseif ($host.Name -eq 'ConsoleHost' -and $null -eq $env:WT_SESSION -and ` - $null -ne $env:BUILD_BUILDID -and $env:SYSTEM -eq 'build') + $null -ne $env:BUILD_BUILDID -and $env:SYSTEM -eq 'build' -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'Azure DevOPS') $Data.Add('AzureDevOPSPipelineType', 'Build') $Data.Add('AzureDevOPSAgent', $env:POWERSHELL_DISTRIBUTION_CHANNEL) } elseif ($host.Name -eq 'ConsoleHost' -and $null -eq $env:WT_SESSION -and ` - $null -ne $env:BUILD_BUILDID -and $env:SYSTEM -eq 'release') + $null -ne $env:BUILD_BUILDID -and $env:SYSTEM -eq 'release' -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'Azure DevOPS') $Data.Add('AzureDevOPSPipelineType', 'Release') $Data.Add('AzureDevOPSAgent', $env:POWERSHELL_DISTRIBUTION_CHANNEL) } elseif ($host.Name -eq 'Default Host' -and ` - $null -ne $env:APPSETTING_FUNCTIONS_EXTENSION_VERSION) + $null -ne $env:APPSETTING_FUNCTIONS_EXTENSION_VERSION -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'Azure Function') $Data.Add('AzureFunctionWorkerVersion', $env:FUNCTIONS_WORKER_RUNTIME_VERSION) } - elseif ($host.Name -eq 'CloudShell') + elseif ($host.Name -eq 'CloudShell' -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'Cloud Shell') } - if ($null -ne $Data.Resource) + if ($null -ne $Data.Resource -and -not $Data.Keys.Contains('Resource')) { if ($Data.Resource.StartsWith('MSFT_AAD') -or $Data.Resource.StartsWith('AAD')) { diff --git a/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 index b1cd66ae9e..2c18e4de0f 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 @@ -128,7 +128,7 @@ function Convert-M365DscHashtableToString ) $values = @() - $parametersToObfuscate = @('ApplicationId', 'ApplicationSecret', 'TenantId', 'CertificateThumbprint', 'CertificatePath', 'CertificatePassword', 'Credential') + $parametersToObfuscate = @('ApplicationId', 'ApplicationSecret', 'TenantId', 'CertificateThumbprint', 'CertificatePath', 'CertificatePassword', 'Credential', 'Password') foreach ($pair in $Hashtable.GetEnumerator()) { try @@ -172,7 +172,7 @@ function Convert-M365DscHashtableToString } [array]::Sort($values) - return ($values -join "`r`n") + return ($values -join [Environment]::NewLine) } <# @@ -577,6 +577,19 @@ function Test-M365DSCParameterState #endregion $returnValue = $true + $TenantName = Get-M365DSCTenantNameFromParameterSet -ParameterSet $DesiredValues + + #region Telemetry - Evaluation + $dataEvaluation = [System.Collections.Generic.Dictionary[[String], [String]]]::new() + $dataEvaluation.Add('Resource', "$Source") + $dataEvaluation.Add('Method', 'Test-TargetResource') + $dataEvaluation.Add('Tenant', $TenantName) + $ValuesToCheckData = $ValuesToCheck | Where-Object -FilterScript {$_ -ne 'Verbose'} + $dataEvaluation.Add('Parameters', $ValuesToCheckData -join "`r`n") + $dataEvaluation.Add('ParametersCount', $ValuesToCheckData.Length) + Add-M365DSCTelemetryEvent -Type 'DriftEvaluation' -Data $dataEvaluation + #endregion + $DriftedParameters = @{} $DriftObject = @{ DriftInfo = @{} @@ -941,7 +954,6 @@ function Test-M365DSCParameterState { $EventMessage = [System.Text.StringBuilder]::New() $EventMessage.Append("`r`n") | Out-Null - $TenantName = Get-M365DSCTenantNameFromParameterSet -ParameterSet $DesiredValues Write-Verbose -Message "Found Tenant Name: $TenantName" $EventMessage.Append(" `r`n") | Out-Null $EventMessage.Append(" `r`n") | Out-Null @@ -951,7 +963,6 @@ function Test-M365DSCParameterState $DriftObject.Add('Tenant', $TenantName) $driftedData.Add('Resource', $source.Split('_')[1]) $DriftObject.Add('Resource', $source.Split('_')[1]) - $driftedData.Add('Event', 'DriftedParameter') # If custom App Insights is specified, allow for the current and desired values to be captured; # ISSUE #1222 @@ -1218,6 +1229,7 @@ function Export-M365DSCConfiguration [Switch] $Validate ) + $currentStartDateTime = [System.DateTime]::Now $Global:M365DSCExportInProgress = $true $Global:MaximumFunctionCount = 32767 @@ -1395,6 +1407,11 @@ function Export-M365DSCConfiguration $Global:M365DSCExportedResourceInstancesNames = $null $Global:M365DSCExportInProgress = $false + $data = [System.Collections.Generic.Dictionary[[String], [String]]]::new() + $data.Add('Tenant', $Tenant) + $data.Add('M365DSCExportId', $currentExportID) + $timeTaken = [System.DateTime]::Now.Subtract($currentStartDateTime) + $data.Add('TotalSeconds',$timeTaken.TotalSeconds) Add-M365DSCTelemetryEvent -Type 'ExportCompleted' -Data $data } diff --git a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.INTUNE.Create.Tests.ps1 b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.INTUNE.Create.Tests.ps1 index a9463d7e84..d524887a3e 100644 --- a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.INTUNE.Create.Tests.ps1 +++ b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.INTUNE.Create.Tests.ps1 @@ -1697,7 +1697,7 @@ HashAlgorithm = "sha2"; KeySize = "size2048"; KeyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp"; - KeyUsage = "digitalSignature"; + KeyUsage = @("digitalSignature"); RenewalThresholdPercentage = 25; ScepServerUrls = @("https://mydomain.com/certsrv/mscep/mscep.dll"); SubjectAlternativeNameType = "none"; diff --git a/Tests/QA/Microsoft365DSC.SettingsJson.Tests.ps1 b/Tests/QA/Microsoft365DSC.SettingsJson.Tests.ps1 index