Skip to content

Commit

Permalink
Merge pull request #5402 from microsoft/Dev
Browse files Browse the repository at this point in the history
Release 1.24.1113.1
  • Loading branch information
ykuijs authored Nov 13, 2024
2 parents 8d329c5 + a6530b9 commit 2ebfc0f
Show file tree
Hide file tree
Showing 58 changed files with 3,872 additions and 1,109 deletions.
50 changes: 47 additions & 3 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,50 @@
# Change log for Microsoft365DSC

# UNRELEASED

* AADConditionalAccessPolicy
* Fixed bug where an empty value was passed in the request for the
insiderRiskLevels parameter, which throws an error.
FIXES [#5389](https://github.com/microsoft/Microsoft365DSC/issues/5389)
* Fixes a bug where 3P apps could not be assigned by DisplayName for both
IncludeApplications and ExcludeApplications
FIXES [#5390](https://github.com/microsoft/Microsoft365DSC/issues/5390)
* AADRoleEligibilityScheduleRequest
* FIXES [#3787](https://github.com/microsoft/Microsoft365DSC/issues/3787)
* FIXES [#5089](https://github.com/microsoft/Microsoft365DSC/issues/5089)
* EXOATPBuiltInProtectionRule, EXOEOPProtectionRule
* Fixed issue where empty arrays were being compared incorrectly to null
strings
FIXES [#5394](https://github.com/microsoft/Microsoft365DSC/issues/5394)
* IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy
* Update property `PasswordAgeDays_AAD` to be lower-case.
FIXES [#5378](https://github.com/microsoft/Microsoft365DSC/issues/5378) (1/2)
* IntuneAntivirusExclusionsPolicyMacOS
* Initial release.
* IntuneAntivirusPolicyWindows10SettingCatalog
* Update properties to be upper-case.
Fixes [#5373](https://github.com/microsoft/Microsoft365DSC/issues/5373)
* IntuneDeviceConfigurationCustomPolicyWindows10
* Fixed issue where `Value`, from `OmaSettings`, could not be compared
correctly if it was boolean and set to `$False`
FIXES [#5384](https://github.com/microsoft/Microsoft365DSC/issues/5384)
* IntuneEndpointDetectionAndResponsePolicyWindows10
* Remove changed property name from export.
FIXES [#5300](https://github.com/microsoft/Microsoft365DSC/issues/5300)
* IntuneSecurityBaselineMicrosoftEdge
* Deprecate property `authschemes` and replace with `AuthSchemes_AuthSchemes`
* M365DSCDRGUtil
* Restrict CIM instance access to properties that appear multiple times.
* Switch log type for not found Intune assignments to `Warning`.
* M365DSCIntuneSettingsCatalogUtil
* Add ADMX handling for `edge~httpauthentication_`.
FIXES [#5378](https://github.com/microsoft/Microsoft365DSC/issues/5378) (2/2)
* TeamsUpgradePolicy
* Changes to how we are retrieving the users to improve performance.
* DEPENDENCIES
* Updated DSCParser to version 2.0.0.12.
* Updated MSCloudLoginAssistant to version 1.1.28.

# 1.24.1106.3

* AzureBillingAccountScheduledAction
Expand All @@ -19,7 +64,6 @@
* MISC
* Fixed issues with API Url's parsing.


# 1.24.1106.1

* AADAccessReviewDefinition
Expand Down Expand Up @@ -116,13 +160,13 @@
* EXOArcConfig
* Fixed `Test-TargetResource` to correctly check property `ArcTrustedSealers`
when it has an array
* EXOM365DataAtRestEncryptionPolicy
* Initial release.
* EXOMailboxAuditBypassAssociation
* Initial release.
* EXOMailboxSettings
* Added support for AddressBookPolicy, RetentionPolicy, RoleAssignmentPolicy
and SharingPolicy.
* EXOMigration
* Initial release.
* EXOServicePrincipal
* Initial release.
* EXOTenantAllowBlockListItems
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -220,6 +220,7 @@ function Get-TargetResource
$TransferMethods,

[Parameter()]
[ValidateSet('minor', 'moderate', 'elevated', 'unknownFutureValue')]
[System.String]
$InsiderRiskLevels,

Expand Down Expand Up @@ -949,6 +950,7 @@ function Set-TargetResource
$TransferMethods,

[Parameter()]
[ValidateSet('minor', 'moderate', 'elevated', 'unknownFutureValue')]
[System.String]
$InsiderRiskLevels,

Expand Down Expand Up @@ -1029,11 +1031,54 @@ function Set-TargetResource
Write-Verbose -Message 'Set-Targetresource: create Application Condition object'
if ($currentParameters.ContainsKey('IncludeApplications'))
{
$conditions.Applications.Add('includeApplications', $IncludeApplications)
$IncludeApplicationsValue = @()
foreach ($app in $IncludeApplications)
{
$ObjectGuid = [System.Guid]::empty
if ([System.Guid]::TryParse($app, [System.Management.Automation.PSReference]$ObjectGuid))
{
$IncludeApplicationsValue += $app
}
else
{
$appInfo = Get-MgApplication -Filter "DisplayName eq '$app'" -ErrorAction SilentlyContinue
if ($null -ne $appInfo)
{
$IncludeApplicationsValue += $appInfo.AppId
}
else
{
$IncludeApplicationsValue += $app
}
}
}

