Merge branch 'Dev' of https://github.com/microsoft/Microsoft365DSC in…

…to fix4333

CHANGELOG.md

@@ -1,6 +1,6 @@
 # Change log for Microsoft365DSC
 
-# UNRELEASED
+# 1.24.221.1
 
 * AADApplication
   * Expose the description field in the resource.
@@ -10,6 +10,27 @@
     FIXES [#4347](https://github.com/microsoft/Microsoft365DSC/issues/4347)
   * Throws an error if role, user or group was not found in the Set method.
     FIXES [#4342](https://github.com/microsoft/Microsoft365DSC/issues/4342)
+* EXOAuthenticationPolicyAssignment
+  * Improved performance by using a filter to retrieve assignments.
+  * Export now retrieves the user principal name instead of the user id.
+* EXOAvailabilityConfig
+  * Export now retrieves the user principal name instead of the user id.
+* EXOCASMailboxPlan
+  * Added the DisplayName property.
+* EXODataClassification
+  * Added logic to retrieve by name in the GET method if no match found by id.
+* EXOMailboxAutoReplyConfiguration
+  * Added the owner property.
+* EXOMailboxPlan
+  * Added the DisplayName property.
+* EXOMailboxSettings
+  * Export now retrieves instances by User Principal Name instead of GUID.
+* EXOPlace
+  * Added the DisplayName property.
+* EXORecipientPermission
+  * Export now retrieves instances by User Principal Name instead of GUID.
+* EXOSharedMailbox
+  * Added the Identity parameter.
 * MISC
   * Uninstall-M365DSCOutdatedDependencies
     * Outdated Microsoft365DSC-modules are now removed in their entirety

Modules/Microsoft365DSC/DSCResources/MSFT_AADApplication/MSFT_AADApplication.psm1

@@ -148,7 +148,7 @@ function Get-TargetResource
         }
         if ($null -ne $AADApp -and $AADApp.Count -gt 1)
         {
-            Throw "Multiple AAD Apps with the Displayname $($DisplayName) exist in the tenant. These apps will not be exported."
+            Throw "Multiple AAD Apps with the Displayname $($DisplayName) exist in the tenant."
         }
         elseif ($null -eq $AADApp)
         {
@@ -940,6 +940,7 @@ function Export-TargetResource
                     Write-Host "`r`n        $($Global:M365DSCEmojiYellowCircle)" -NoNewline
                     Write-Host " Multiple app instances wth name {$($AADApp.DisplayName)} were found. We will skip exporting these instances."
                 }
+                $i++
             }
         }
         return $dscContent.ToString()

Modules/Microsoft365DSC/DSCResources/MSFT_EXOActiveSyncDeviceAccessRule/MSFT_EXOActiveSyncDeviceAccessRule.schema.mof

@@ -2,6 +2,7 @@
 class MSFT_EXOActiveSyncDeviceAccessRule : OMI_BaseResource
 {
     [Key, Description("The Identity parameter specifies the identity of the device access rule.")] String Identity;
+    [Write, Description("Unique Identifier. Read-Only")] String GUID;
     [Write, Description("The AccessLevel parameter specifies whether the devices are allowed, blocked or quarantined."), ValueMap{"Allow","Block","Quarantine"}, Values{"Allow","Block","Quarantine"}] String AccessLevel;
     [Write, Description("The Characteristic parameter specifies the device characteristic or category that's used by the rule."), ValueMap{"DeviceModel","DeviceType","DeviceOS","UserAgent","XMSWLHeader"}, Values{"DeviceModel","DeviceType","DeviceOS","UserAgent","XMSWLHeader"}] String Characteristic;
     [Write, Description("The QueryString parameter specifies the device identifier that's used by the rule. This parameter uses a text value that's used with Characteristic parameter value to define the device.")] String QueryString;

Modules/Microsoft365DSC/DSCResources/MSFT_EXOAuthenticationPolicyAssignment/MSFT_EXOAuthenticationPolicyAssignment.psm1