d4f856f750..0802afe87a 100644 --- a/Tests/QA/Microsoft365DSC.SettingsJson.Tests.ps1 +++ b/Tests/QA/Microsoft365DSC.SettingsJson.Tests.ps1 @@ -15,7 +15,7 @@ Describe -Name 'Successfully import Settings.json files' { } } -Describe -Name 'Successfully validate all used permissions in Settings.json files' { +Describe -Name 'Successfully validate all used permissions in Settings.json files ' { BeforeAll { $data = Invoke-WebRequest -Uri 'https://graphpermissions.azurewebsites.net/api/GetPermissionList' $roles = $data.Content.Split('|')[0].Split(',') @@ -25,7 +25,7 @@ Describe -Name 'Successfully validate all used permissions in Settings.json file $delegated = $data.Content.Split('|')[1].Split(',') } - It "Permissions used in settings.json file for '' should exist" -TestCases $settingsFiles { + It "Permissions used in settings.json file for '' should exist" -TestCases $settingsFiles { $json = Get-Content -Path $FullName -Raw $settings = ConvertFrom-Json -InputObject $json foreach ($permission in $settings.permissions.graph.application.read) @@ -33,10 +33,57 @@ Describe -Name 'Successfully validate all used permissions in Settings.json file # Only validate non-GUID (hidden) permissions. $ObjectGuid = [System.Guid]::empty # There is an issue where the GUI shows Tasks.Read.All but the OAuth value is actually Tasks.Read - if (-not [System.Guid]::TryParse($permission.Name ,[System.Management.Automation.PSReference]$ObjectGuid) -and + if (-not [System.Guid]::TryParse($permission.Name , [System.Management.Automation.PSReference]$ObjectGuid) -and $permission.Name -ne 'Tasks.Read.All') { - $permission.Name | Should -BeIn $roles + $permission.Name | Should -BeIn $roles -ErrorAction Continue + } + } + foreach ($permission in $settings.permissions.graph.application.write) + { + # Only validate non-GUID (hidden) permissions. + $ObjectGuid = [System.Guid]::empty + if (-not [System.Guid]::TryParse($permission.Name , [System.Management.Automation.PSReference]$ObjectGuid)) + { + $permission.Name | Should -BeIn $roles -ErrorAction Continue + } + } + } + + It "Should use the least permissions for ''" -TestCase $settingsFiles { + $json = Get-Content -Path $FullName -Raw + $settings = ConvertFrom-Json -InputObject $json + + $allowedPermissions = @() + + if ($settings.ResourceName -like 'Teams*') + { + $allowedPermissions = @( + 'Organization.Read.All', + 'User.Read.All', + 'Group.ReadWrite.All', + 'AppCatalog.ReadWrite.All', + 'TeamSettings.ReadWrite.All', + 'Channel.Delete.All', + 'ChannelSettings.ReadWrite.All', + 'ChannelMember.ReadWrite.All' + ) + } + if ($settings.ResourceName -like 'AADAuthenticationMethod*' -or $settings.ResourceName -eq 'AADAuthenticationStrengthPolicy') + { + $allowedPermissions = @( + 'Policy.ReadWrite.AuthenticationMethod' + ) + } + + foreach ($permission in $settings.permissions.graph.application.read) + { + $ObjectGuid = [System.Guid]::empty + # There is an issue where the GUI shows Tasks.Read.All but the OAuth value is actually Tasks.Read + if (-not [System.Guid]::TryParse($permission.Name , [System.Management.Automation.PSReference]$ObjectGuid) -and + $permission.Name -ne 'Tasks.Read.All' -and -not ($permission.Name -in $allowedPermissions)) + { + $permission.Name | Should -BeLike '*.Read.*' -ErrorAction Continue } } } diff --git a/Tests/TestHarness.psm1 b/Tests/TestHarness.psm1 index bcfbdc4cb9..4eb369f6e9 100644 --- a/Tests/TestHarness.psm1 +++ b/Tests/TestHarness.psm1 @@ -68,17 +68,17 @@ function Invoke-TestHarness $testsToRun += @( $commonTestFiles.FullName ) $filesToExecute = @() - if ($DscTestsPath -ne "") - { - $filesToExecute += $DscTestsPath - } - else - { - foreach ($testToRun in $testsToRun) - { - $filesToExecute += $testToRun - } - } + if ($DscTestsPath -ne '') + { + $filesToExecute += $DscTestsPath + } + else + { + foreach ($testToRun in $testsToRun) + { + $filesToExecute += $testToRun + } + } $Params = [ordered]@{ Path = $filesToExecute @@ -94,6 +94,9 @@ function Invoke-TestHarness Output = @{ Verbosity = 'Normal' } + Should = @{ + ErrorAction = 'Continue' + } } if ([String]::IsNullOrEmpty($TestResultsFile) -eq $false) @@ -169,6 +172,9 @@ function Invoke-QualityChecksHarness Output = @{ Verbosity = 'Detailed' } + Should = @{ + ErrorAction = 'Continue' + } } $results = Invoke-Pester -Configuration $Configuration diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationScepCertificatePolicyWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationScepCertificatePolicyWindows10.Tests.ps1 index 0c7f8e3b5e..3db238b35c 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationScepCertificatePolicyWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationScepCertificatePolicyWindows10.Tests.ps1 @@ -54,16 +54,22 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName Get-MgBetaDeviceManagementDeviceConfigurationAssignment -MockWith { } - Mock -CommandName Get-DeviceConfigurationPolicyRootCertificateId -MockWith { - return "00000000-0000-0000-0000-000000000000" + Mock -CommandName Get-DeviceConfigurationPolicyRootCertificate -MockWith { + return @{ + Id = "00000000-0000-0000-0000-000000000000" + DisplayName = "RootCertificate" + } } Mock -CommandName Update-DeviceConfigurationPolicyRootCertificateId -MockWith { } } + # Test contexts Context -Name "The