$conditions.Applications.Add('includeApplications', $IncludeApplicationsValue)
}
if ($currentParameters.ContainsKey('excludeApplications'))
{
$conditions.Applications.Add('excludeApplications', $ExcludeApplications)
$ExcludeApplicationsValue = @()
foreach ($app in $ExcludeApplications)
{
$ObjectGuid = [System.Guid]::empty
if ([System.Guid]::TryParse($app, [System.Management.Automation.PSReference]$ObjectGuid))
{
$ExcludeApplicationsValue += $app
}
else
{
$appInfo = Get-MgApplication -Filter "DisplayName eq '$app'" -ErrorAction SilentlyContinue
if ($null -ne $appInfo)
{
$ExcludeApplicationsValue += $appInfo.AppId
}
else
{
$ExcludeApplicationsValue += $app
}
}
}
$conditions.Applications.Add('excludeApplications', $ExcludeApplicationsValue)
}
if ($ApplicationsFilter -and $ApplicationsFilterMode)
{
Expand Down Expand Up @@ -1586,7 +1631,7 @@ function Set-TargetResource
}
}

if ($null -ne $InsiderRiskLevels)
if ([String]::IsNullOrEmpty($InsiderRiskLevels) -eq $false)
{
$conditions.Add("insiderRiskLevels", $InsiderRiskLevels)
}
Expand Down Expand Up @@ -2059,6 +2104,7 @@ function Test-TargetResource
$TransferMethods,

[Parameter()]
[ValidateSet('minor', 'moderate', 'elevated', 'unknownFutureValue')]
[System.String]
$InsiderRiskLevels,

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -50,7 +50,7 @@ class MSFT_AADConditionalAccessPolicy : OMI_BaseResource
[Write, Description("Name of the associated authentication strength policy.")] String AuthenticationStrength;
[Write, Description("Names of the associated authentication flow transfer methods. Possible values are '', 'deviceCodeFlow', 'authenticationTransfer', or 'deviceCodeFlow,authenticationTransfer'.")] String TransferMethods;
[Write, Description("Authentication context class references.")] String AuthenticationContexts[];
[Write, Description("Insider risk levels conditions.")] String InsiderRiskLevels;
[Write, Description("Insider risk levels conditions."), ValueMap{"minor", "moderate", "elevated", "unknownFutureValue"}, Values{"minor", "moderate", "elevated", "unknownFutureValue"}] String InsiderRiskLevels;
[Write, Description("Specify if the Azure AD CA Policy should exist or not."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure;
[Write, Description("Credentials for the Microsoft Graph delegated permissions."), EmbeddedInstance("MSFT_Credential")] string Credential;
[Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId;
Expand All @@ -60,3 +60,4 @@ class MSFT_AADConditionalAccessPolicy : OMI_BaseResource
[Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity;
[Write, Description("Access token used for authentication.")] String AccessTokens[];
};

Original file line number Diff line number Diff line change
Expand Up @@ -190,7 +190,7 @@
$schedule = $instance
}
}
[Array]$request = Get-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest -Filter "PrincipalId eq '$PrincipalId' and RoleDefinitionId eq '$($schedule.RoleDefinitionId)'" | Sort-Object -Property CompletedDateTime -Descending
[Array]$request = Get-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest -Filter "PrincipalId eq '$PrincipalId'" | Where-Object -FilterScript {$_.RoleDefinitionId -eq $schedule.RoleDefinitionId} | Sort-Object -Property CompletedDateTime -Descending
`
if ($request.Length -gt 1)
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -249,6 +249,21 @@ function Test-TargetResource
Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)"
Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)"

foreach ($key in $ValuesToCheck.Keys)
{
if ($null -eq $CurrentValues[$key])
{
switch -regex ($key)
{
"^ExceptIf\w+$"
{
$CurrentValues[$key] = @()
break
}
}
}
}

$testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues `
-Source $($MyInvocation.MyCommand.Source) `
-DesiredValues $PSBoundParameters `
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -374,13 +374,26 @@ function Test-TargetResource
Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)"
Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)"

#Convert any DateTime to String
foreach ($key in $ValuesToCheck.Keys)
{
# Convert any DateTime to String
if (($null -ne $CurrentValues[$key]) `
-and ($CurrentValues[$key].GetType().Name -eq 'DateTime'))
{
$CurrentValues[$key] = $CurrentValues[$key].toString()
continue
}

if ($null -eq $CurrentValues[$key])
{
switch -regex ($key)
{
"^ExceptIf\w+$|^RecipientDomainIs$|^SentTo(\w+)?$"
{
$CurrentValues[$key] = @()
break
}
}
}
}

Expand Down

This file was deleted.

This file was deleted.

Loading

0 comments on commit 2ebfc0f

Please sign in to comment.