@@ -346,20 +346,15 @@ function Export-TargetResource
             Write-Host "`r`n" -NoNewline
         }
         $i = 1
-        $allUsers = $null
         foreach ($AuthenticationPolicy in $AllAuthenticationPolicies)
         {
             Write-Host "    |---[$i/$($AllAuthenticationPolicies.Count)] $($AuthenticationPolicy.Identity)" -NoNewline
-            if (-not $allUsers)
-            {
-                $allUsers = Get-User -ResultSize 'Unlimited'
-            }
-            $assignedUsers = $allUsers | Where-Object -FilterScript { $_.AuthenticationPolicy -eq $AuthenticationPolicy.Identity }
+            $assignedUsers = Get-User -Filter "AuthenticationPolicy -eq '$($AuthenticationPolicy.DistinguishedName)'"
 
             foreach ($user in $assignedUsers)
             {
                 $Params = @{
-                    UserName              = $user.Name
+                    UserName              = $user.UserPrincipalName
                     Credential            = $Credential
                     ApplicationId         = $ApplicationId
                     TenantId              = $TenantId

Modules/Microsoft365DSC/DSCResources/MSFT_EXOAvailabilityAddressSpace/MSFT_EXOAvailabilityAddressSpace.psm1

@@ -99,7 +99,10 @@ function Get-TargetResource
     {
         try
         {
-            $AvailabilityAddressSpace = Get-AvailabilityAddressSpace -Identity $ForestName -ErrorAction Stop
+            if (-not [System.String]::IsNullOrEmpty($ForestName))
+            {
+                $AvailabilityAddressSpace = Get-AvailabilityAddressSpace -Identity $ForestName -ErrorAction Stop
+            }
         }
         catch
         {

Modules/Microsoft365DSC/DSCResources/MSFT_EXOAvailabilityConfig/MSFT_EXOAvailabilityConfig.psm1

@@ -346,7 +346,8 @@ function Export-TargetResource
         $OrgWideValue = "NotConfigured"
         if ($null -ne $AvailabilityConfig.OrgWideAccount)
         {
-            $OrgWideValue = $AvailabilityConfig.OrgWideAccount.ToString()
+            $user = Get-User -Identity $AvailabilityConfig.OrgWideAccount.ToString()
+            $OrgWideValue = $user.UserPrincipalName
         }
         $Params = @{
             OrgWideAccount        = $OrgWideValue

Modules/Microsoft365DSC/DSCResources/MSFT_EXOCASMailboxPlan/MSFT_EXOCASMailboxPlan.psm1

@@ -8,6 +8,10 @@ function Get-TargetResource
         [System.String]
         $Identity,
 
+        [Parameter()]
+        [System.String]
+        $DisplayName,
+
         [Parameter()]
         [Boolean]
         $ActiveSyncEnabled = $true,
@@ -95,16 +99,26 @@ function Get-TargetResource
         {
             Write-Verbose -Message "MailboxPlan $($Identity) does not exist."
 
-            $CASMailboxPlan = Get-CASMailboxPlan -Filter "Name -like '$($Identity.Split('-')[0])-*'"
-            if ($null -eq $CASMailboxPlan)
+            # Try and retrieve by Display Name
+            if (-not [System.String]::IsNullOrEmpty($DisplayName))
+            {
+                $CASMailboxPlan = Get-CASMailboxPlan -Filter "DisplayName -eq '$DisplayName'"
+            }
+
+            if ($null -eq $MailboxPlan)
             {
-                Write-Verbose -Message "CASMailboxPlan $($Identity) does not exist."
-                return $nullResult
+                $CASMailboxPlan = Get-CASMailboxPlan -Filter "Name -like '$($Identity.Split('-')[0])-*'"
+                if ($null -eq $CASMailboxPlan)
+                {
+                    Write-Verbose -Message "CASMailboxPlan $($Identity) does not exist."
+                    return $nullResult
+                }
             }
         }
 
         $result = @{
             Identity              = $Identity
+            DisplayName           = $CASMailboxPlan.DisplayName
             ActiveSyncEnabled     = $CASMailboxPlan.ActiveSyncEnabled
             ImapEnabled           = $CASMailboxPlan.ImapEnabled
             OwaMailboxPolicy      = $CASMailboxPlan.OwaMailboxPolicy
@@ -143,6 +157,10 @@ function Set-TargetResource
         [System.String]
         $Identity,
 
+        [Parameter()]
+        [System.String]
+        $DisplayName,
+
         [Parameter()]
         [Boolean]
         $ActiveSyncEnabled = $true,
@@ -244,6 +262,10 @@ function Test-TargetResource
         [System.String]
         $Identity,
 