IntuneDeviceConfigurationScepCertificatePolicyWindows10 should exist but it DOES NOT" -Fixture { BeforeAll { + $RootCertificateId = ([Guid]::Empty).ToString() + $testParams = @{ CertificateStore = "user" certificateValidityPeriodScale = "days" @@ -86,14 +92,15 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { id = "FakeStringValue" KeySize = "size1024" keyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp" - KeyUsage = "keyEncipherment" + KeyUsage = @("keyEncipherment") renewalThresholdPercentage = 25 ScepServerUrls = @("FakeStringValue") SubjectAlternativeNameFormatString = "FakeStringValue" subjectAlternativeNameType = "none" subjectNameFormat = "commonName" SubjectNameFormatString = "FakeStringValue" - RootCertificateId = "00000000-0000-0000-0000-000000000000" + RootCertificateId = $RootCertificateId + RootCertificateDisplayName = "RootCertificate" Ensure = "Present" Credential = $Credential; } @@ -101,6 +108,17 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName Get-MgBetaDeviceManagementDeviceConfiguration -MockWith { return $null } + + Mock -CommandName Get-MgBetaDeviceManagementDeviceConfiguration -ParameterFilter { $DeviceConfigurationId -eq $RootCertificateId } -MockWith { + $AdditionalProperties = @{} + $AdditionalProperties.'@odata.type' = "#microsoft.graph.windows81TrustedRootCertificate" + + return @{ + Id = $RootCertificateId + DisplayName = "RootCertificate" + AdditionalProperties = $AdditionalProperties + } + } } It 'Should return Values from the Get method' { (Get-TargetResource @testParams).Ensure | Should -Be 'Absent' @@ -138,14 +156,15 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { id = "FakeStringValue" KeySize = "size1024" keyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp" - KeyUsage = "keyEncipherment" + KeyUsage = @("keyEncipherment") renewalThresholdPercentage = 25 ScepServerUrls = @("FakeStringValue") SubjectAlternativeNameFormatString = "FakeStringValue" subjectAlternativeNameType = "none" subjectNameFormat = "commonName" SubjectNameFormatString = "FakeStringValue" - RootCertificateId = "00000000-0000-0000-0000-000000000000" + RootCertificateId = $RootCertificateId + RootCertificateDisplayName = "RootCertificate" Ensure = 'Absent' Credential = $Credential; } @@ -225,7 +244,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { id = "FakeStringValue" KeySize = "size1024" keyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp" - KeyUsage = "keyEncipherment" + KeyUsage = @("keyEncipherment") renewalThresholdPercentage = 25 ScepServerUrls = @("FakeStringValue") SubjectAlternativeNameFormatString = "FakeStringValue" @@ -233,6 +252,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { subjectNameFormat = "commonName" SubjectNameFormatString = "FakeStringValue" RootCertificateId = "00000000-0000-0000-0000-000000000000" + RootCertificateDisplayName = "RootCertificate" Ensure = 'Present' Credential = $Credential; } @@ -283,6 +303,8 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name "The IntuneDeviceConfigurationScepCertificatePolicyWindows10 exists and values are NOT in the desired state" -Fixture { BeforeAll { + $RootCertificateId = ([Guid]::Empty).ToString() + $testParams = @{ CertificateStore = "user" certificateValidityPeriodScale = "days" @@ -305,14 +327,15 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { id = "FakeStringValue" KeySize = "size1024" keyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp" - KeyUsage = "keyEncipherment" + KeyUsage = @("keyEncipherment") renewalThresholdPercentage = 25 ScepServerUrls = @("FakeStringValue") SubjectAlternativeNameFormatString = "FakeStringValue" subjectAlternativeNameType = "none" subjectNameFormat = "commonName" SubjectNameFormatString = "FakeStringValue" - RootCertificateId = "00000000-0000-0000-0000-000000000000" + RootCertificateId = $RootCertificateId + RootCertificateDisplayName = "RootCertificate" Ensure = 'Present' Credential = $Credential; } @@ -352,6 +375,17 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { id = "FakeStringValue" } } + + Mock -CommandName Get-MgBetaDeviceManagementDeviceConfiguration -ParameterFilter { $DeviceConfigurationId -eq $RootCertificateId } -MockWith { + $AdditionalProperties = @{} + $AdditionalProperties.'@odata.type' = "#microsoft.graph.windows81TrustedRootCertificate" + + return @{ + Id = $RootCertificateId + DisplayName = "RootCertificate" + AdditionalProperties = $AdditionalProperties + } + } } It 'Should return Values from the Get method' { diff --git a/docs/docs/resources/azure-ad/AADEntitlementManagementConnectedOrganization.md b/docs/docs/resources/azure-ad/AADEntitlementManagementConnectedOrganization.md index 6c2914836d..fce8dfcbf3 100644 --- a/docs/docs/resources/azure-ad/AADEntitlementManagementConnectedOrganization.md +++ b/docs/docs/resources/azure-ad/AADEntitlementManagementConnectedOrganization.md @@ -47,7 +47,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All + - EntitlementManagement.Read.All - **Update** @@ -57,7 +57,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All + - EntitlementManagement.Read.All - **Update** diff --git a/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md b/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md index a01025ad0e..bffe0299bc 100644 --- a/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md +++ b/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md @@ -112,7 +112,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - RoleEligibilitySchedule.ReadWrite.Directory + - RoleEligibilitySchedule.Read.Directory - **Update** diff --git a/docs/docs/resources/azure-ad/AADRoleSetting.md b/docs/docs/resources/azure-ad/AADRoleSetting.md index efe34daf60..30afa353ad 100644 --- a/docs/docs/resources/azure-ad/AADRoleSetting.md +++ b/docs/docs/resources/azure-ad/AADRoleSetting.md @@ -44,6 +44,9 @@ | **EligibleAssignmentAssigneeNotificationDefaultRecipient** | Write | Boolean | Send notifications when eligible members activate this role: Notification to activated user (requestor), default recipient (True/False) | | | **EligibleAssignmentAssigneeNotificationAdditionalRecipient** | Write | StringArray[] | Send notifications when eligible members activate this role: Notification to activated user (requestor), additional recipient (UPN) | | | **EligibleAssignmentAssigneeNotificationOnlyCritical** | Write | Boolean | Send notifications when eligible members activate this role: Notification to activated user (requestor), only critical Email (True/False) | | +| **AuthenticationContextRequired** | Write | Boolean | Authorization context is required (True/False) | | +| **AuthenticationContextName** | Write | String | Descriptive name of associated authorization context | | +| **AuthenticationContextId** | Write | String | Authorization context id | | | **Ensure** | Write | String | Specify if the Azure AD role setting should exist or not. | `Present` | | **Credential** | Write | PSCredential | Credentials for the Microsoft Graph delegated permissions. | | | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. | | diff --git a/docs/docs/resources/exchange/EXOHostedContentFilterPolicy.md b/docs/docs/resources/exchange/EXOHostedContentFilterPolicy.md index 5602e6275a..7d6b16263d 100644 --- a/docs/docs/resources/exchange/EXOHostedContentFilterPolicy.md +++ b/docs/docs/resources/exchange/EXOHostedContentFilterPolicy.md @@ -30,6 +30,7 @@ | **IncreaseScoreWithNumericIps** | Write | String | The IncreaseScoreWithNumericIps parameter increases the spam score of messages that contain links to IP addresses. Valid values for this parameter are Off, On or Test. The default value is Off. | `Off`, `On`, `Test` | | **IncreaseScoreWithRedirectToOtherPort** | Write | String | The IncreaseScoreWithRedirectToOtherPort parameter increases the spam score of messages that contain links that redirect to other TCP ports. Valid values for this parameter are Off, On or Test. The default value is Off. | `Off`, `On`, `Test` | | **InlineSafetyTipsEnabled** | Write | Boolean | The InlineSafetyTipsEnabled parameter specifies whether to enable or disable safety tips that are shown to recipients in messages. The default is $true | | +| **IntraOrgFilterState** | Write | String | The IntraOrgFilterState parameter specifies whether to enable anti-spam filtering for messages sent between internal users (users in the same organization). | `Default`, `HighConfidencePhish`, `Phish`, `HighConfidenceSpam`, `Spam`, `Disabled` | | **LanguageBlockList** | Write | StringArray[] | The LanguageBlockList parameter specifies the languages to block when messages are blocked based on their language. Valid input for this parameter is a supported ISO 639-1 lowercase two-letter language code. You can specify multiple values separated by commas. This parameter is only use when the EnableRegionBlockList parameter is set to $true. | | | **MakeDefault** | Write | Boolean | The MakeDefault parameter makes the specified content filter policy the default content filter policy. The default value is $false | | | **MarkAsSpamBulkMail** | Write | String | The MarkAsSpamBulkMail parameter classifies the message as spam when the message is identified as a bulk email message. Valid values for this parameter are Off, On or Test. The default value is On. | `Off`, `On`, `Test` | diff --git a/docs/docs/resources/intune/IntuneDeviceConfigurationScepCertificatePolicyWindows10.md b/docs/docs/resources/intune/IntuneDeviceConfigurationScepCertificatePolicyWindows10.md index 79cc1a4460..4528947998 100644 --- a/docs/docs/resources/intune/IntuneDeviceConfigurationScepCertificatePolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneDeviceConfigurationScepCertificatePolicyWindows10.md @@ -7,7 +7,7 @@ | **CertificateStore** | Write | String | Target store certificate. Possible values are: user, machine. | `user`, `machine` | | **HashAlgorithm** | Write | String | SCEP Hash Algorithm. Possible values are: sha1, sha2. | `sha1`, `sha2` | | **KeySize** | Write | String | SCEP Key Size. Possible values are: size1024, size2048, size4096. | `size1024`, `size2048`, `size4096` | -| **KeyUsage** | Write | String | SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature. | `keyEncipherment`, `digitalSignature` | +| **KeyUsage** | Write | StringArray[] | SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature. | `keyEncipherment`, `digitalSignature` | | **ScepServerUrls** | Write | StringArray[] | SCEP Server Url(s). | | | **SubjectAlternativeNameFormatString** | Write | String | Custom String that defines the