+        [Parameter()]
+        [System.String]
+        $DisplayName,
+
         [Parameter()]
         [Boolean]
         $ActiveSyncEnabled = $true,
@@ -394,6 +416,7 @@ function Export-TargetResource
             Write-Host "    |---[$i/$($CASMailboxPlans.Count)] $($CASMailboxPlan.Identity.Split('-')[0])" -NoNewline
             $Params = @{
                 Identity              = $CASMailboxPlan.Identity
+                DisplayName           = $CASMailboxPlan.DisplayName
                 Credential            = $Credential
                 ApplicationId         = $ApplicationId
                 TenantId              = $TenantId

Modules/Microsoft365DSC/DSCResources/MSFT_EXOCASMailboxPlan/MSFT_EXOCASMailboxPlan.schema.mof

@@ -2,6 +2,7 @@
 class MSFT_EXOCASMailboxPlan : OMI_BaseResource
 {
     [Key, Description("The Identity parameter specifies the CAS Mailbox Plan that you want to modify.")] String Identity;
+    [Write, Description("The display name of the CAS Mailbox Plan.")] String DisplayName;
     [Write, Description("CASMailboxPlans cannot be created/removed in O365.  This must be set to 'Present'"), ValueMap{"Present"}, Values{"Present"}] String Ensure;
     [Write, Description("The ActiveSyncEnabled parameter enables or disables access to the mailbox by using Exchange Active Sync. Default is $true.")] Boolean ActiveSyncEnabled;
     [Write, Description("The ImapEnabled parameter enables or disables access to the mailbox by using IMAP4 clients. The default value is $true for all CAS mailbox plans except ExchangeOnlineDeskless which is $false by default.")] Boolean ImapEnabled;

Modules/Microsoft365DSC/DSCResources/MSFT_EXODataClassification/MSFT_EXODataClassification.psm1

@@ -102,41 +102,46 @@ function Get-TargetResource
         }
         if ($null -eq $DataClassification)
         {
-            Write-Verbose -Message "Data classification $($Identity) does not exist."
-            return $nullReturn
-        }
-        else
-        {
-
-            $currentDefaultCultureName = ([system.globalization.cultureinfo]$DataClassification.DefaultCulture).Name
-            $DataClassificationLocale = $currentDefaultCultureName
-            $DataClassificationIsDefault = $false
-            if (([String]::IsNullOrEmpty($Locale)) -or ($Locale -eq $currentDefaultCultureName))
+            if (-not [System.String]::IsNullOrEmpty($Name))
             {
-                $DataClassificationIsDefault = $true
+                Write-Verbose -Message "Couldn't retrieve data classification by Identity. Trying by Name {$Name}."
+                $DataClassification = Get-DataClassification -Identity $Name
             }
 
-            $result = @{
-                Identity              = $Identity
-                Description           = $DataClassification.Description
-                Fingerprints          = $DataClassification.Fingerprints
-                IsDefault             = $DataClassificationIsDefault
-                Locale                = $DataClassificationLocale
-                Name                  = $DataClassification.Name
-                Credential            = $Credential
-                Ensure                = 'Present'
-                ApplicationId         = $ApplicationId
-                CertificateThumbprint = $CertificateThumbprint
-                CertificatePath       = $CertificatePath
-                CertificatePassword   = $CertificatePassword
-                ManagedIdentity       = $ManagedIdentity.IsPresent
-                TenantId              = $TenantId
+            if ($null -eq $DataClassification)
+            {
+                Write-Verbose -Message "Data classification $($Identity) does not exist."
+                return $nullReturn
             }
+        }
+        $currentDefaultCultureName = ([system.globalization.cultureinfo]$DataClassification.DefaultCulture).Name
+        $DataClassificationLocale = $currentDefaultCultureName
+        $DataClassificationIsDefault = $false
+        if (([String]::IsNullOrEmpty($Locale)) -or ($Locale -eq $currentDefaultCultureName))
+        {
+            $DataClassificationIsDefault = $true
+        }
 
-            Write-Verbose -Message "Found Data classification policy $($Identity)"
-            Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)"
-            return $result
+        $result = @{
+            Identity              = $Identity
+            Description           = $DataClassification.Description
+            Fingerprints          = $DataClassification.Fingerprints
+            IsDefault             = $DataClassificationIsDefault
+            Locale                = $DataClassificationLocale
+            Name                  = $DataClassification.Name
+            Credential            = $Credential
+            Ensure                = 'Present'
+            ApplicationId         = $ApplicationId
+            CertificateThumbprint = $CertificateThumbprint
+            CertificatePath       = $CertificatePath
+            CertificatePassword   = $CertificatePassword
+            ManagedIdentity       = $ManagedIdentity.IsPresent
+            TenantId              = $TenantId
         }
+
+        Write-Verbose -Message "Found Data classification policy $($Identity)"
+        Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)"
+        return $result
     }
     catch
     {