AAD Attribute. | | | **SubjectNameFormatString** | Write | String | Custom format to use with SubjectNameFormat = Custom. Example: CN={{UserName}},E={{EmailAddress}},OU=Enterprise Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US | | @@ -19,6 +19,7 @@ | **RenewalThresholdPercentage** | Write | UInt32 | Certificate renewal threshold percentage. Valid values 1 to 99 | | | **SubjectAlternativeNameType** | Write | String | Certificate Subject Alternative Name Type. Possible values are: none, emailAddress, userPrincipalName, customAzureADAttribute, domainNameService, universalResourceIdentifier. | `none`, `emailAddress`, `userPrincipalName`, `customAzureADAttribute`, `domainNameService`, `universalResourceIdentifier` | | **SubjectNameFormat** | Write | String | Certificate Subject Name Format. Possible values are: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, commonNameAsDurableDeviceId. | `commonName`, `commonNameIncludingEmail`, `commonNameAsEmail`, `custom`, `commonNameAsIMEI`, `commonNameAsSerialNumber`, `commonNameAsAadDeviceId`, `commonNameAsIntuneDeviceId`, `commonNameAsDurableDeviceId` | +| **RootCertificateDisplayName** | Write | String | Trusted Root Certificate DisplayName | | | **RootCertificateId** | Write | String | Trusted Root Certificate Id | | | **Description** | Write | String | Admin provided description of the Device Configuration. | | | **DisplayName** | Key | String | Admin provided name of the device configuration. | | @@ -142,7 +143,7 @@ Configuration Example HashAlgorithm = "sha2"; KeySize = "size2048"; KeyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp"; - KeyUsage = "digitalSignature"; + KeyUsage = @("digitalSignature"); RenewalThresholdPercentage = 25; ScepServerUrls = @("https://mydomain.com/certsrv/mscep/mscep.dll"); SubjectAlternativeNameType = "none"; @@ -200,7 +201,7 @@ Configuration Example HashAlgorithm = "sha2"; KeySize = "size2048"; KeyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp"; - KeyUsage = "digitalSignature"; + KeyUsage = @("digitalSignature"); RenewalThresholdPercentage = 30; # Updated Property ScepServerUrls = @("https://mydomain.com/certsrv/mscep/mscep.dll"); SubjectAlternativeNameType = "none"; diff --git a/docs/docs/resources/office365/O365OrgSettings.md b/docs/docs/resources/office365/O365OrgSettings.md index 6f462f9560..4f3ddf2b1f 100644 --- a/docs/docs/resources/office365/O365OrgSettings.md +++ b/docs/docs/resources/office365/O365OrgSettings.md @@ -53,21 +53,21 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Application.Read.All, ReportSettings.Read.All, OrgSettings-Forms.Read.All, OrgSettings-Todo.Read.All, OrgSettings-AppsAndServices.Read.All, OrgSettings-DynamicsVoice.Read.All + - Application.Read.All, ReportSettings.Read.All, OrgSettings-Microsoft365Install.Read.All, OrgSettings-Forms.Read.All, OrgSettings-Todo.Read.All, OrgSettings-AppsAndServices.Read.All, OrgSettings-DynamicsVoice.Read.All - **Update** - - Application.ReadWrite.All, ReportSettings.ReadWrite.All, OrgSettings-Forms.ReadWrite.All, OrgSettings-Todo.ReadWrite.All, OrgSettings-DynamicsVoice.ReadWrite.All, OrgSettings-AppsAndServices.Read.All + - Application.ReadWrite.All, ReportSettings.ReadWrite.All, OrgSettings-Microsoft365Install.ReadWrite.All, OrgSettings-Forms.ReadWrite.All, OrgSettings-Todo.ReadWrite.All, OrgSettings-DynamicsVoice.ReadWrite.All, OrgSettings-AppsAndServices.Read.All #### Application permissions - **Read** - - Application.Read.All, ReportSettings.Read.All, OrgSettings-Forms.Read.All, OrgSettings-Todo.Read.All, OrgSettings-AppsAndServices.Read.All, OrgSettings-DynamicsVoice.Read.All, Tasks.Read.All + - Application.Read.All, ReportSettings.Read.All, OrgSettings-Microsoft365Install.Read.All, OrgSettings-Forms.Read.All, OrgSettings-Todo.Read.All, OrgSettings-AppsAndServices.Read.All, OrgSettings-DynamicsVoice.Read.All, Tasks.Read.All - **Update** - - Application.ReadWrite.All, ReportSettings.ReadWrite.All, 83f7232f-763c-47b2-a097-e35d2cbe1da5, OrgSettings-Forms.ReadWrite.All, OrgSettings-Todo.ReadWrite.All, OrgSettings-AppsAndServices.ReadWrite.All, OrgSettings-DynamicsVoice.ReadWrite.All, Tasks.ReadWrite.All + - Application.ReadWrite.All, ReportSettings.ReadWrite.All, OrgSettings-Microsoft365Install.ReadWrite.All, OrgSettings-Forms.ReadWrite.All, OrgSettings-Todo.ReadWrite.All, OrgSettings-AppsAndServices.ReadWrite.All, OrgSettings-DynamicsVoice.ReadWrite.All, Tasks.ReadWrite.All ## Examples diff --git a/docs/docs/resources/teams/TeamsAppPermissionPolicy.md b/docs/docs/resources/teams/TeamsAppPermissionPolicy.md index adea192f37..54981671f3 100644 --- a/docs/docs/resources/teams/TeamsAppPermissionPolicy.md +++ b/docs/docs/resources/teams/TeamsAppPermissionPolicy.md @@ -44,11 +44,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsAppSetupPolicy.md b/docs/docs/resources/teams/TeamsAppSetupPolicy.md index 4b367832d3..ce03425221 100644 --- a/docs/docs/resources/teams/TeamsAppSetupPolicy.md +++ b/docs/docs/resources/teams/TeamsAppSetupPolicy.md @@ -44,11 +44,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsAudioConferencingPolicy.md b/docs/docs/resources/teams/TeamsAudioConferencingPolicy.md index 58aa90102e..5b8620724c 100644 --- a/docs/docs/resources/teams/TeamsAudioConferencingPolicy.md +++ b/docs/docs/resources/teams/TeamsAudioConferencingPolicy.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsCallHoldPolicy.md b/docs/docs/resources/teams/TeamsCallHoldPolicy.md index 58c8c000f3..ce7fb518a5 100644 --- a/docs/docs/resources/teams/TeamsCallHoldPolicy.md +++ b/docs/docs/resources/teams/TeamsCallHoldPolicy.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsCallParkPolicy.md b/docs/docs/resources/teams/TeamsCallParkPolicy.md index 2ae81d96be..dcd61f6ef1 100644 --- a/docs/docs/resources/teams/TeamsCallParkPolicy.md +++ b/docs/docs/resources/teams/TeamsCallParkPolicy.md @@ -42,11 +42,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsCallQueue.md b/docs/docs/resources/teams/TeamsCallQueue.md index 6c93ecf12f..5496f1c8a1 100644 --- a/docs/docs/resources/teams/TeamsCallQueue.md +++ b/docs/docs/resources/teams/TeamsCallQueue.md @@ -83,11 +83,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsCallingPolicy.md b/docs/docs/resources/teams/TeamsCallingPolicy.md index 53978c5ba9..c493f9ed1f 100644 --- a/docs/docs/resources/teams/TeamsCallingPolicy.md +++ b/docs/docs/resources/teams/TeamsCallingPolicy.md @@ -59,11 +59,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsChannelsPolicy.md b/docs/docs/resources/teams/TeamsChannelsPolicy.md index 279c5730af..71786efc6c 100644 --- a/docs/docs/resources/teams/TeamsChannelsPolicy.md +++ b/docs/docs/resources/teams/TeamsChannelsPolicy.md @@ -46,11 +46,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsClientConfiguration.md b/docs/docs/resources/teams/TeamsClientConfiguration.md index 091eb128b1..0eca16bb44 100644 --- a/docs/docs/resources/teams/TeamsClientConfiguration.md +++ b/docs/docs/resources/teams/TeamsClientConfiguration.md @@ -51,11 +51,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsComplianceRecordingPolicy.md b/docs/docs/resources/teams/TeamsComplianceRecordingPolicy.md index c82b70a65f..c6d6bcf8fa 100644 --- a/docs/docs/resources/teams/TeamsComplianceRecordingPolicy.md +++ b/docs/docs/resources/teams/TeamsComplianceRecordingPolicy.md @@ -42,11 +42,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsCortanaPolicy.md b/docs/docs/resources/teams/TeamsCortanaPolicy.md index 1662b06d23..77711f3472 100644 --- a/docs/docs/resources/teams/TeamsCortanaPolicy.md +++ b/docs/docs/resources/teams/TeamsCortanaPolicy.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsDialInConferencingTenantSettings.md b/docs/docs/resources/teams/TeamsDialInConferencingTenantSettings.md index 3dfe805be0..c3df146713 100644 --- a/docs/docs/resources/teams/TeamsDialInConferencingTenantSettings.md +++ b/docs/docs/resources/teams/TeamsDialInConferencingTenantSettings.md @@ -49,11 +49,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsEmergencyCallingPolicy.md b/docs/docs/resources/teams/TeamsEmergencyCallingPolicy.md index 9acf97d8f0..88f1da5c48 100644 --- a/docs/docs/resources/teams/TeamsEmergencyCallingPolicy.md +++ b/docs/docs/resources/teams/TeamsEmergencyCallingPolicy.md @@ -45,11 +45,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsEnhancedEncryptionPolicy.md b/docs/docs/resources/teams/TeamsEnhancedEncryptionPolicy.md index 6936115dad..34dd107d63 100644 --- a/docs/docs/resources/teams/TeamsEnhancedEncryptionPolicy.md +++ b/docs/docs/resources/teams/TeamsEnhancedEncryptionPolicy.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsEventsPolicy.md b/docs/docs/resources/teams/TeamsEventsPolicy.md index 3191a689fa..c16254da1d 100644 --- a/docs/docs/resources/teams/TeamsEventsPolicy.md +++ b/docs/docs/resources/teams/TeamsEventsPolicy.md @@ -48,11 +48,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsFederationConfiguration.md b/docs/docs/resources/teams/TeamsFederationConfiguration.md index 90e9481a2f..6a1c805e18 100644 --- a/docs/docs/resources/teams/TeamsFederationConfiguration.md +++ b/docs/docs/resources/teams/TeamsFederationConfiguration.md @@ -47,11 +47,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsFeedbackPolicy.md b/docs/docs/resources/teams/TeamsFeedbackPolicy.md index e85811f97d..7346a0ed0f 100644 --- a/docs/docs/resources/teams/TeamsFeedbackPolicy.md +++ b/docs/docs/resources/teams/TeamsFeedbackPolicy.md @@ -45,11 +45,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsFilesPolicy.md b/docs/docs/resources/teams/TeamsFilesPolicy.md index e9986b58a8..37d5fbcc98 100644 --- a/docs/docs/resources/teams/TeamsFilesPolicy.md +++ b/docs/docs/resources/teams/TeamsFilesPolicy.md @@ -41,11 +41,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md b/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md index 6bab7bfdd3..4b758add75 100644 --- a/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md +++ b/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsGuestCallingConfiguration.md b/docs/docs/resources/teams/TeamsGuestCallingConfiguration.md index 9f72539d71..67724658a8 100644 --- a/docs/docs/resources/teams/TeamsGuestCallingConfiguration.md +++ b/docs/docs/resources/teams/TeamsGuestCallingConfiguration.md @@ -38,11 +38,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsGuestMeetingConfiguration.md b/docs/docs/resources/teams/TeamsGuestMeetingConfiguration.md index b5d2368b6c..3bb1d96cb7 100644 --- a/docs/docs/resources/teams/TeamsGuestMeetingConfiguration.md +++ b/docs/docs/resources/teams/TeamsGuestMeetingConfiguration.md @@ -42,11 +42,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsGuestMessagingConfiguration.md b/docs/docs/resources/teams/TeamsGuestMessagingConfiguration.md index 0e2e710589..9a00b4bd83 100644 --- a/docs/docs/resources/teams/TeamsGuestMessagingConfiguration.md +++ b/docs/docs/resources/teams/TeamsGuestMessagingConfiguration.md @@ -46,11 +46,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsIPPhonePolicy.md b/docs/docs/resources/teams/TeamsIPPhonePolicy.md index 33c3137d97..2c9e385946 100644 --- a/docs/docs/resources/teams/TeamsIPPhonePolicy.md +++ b/docs/docs/resources/teams/TeamsIPPhonePolicy.md @@ -44,11 +44,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMeetingBroadcastConfiguration.md b/docs/docs/resources/teams/TeamsMeetingBroadcastConfiguration.md index a8aa7c45fc..11d4bd0b09 100644 --- a/docs/docs/resources/teams/TeamsMeetingBroadcastConfiguration.md +++ b/docs/docs/resources/teams/TeamsMeetingBroadcastConfiguration.md @@ -43,11 +43,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMeetingBroadcastPolicy.md b/docs/docs/resources/teams/TeamsMeetingBroadcastPolicy.md index 51d09e22e0..f0deee833a 100644 --- a/docs/docs/resources/teams/TeamsMeetingBroadcastPolicy.md +++ b/docs/docs/resources/teams/TeamsMeetingBroadcastPolicy.md @@ -42,11 +42,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMeetingConfiguration.md b/docs/docs/resources/teams/TeamsMeetingConfiguration.md index e72dbf2ef4..c8a0d64ce4 100644 --- a/docs/docs/resources/teams/TeamsMeetingConfiguration.md +++ b/docs/docs/resources/teams/TeamsMeetingConfiguration.md @@ -50,11 +50,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMeetingPolicy.md b/docs/docs/resources/teams/TeamsMeetingPolicy.md index ae74df5e1e..788eebc94e 100644 --- a/docs/docs/resources/teams/TeamsMeetingPolicy.md +++ b/docs/docs/resources/teams/TeamsMeetingPolicy.md @@ -101,11 +101,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMessagingPolicy.md b/docs/docs/resources/teams/TeamsMessagingPolicy.md index 34b002a9a9..b0350e4046 100644 --- a/docs/docs/resources/teams/TeamsMessagingPolicy.md +++ b/docs/docs/resources/teams/TeamsMessagingPolicy.md @@ -63,11 +63,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMobilityPolicy.md b/docs/docs/resources/teams/TeamsMobilityPolicy.md index 885d5d5180..79cc6560d4 100644 --- a/docs/docs/resources/teams/TeamsMobilityPolicy.md +++ b/docs/docs/resources/teams/TeamsMobilityPolicy.md @@ -41,11 +41,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md b/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md index 459a8c1e19..6739e33279 100644 --- a/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md +++ b/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsOnlineVoiceUser.md b/docs/docs/resources/teams/TeamsOnlineVoiceUser.md index 1ffbdd96a4..b9980c2f6f 100644 --- a/docs/docs/resources/teams/TeamsOnlineVoiceUser.md +++ b/docs/docs/resources/teams/TeamsOnlineVoiceUser.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsOnlineVoicemailPolicy.md b/docs/docs/resources/teams/TeamsOnlineVoicemailPolicy.md index d66f177c39..283ed10ae4 100644 --- a/docs/docs/resources/teams/TeamsOnlineVoicemailPolicy.md +++ b/docs/docs/resources/teams/TeamsOnlineVoicemailPolicy.md @@ -49,11 +49,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsOnlineVoicemailUserSettings.md b/docs/docs/resources/teams/TeamsOnlineVoicemailUserSettings.md index b783b80581..f95bf92464 100644 --- a/docs/docs/resources/teams/TeamsOnlineVoicemailUserSettings.md +++ b/docs/docs/resources/teams/TeamsOnlineVoicemailUserSettings.md @@ -47,11 +47,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsOrgWideAppSettings.md b/docs/docs/resources/teams/TeamsOrgWideAppSettings.md index 77ca71aa99..6b2eaabbb8 100644 --- a/docs/docs/resources/teams/TeamsOrgWideAppSettings.md +++ b/docs/docs/resources/teams/TeamsOrgWideAppSettings.md @@ -36,11 +36,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - None + - Organization.Read.All - **Update** - - None + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsPstnUsage.md b/docs/docs/resources/teams/TeamsPstnUsage.md index 2249dddfb7..983fd726a9 100644 --- a/docs/docs/resources/teams/TeamsPstnUsage.md +++ b/docs/docs/resources/teams/TeamsPstnUsage.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsShiftsPolicy.md b/docs/docs/resources/teams/TeamsShiftsPolicy.md index e03377d512..26e7a8d8ef 100644 --- a/docs/docs/resources/teams/TeamsShiftsPolicy.md +++ b/docs/docs/resources/teams/TeamsShiftsPolicy.md @@ -44,11 +44,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTeam.md b/docs/docs/resources/teams/TeamsTeam.md index d45236e6ea..f624b4c769 100644 --- a/docs/docs/resources/teams/TeamsTeam.md +++ b/docs/docs/resources/teams/TeamsTeam.md @@ -52,17 +52,17 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Update** - - Group.ReadWrite.All, User.Read.All + - None #### Application permissions - **Read** - - None + - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All - **Update** - - Group.ReadWrite.All, User.Read.All + - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTemplatesPolicy.md b/docs/docs/resources/teams/TeamsTemplatesPolicy.md index ae5e4dc6bd..3f9e0ab27a 100644 --- a/docs/docs/resources/teams/TeamsTemplatesPolicy.md +++ b/docs/docs/resources/teams/TeamsTemplatesPolicy.md @@ -41,11 +41,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTenantDialPlan.md b/docs/docs/resources/teams/TeamsTenantDialPlan.md index 81fa2c6813..b41d46cde7 100644 --- a/docs/docs/resources/teams/TeamsTenantDialPlan.md +++ b/docs/docs/resources/teams/TeamsTenantDialPlan.md @@ -56,11 +56,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTenantNetworkRegion.md b/docs/docs/resources/teams/TeamsTenantNetworkRegion.md index 4800c0f10c..3c52bc363c 100644 --- a/docs/docs/resources/teams/TeamsTenantNetworkRegion.md +++ b/docs/docs/resources/teams/TeamsTenantNetworkRegion.