Modules/Microsoft365DSC/DSCResources/MSFT_EXOGroupSettings/MSFT_EXOGroupSettings.psm1

@@ -8,6 +8,10 @@ function Get-TargetResource
         [System.String]
         $DisplayName,
 
+        [Parameter()]
+        [System.String]
+        $Id,
+
         [Parameter()]
         [System.String[]]
         $AcceptMessagesOnlyFromSendersOrMembers,
@@ -273,12 +277,20 @@ function Get-TargetResource
     {
         if ($null -ne $Script:exportedInstances -and $Script:ExportMode)
         {
-            [Array]$group = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName}
+            [Array]$group = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id}
         }
         else
         {
-            [Array]$group = Get-UnifiedGroup -Identity $DisplayName -IncludeAllProperties -ErrorAction Stop
+            Write-Verbose -Message "Retrieving group by id {$Id}"
+            [Array]$group = Get-UnifiedGroup -Identity $Id -IncludeAllProperties -ErrorAction Stop
+
+            if ($group.Length -eq 0)
+            {
+                Write-Verbose -Message "Couldn't retrieve group by ID. Trying by DisplayName {$DisplayName}"
+                [Array]$group = Get-UnifiedGroup -Identity $DisplayName -IncludeAllProperties -ErrorAction Stop
+            }
         }
+
         if ($group.Length -gt 1)
         {
             Write-Warning -Message "Multiple instances of a group named {$DisplayName} was discovered which could result in inconsistencies retrieving its values."
@@ -298,6 +310,7 @@ function Get-TargetResource
 
     $result = @{
         DisplayName                            = $DisplayName
+        Id                                     = $group.Id
         AcceptMessagesOnlyFromSendersOrMembers = $group.AcceptMessagesOnlyFromSendersOrMembers
         AccessType                             = $group.AccessType
         AlwaysSubscribeMembersToCalendarEvents = $group.AlwaysSubscribeMembersToCalendarEvents
@@ -370,6 +383,10 @@ function Set-TargetResource
         [System.String]
         $DisplayName,
 
+        [Parameter()]
+        [System.String]
+        $Id,
+
         [Parameter()]
         [System.String[]]
         $AcceptMessagesOnlyFromSendersOrMembers,
@@ -646,6 +663,10 @@ function Test-TargetResource
         [System.String]
         $DisplayName,
 
+        [Parameter()]
+        [System.String]
+        $Id,
+
         [Parameter()]
         [System.String[]]
         $AcceptMessagesOnlyFromSendersOrMembers,
@@ -979,6 +1000,7 @@ function Export-TargetResource
                 $Params = @{
                     Credential            = $Credential
                     DisplayName           = $groupName
+                    Id                    = $group.Id
                     ApplicationId         = $ApplicationId
                     TenantId              = $TenantId
                     CertificateThumbprint = $CertificateThumbprint

Modules/Microsoft365DSC/DSCResources/MSFT_EXOGroupSettings/MSFT_EXOGroupSettings.schema.mof

@@ -2,6 +2,7 @@
 class MSFT_EXOGroupSettings : OMI_BaseResource
 {
     [Key, Description("The DisplayName parameter specifies the name of the Microsoft 365 Group. The display name is visible in the Exchange admin center, address lists, and Outlook. The maximum length is 64 characters.")] string DisplayName;
+    [Write, Description("The unique Id of the group")] string Id;
     [Write, Description("The AcceptMessagesOnlyFromSendersOrMembers parameter specifies who is allowed to send messages to this recipient. Messages from other senders are rejected.")] string AcceptMessagesOnlyFromSendersOrMembers[];
     [Write, Description("Private"), ValueMap{"Public","Private"}, Values{"Public","Private"}] string AccessType;
     [Write, Description("The AlwaysSubscribeMembersToCalendarEvents switch controls the default subscription settings of new members that are added to the Microsoft 365 Group. Changing this setting doesn't affect existing group members.")] boolean AlwaysSubscribeMembersToCalendarEvents;