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTenantNetworkSite.md b/docs/docs/resources/teams/TeamsTenantNetworkSite.md index 40ce3739c5..93d1ec7f8c 100644 --- a/docs/docs/resources/teams/TeamsTenantNetworkSite.md +++ b/docs/docs/resources/teams/TeamsTenantNetworkSite.md @@ -45,11 +45,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTenantNetworkSubnet.md b/docs/docs/resources/teams/TeamsTenantNetworkSubnet.md index a4455fe902..a6af9ccbbb 100644 --- a/docs/docs/resources/teams/TeamsTenantNetworkSubnet.md +++ b/docs/docs/resources/teams/TeamsTenantNetworkSubnet.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTenantTrustedIPAddress.md b/docs/docs/resources/teams/TeamsTenantTrustedIPAddress.md index 627539400b..0ea0c85aa8 100644 --- a/docs/docs/resources/teams/TeamsTenantTrustedIPAddress.md +++ b/docs/docs/resources/teams/TeamsTenantTrustedIPAddress.md @@ -21,6 +21,30 @@ As an Admin, you can use the Windows PowerShell command, New-CsTenantTrustedIPAd ## Permissions +### Microsoft Graph + +To authenticate with the Microsoft Graph API, this resource required the following permissions: + +#### Delegated permissions + +- **Read** + + - None + +- **Update** + + - None + +#### Application permissions + +- **Read** + + - Organization.Read.All + +- **Update** + + - Organization.Read.All + ## Examples ### Example 1 diff --git a/docs/docs/resources/teams/TeamsTranslationRule.md b/docs/docs/resources/teams/TeamsTranslationRule.md index 723c968fa6..bcde6a9889 100644 --- a/docs/docs/resources/teams/TeamsTranslationRule.md +++ b/docs/docs/resources/teams/TeamsTranslationRule.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUnassignedNumberTreatment.md b/docs/docs/resources/teams/TeamsUnassignedNumberTreatment.md index 6c111e8968..b40e698e06 100644 --- a/docs/docs/resources/teams/TeamsUnassignedNumberTreatment.md +++ b/docs/docs/resources/teams/TeamsUnassignedNumberTreatment.md @@ -42,11 +42,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md b/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md index 7451fa8b04..fd57817eee 100644 --- a/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md +++ b/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md @@ -45,11 +45,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUpgradeConfiguration.md b/docs/docs/resources/teams/TeamsUpgradeConfiguration.md index e1c9634998..890343eae8 100644 --- a/docs/docs/resources/teams/TeamsUpgradeConfiguration.md +++ b/docs/docs/resources/teams/TeamsUpgradeConfiguration.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUpgradePolicy.md b/docs/docs/resources/teams/TeamsUpgradePolicy.md index 0e6b95be61..c9ec3b27ff 100644 --- a/docs/docs/resources/teams/TeamsUpgradePolicy.md +++ b/docs/docs/resources/teams/TeamsUpgradePolicy.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUserCallingSettings.md b/docs/docs/resources/teams/TeamsUserCallingSettings.md index 4dd57c90d4..38375b3ed3 100644 --- a/docs/docs/resources/teams/TeamsUserCallingSettings.md +++ b/docs/docs/resources/teams/TeamsUserCallingSettings.md @@ -50,11 +50,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - None + - Organization.Read.All - **Update** - - None + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUserPolicyAssignment.md b/docs/docs/resources/teams/TeamsUserPolicyAssignment.md index 46de0d3eb6..9d6158d1a9 100644 --- a/docs/docs/resources/teams/TeamsUserPolicyAssignment.md +++ b/docs/docs/resources/teams/TeamsUserPolicyAssignment.md @@ -59,11 +59,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsVdiPolicy.md b/docs/docs/resources/teams/TeamsVdiPolicy.md index 0cf0a7655d..a2a13e5de8 100644 --- a/docs/docs/resources/teams/TeamsVdiPolicy.md +++ b/docs/docs/resources/teams/TeamsVdiPolicy.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsVoiceRoute.md b/docs/docs/resources/teams/TeamsVoiceRoute.md index f194d9db01..613a456b27 100644 --- a/docs/docs/resources/teams/TeamsVoiceRoute.md +++ b/docs/docs/resources/teams/TeamsVoiceRoute.md @@ -44,11 +44,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsVoiceRoutingPolicy.md b/docs/docs/resources/teams/TeamsVoiceRoutingPolicy.md index 96252959c4..cf7f75ac6a 100644 --- a/docs/docs/resources/teams/TeamsVoiceRoutingPolicy.md +++ b/docs/docs/resources/teams/TeamsVoiceRoutingPolicy.md @@ -41,11 +41,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsWorkloadPolicy.md b/docs/docs/resources/teams/TeamsWorkloadPolicy.md index bfa304ab20..b1396a9152 100644 --- a/docs/docs/resources/teams/TeamsWorkloadPolicy.md +++ b/docs/docs/resources/teams/TeamsWorkloadPolicy.md @@ -45,11 +45,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples