diff --git a/CHANGELOG.md b/CHANGELOG.md index 51f5fbe1fe..2f0e3b0325 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ # UNRELEASED +* All resources + * Applying project default formatting on all files, to improve + reading and troubleshooting * IntuneTrustedRootCertificateIOS * Initial release * M365DSCDRGUtil diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/MSFT_AADAccessReviewDefinition.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/MSFT_AADAccessReviewDefinition.psm1 index 2810be790b..ecc41b20ff 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/MSFT_AADAccessReviewDefinition.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/MSFT_AADAccessReviewDefinition.psm1 @@ -88,7 +88,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaIdentityGovernanceAccessReviewDefinition -AccessReviewScheduleDefinitionId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaIdentityGovernanceAccessReviewDefinition -AccessReviewScheduleDefinitionId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -100,8 +100,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.AccessReviewScheduleDefinition" - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.AccessReviewScheduleDefinition' + } } } #endregion @@ -130,12 +130,12 @@ function Get-TargetResource { $myPrincipalScopes.Add('odataType', $currentPrincipalScopes.'@odata.type'.ToString()) } - if ($myPrincipalScopes.values.Where({$null -ne $_}).Count -gt 0) + if ($myPrincipalScopes.values.Where({ $null -ne $_ }).Count -gt 0) { $complexPrincipalScopes += $myPrincipalScopes } } - $complexScope.Add('PrincipalScopes',$complexPrincipalScopes) + $complexScope.Add('PrincipalScopes', $complexPrincipalScopes) $complexResourceScopes = @() foreach ($currentResourceScopes in $getValue.Scope.AdditionalProperties.resourceScopes) { @@ -147,19 +147,19 @@ function Get-TargetResource { $myResourceScopes.Add('odataType', $currentResourceScopes.'@odata.type'.ToString()) } - if ($myResourceScopes.values.Where({$null -ne $_}).Count -gt 0) + if ($myResourceScopes.values.Where({ $null -ne $_ }).Count -gt 0) { $complexResourceScopes += $myResourceScopes } } - $complexScope.Add('ResourceScopes',$complexResourceScopes) + $complexScope.Add('ResourceScopes', $complexResourceScopes) if ($null -ne $getValue.Scope.AdditionalProperties.'@odata.type') { $complexScope.Add('odataType', $getValue.Scope.AdditionalProperties.'@odata.type'.ToString()) } - if ($complexScope.values.Where({$null -ne $_}).Count -eq 0) + if ($complexScope.values.Where({ $null -ne $_ }).Count -eq 0) { $complexScope = $null } @@ -173,12 +173,12 @@ function Get-TargetResource { $myApplyActions.Add('odataType', $currentApplyActions.AdditionalProperties.'@odata.type'.ToString()) } - if ($myApplyActions.values.Where({$null -ne $_}).Count -gt 0) + if ($myApplyActions.values.Where({ $null -ne $_ }).Count -gt 0) { $complexApplyActions += $myApplyActions } } - $complexSettings.Add('ApplyActions',$complexApplyActions) + $complexSettings.Add('ApplyActions', $complexApplyActions) $complexSettings.Add('AutoApplyDecisionsEnabled', $getValue.Settings.autoApplyDecisionsEnabled) $complexSettings.Add('DecisionHistoriesForReviewersEnabled', $getValue.Settings.decisionHistoriesForReviewersEnabled) $complexSettings.Add('DefaultDecision', $getValue.Settings.defaultDecision) @@ -199,12 +199,12 @@ function Get-TargetResource { $myRecommendationInsightSettings.Add('odataType', $currentRecommendationInsightSettings.AdditionalProperties.'@odata.type'.ToString()) } - if ($myRecommendationInsightSettings.values.Where({$null -ne $_}).Count -gt 0) + if ($myRecommendationInsightSettings.values.Where({ $null -ne $_ }).Count -gt 0) { $complexRecommendationInsightSettings += $myRecommendationInsightSettings } } - $complexSettings.Add('RecommendationInsightSettings',$complexRecommendationInsightSettings) + $complexSettings.Add('RecommendationInsightSettings', $complexRecommendationInsightSettings) if ($null -ne $getValue.Settings.recommendationLookBackDuration) { @@ -220,8 +220,8 @@ function Get-TargetResource } if ($null -ne $getValue.settings.recurrence.pattern.firstDayOfWeek) { - $complexFirstDaysOfWeek = [String]::Join(", ", $getValue.settings.recurrence.pattern.firstDayOfWeek) - $complexPattern.Add('FirstDayOfWeek',$complexFirstDaysOfWeek) + $complexFirstDaysOfWeek = [String]::Join(', ', $getValue.settings.recurrence.pattern.firstDayOfWeek) + $complexPattern.Add('FirstDayOfWeek', $complexFirstDaysOfWeek) } if ($null -ne $getValue.settings.recurrence.pattern.index) { @@ -233,11 +233,11 @@ function Get-TargetResource { $complexPattern.Add('Type', $getValue.settings.recurrence.pattern.type.ToString()) } - if ($complexPattern.values.Where({$null -ne $_}).Count -eq 0) + if ($complexPattern.values.Where({ $null -ne $_ }).Count -eq 0) { $complexPattern = $null } - $complexRecurrence.Add('Pattern',$complexPattern) + $complexRecurrence.Add('Pattern', $complexPattern) $complexRange = @{} if ($null -ne $getValue.settings.recurrence.range.endDate) { @@ -253,18 +253,18 @@ function Get-TargetResource { $complexRange.Add('Type', $getValue.settings.recurrence.range.type.ToString()) } - if ($complexRange.values.Where({$null -ne $_}).Count -eq 0) + if ($complexRange.values.Where({ $null -ne $_ }).Count -eq 0) { $complexRange = $null } - $complexRecurrence.Add('Range',$complexRange) - if ($complexRecurrence.values.Where({$null -ne $_}).Count -eq 0) + $complexRecurrence.Add('Range', $complexRange) + if ($complexRecurrence.values.Where({ $null -ne $_ }).Count -eq 0) { $complexRecurrence = $null } - $complexSettings.Add('Recurrence',$complexRecurrence) + $complexSettings.Add('Recurrence', $complexRecurrence) $complexSettings.Add('ReminderNotificationsEnabled', $getValue.Settings.reminderNotificationsEnabled) - if ($complexSettings.values.Where({$null -ne $_}).Count -eq 0) + if ($complexSettings.values.Where({ $null -ne $_ }).Count -eq 0) { $complexSettings = $null } @@ -294,16 +294,16 @@ function Get-TargetResource { $myRecommendationInsightSettings.Add('odataType', $currentRecommendationInsightSettings.'@odata.type'.ToString()) } - if ($myRecommendationInsightSettings.values.Where({$null -ne $_}).Count -gt 0) + if ($myRecommendationInsightSettings.values.Where({ $null -ne $_ }).Count -gt 0) { $complexRecommendationInsightSettings += $myRecommendationInsightSettings } } - $myStageSettings.Add('RecommendationInsightSettings',$complexRecommendationInsightSettings) + $myStageSettings.Add('RecommendationInsightSettings', $complexRecommendationInsightSettings) $myStageSettings.Add('RecommendationLookBackDuration', $currentStageSettings.recommendationLookBackDuration) $myStageSettings.Add('RecommendationsEnabled', $currentStageSettings.recommendationsEnabled) $myStageSettings.Add('StageId', $currentStageSettings.stageId) - if ($myStageSettings.values.Where({$null -ne $_}).Count -gt 0) + if ($myStageSettings.values.Where({ $null -ne $_ }).Count -gt 0) { $complexStageSettings += $myStageSettings } @@ -311,20 +311,20 @@ function Get-TargetResource #endregion $results = @{ - DescriptionForAdmins = $getValue.DescriptionForAdmins - DescriptionForReviewers = $getValue.DescriptionForReviewers - DisplayName = $getValue.DisplayName - ScopeValue = $complexScope - SettingsValue = $complexSettings - StageSettings = $complexStageSettings - Id = $getValue.Id - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent + DescriptionForAdmins = $getValue.DescriptionForAdmins + DescriptionForReviewers = $getValue.DescriptionForReviewers + DisplayName = $getValue.DisplayName + ScopeValue = $complexScope + SettingsValue = $complexSettings + StageSettings = $complexStageSettings + Id = $getValue.Id + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent } return [System.Collections.Hashtable] $results @@ -424,11 +424,12 @@ function Set-TargetResource $BoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters - if($StageSettings -ne $null) + if ($StageSettings -ne $null) { - Write-Verbose -Message "StageSettings cannot be updated after creation of access review definition." + Write-Verbose -Message 'StageSettings cannot be updated after creation of access review definition.' - if($currentInstance.Ensure -ne 'Absent') { + if ($currentInstance.Ensure -ne 'Absent') + { Write-Verbose -Message "Removing the Azure AD Access Review Definition with Id {$($currentInstance.Id)}" Remove-MgBetaIdentityGovernanceAccessReviewDefinition -AccessReviewScheduleDefinitionId $currentInstance.Id } @@ -446,27 +447,31 @@ function Set-TargetResource $createParameters.Add('Settings', $createParameters.SettingsValue) $createParameters.Remove('SettingsValue') | Out-Null - foreach ($hashtable in $createParameters.StageSettings) { + foreach ($hashtable in $createParameters.StageSettings) + { $propertyToRemove = 'DependsOnValue' $newProperty = 'DependsOn' - if ($hashtable.ContainsKey($propertyToRemove)) { + if ($hashtable.ContainsKey($propertyToRemove)) + { $value = $hashtable[$propertyToRemove] $hashtable[$newProperty] = $value $hashtable.Remove($propertyToRemove) } } - foreach ($hashtable in $createParameters.StageSettings) { + foreach ($hashtable in $createParameters.StageSettings) + { $keys = (([Hashtable]$hashtable).Clone()).Keys foreach ($key in $keys) { $value = $hashtable.$key $hashtable.Remove($key) - $hashtable.Add($key.Substring(0,1).ToLower() + $key.Substring(1), $value) + $hashtable.Add($key.Substring(0, 1).ToLower() + $key.Substring(1), $value) } } - foreach ($hashtable in $createParameters.StageSettings) { + foreach ($hashtable in $createParameters.StageSettings) + { Write-Verbose -Message "Priting Values: $(Convert-M365DscHashtableToString -Hashtable $hashtable)" } @@ -478,9 +483,9 @@ function Set-TargetResource $createParameters.$key = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $createParameters.$key } } - $createParameters.Add("@odata.type", "#microsoft.graph.AccessReviewScheduleDefinition") + $createParameters.Add('@odata.type', '#microsoft.graph.AccessReviewScheduleDefinition') $policy = New-MgBetaIdentityGovernanceAccessReviewDefinition -BodyParameter $createParameters - return; + return } if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') @@ -499,27 +504,31 @@ function Set-TargetResource $createParameters.Add('Settings', $createParameters.SettingsValue) $createParameters.Remove('SettingsValue') | Out-Null - foreach ($hashtable in $createParameters.StageSettings) { + foreach ($hashtable in $createParameters.StageSettings) + { $propertyToRemove = 'DependsOnValue' $newProperty = 'DependsOn' - if ($hashtable.ContainsKey($propertyToRemove)) { + if ($hashtable.ContainsKey($propertyToRemove)) + { $value = $hashtable[$propertyToRemove] $hashtable[$newProperty] = $value $hashtable.Remove($propertyToRemove) } } - foreach ($hashtable in $createParameters.StageSettings) { + foreach ($hashtable in $createParameters.StageSettings) + { $keys = (([Hashtable]$hashtable).Clone()).Keys foreach ($key in $keys) { $value = $hashtable.$key $hashtable.Remove($key) - $hashtable.Add($key.Substring(0,1).ToLower() + $key.Substring(1), $value) + $hashtable.Add($key.Substring(0, 1).ToLower() + $key.Substring(1), $value) } } - foreach ($hashtable in $createParameters.StageSettings) { + foreach ($hashtable in $createParameters.StageSettings) + { Write-Verbose -Message "Priting Values: $(Convert-M365DscHashtableToString -Hashtable $hashtable)" } @@ -532,7 +541,7 @@ function Set-TargetResource } } #region resource generator code - $createParameters.Add("@odata.type", "#microsoft.graph.AccessReviewScheduleDefinition") + $createParameters.Add('@odata.type', '#microsoft.graph.AccessReviewScheduleDefinition') $policy = New-MgBetaIdentityGovernanceAccessReviewDefinition -BodyParameter $createParameters #endregion } @@ -562,7 +571,7 @@ function Set-TargetResource } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.AccessReviewScheduleDefinition") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.AccessReviewScheduleDefinition') Set-MgBetaIdentityGovernanceAccessReviewDefinition ` -AccessReviewScheduleDefinitionId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -794,16 +803,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -813,19 +822,19 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'ScopeValue' + Name = 'ScopeValue' CimInstanceName = 'MicrosoftGraphAccessReviewScope' - IsRequired = $False + IsRequired = $False } @{ - Name = 'PrincipalScopes' + Name = 'PrincipalScopes' CimInstanceName = 'MicrosoftGraphAccessReviewScope' - IsRequired = $False + IsRequired = $False } @{ - Name = 'ResourceScopes' + Name = 'ResourceScopes' CimInstanceName = 'MicrosoftGraphAccessReviewScope' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -846,34 +855,34 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'SettingsValue' + Name = 'SettingsValue' CimInstanceName = 'MicrosoftGraphAccessReviewScheduleSettings' - IsRequired = $False + IsRequired = $False } @{ - Name = 'ApplyActions' + Name = 'ApplyActions' CimInstanceName = 'MicrosoftGraphAccessReviewApplyAction' - IsRequired = $False + IsRequired = $False } @{ - Name = 'RecommendationInsightSettings' + Name = 'RecommendationInsightSettings' CimInstanceName = 'MicrosoftGraphAccessReviewRecommendationInsightSetting' - IsRequired = $False + IsRequired = $False } @{ - Name = 'Recurrence' + Name = 'Recurrence' CimInstanceName = 'MicrosoftGraphPatternedRecurrence' - IsRequired = $False + IsRequired = $False } @{ - Name = 'Pattern' + Name = 'Pattern' CimInstanceName = 'MicrosoftGraphRecurrencePattern' - IsRequired = $False + IsRequired = $False } @{ - Name = 'Range' + Name = 'Range' CimInstanceName = 'MicrosoftGraphRecurrenceRange' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -894,34 +903,34 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'StageSettings' + Name = 'StageSettings' CimInstanceName = 'MicrosoftGraphAccessReviewStageSettings' - IsRequired = $False + IsRequired = $False } @{ - Name = 'PrincipalScopes' + Name = 'PrincipalScopes' CimInstanceName = 'MicrosoftGraphAccessReviewScope' - IsRequired = $False + IsRequired = $False } @{ - Name = 'ResourceScopes' + Name = 'ResourceScopes' CimInstanceName = 'MicrosoftGraphAccessReviewScope' - IsRequired = $False + IsRequired = $False } @{ - Name = 'RecommendationInsightSettings' + Name = 'RecommendationInsightSettings' CimInstanceName = 'MicrosoftGraphAccessReviewRecommendationInsightSetting' - IsRequired = $False + IsRequired = $False } @{ - Name = 'PrincipalScopes' + Name = 'PrincipalScopes' CimInstanceName = 'MicrosoftGraphAccessReviewScope' - IsRequired = $False + IsRequired = $False } @{ - Name = 'ResourceScopes' + Name = 'ResourceScopes' CimInstanceName = 'MicrosoftGraphAccessReviewScope' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -946,15 +955,15 @@ function Export-TargetResource -Credential $Credential if ($Results.ScopeValue) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "ScopeValue" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'ScopeValue' -IsCIMArray:$False } if ($Results.SettingsValue) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "SettingsValue" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'SettingsValue' -IsCIMArray:$False } if ($Results.StageSettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "StageSettings" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'StageSettings' -IsCIMArray:$True } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/settings.json index f609988203..6a0eee34be 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/settings.json @@ -1,29 +1,24 @@ { "resourceName": "AADAccessReviewDefinition", "description": "This resource configures an Azure AD Access Review Definition.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "AccessReview.Read.All" - } - ], - "update": [ - - ] - }, - "application": { - "read": [ - { - "name": "AccessReview.Read.All" - } - ], - "update": [ - - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "AccessReview.Read.All" + } + ], + "update": [] + }, + "application": { + "read": [ + { + "name": "AccessReview.Read.All" + } + ], + "update": [] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADActivityBasedTimeoutPolicy/MSFT_AADActivityBasedTimeoutPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADActivityBasedTimeoutPolicy/MSFT_AADActivityBasedTimeoutPolicy.psm1 index a77718b9eb..84ec188f53 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADActivityBasedTimeoutPolicy/MSFT_AADActivityBasedTimeoutPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADActivityBasedTimeoutPolicy/MSFT_AADActivityBasedTimeoutPolicy.psm1 @@ -88,8 +88,8 @@ function Get-TargetResource #Azure portal timeout $timeout = $getValue.Definition | ConvertFrom-Json - $AzurePortalTimeOut = ($timeout.ActivityBasedTimeoutPolicy.ApplicationPolicies | Where-Object{$_.ApplicationId -match "c44b4083-3bb0-49c1-b47d-974e53cbdf3c"}).WebSessionIdleTimeout - $DefaultTimeOut = ($timeout.ActivityBasedTimeoutPolicy.ApplicationPolicies | Where-Object{$_.ApplicationId -match "default"}).WebSessionIdleTimeout + $AzurePortalTimeOut = ($timeout.ActivityBasedTimeoutPolicy.ApplicationPolicies | Where-Object { $_.ApplicationId -match 'c44b4083-3bb0-49c1-b47d-974e53cbdf3c' }).WebSessionIdleTimeout + $DefaultTimeOut = ($timeout.ActivityBasedTimeoutPolicy.ApplicationPolicies | Where-Object { $_.ApplicationId -match 'default' }).WebSessionIdleTimeout $results = @{ #region resource generator code @@ -191,46 +191,47 @@ function Set-TargetResource $BoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters $AzurePortalTimeOutexist = $false $DefaultTimeOutexistst = $false - if($BoundParameters.ContainsKey('AzurePortalTimeOut') ` + if ($BoundParameters.ContainsKey('AzurePortalTimeOut') ` -and $null -ne $BoundParameters.AzurePortalTimeOut ` -and $BoundParameters.AzurePortalTimeOut -ne '' ` -and $BoundParameters.AzurePortalTimeOut -ne $nullString) - { - $AzurePortalTimeOutexist = $true - } - if($BoundParameters.ContainsKey('DefaultTimeOut') ` + { + $AzurePortalTimeOutexist = $true + } + if ($BoundParameters.ContainsKey('DefaultTimeOut') ` -and $null -ne $BoundParameters.DefaultTimeOut ` -and $BoundParameters.DefaultTimeOut -ne '' ` -and $BoundParameters.DefaultTimeOut -ne $nullString) - { - $DefaultTimeOutexistst = $true - } + { + $DefaultTimeOutexistst = $true + } $ApplicationPolicies = @() if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Azure AD Activity Based Timeout Policy with DisplayName {$DisplayName}" - if($AzurePortalTimeOutexist) + if ($AzurePortalTimeOutexist) { $ApplicationPolicies += @{ - ApplicationId = "c44b4083-3bb0-49c1-b47d-974e53cbdf3c" - WebSessionIdleTimeout = "$AzurePortalTimeOut" - } + ApplicationId = 'c44b4083-3bb0-49c1-b47d-974e53cbdf3c' + WebSessionIdleTimeout = "$AzurePortalTimeOut" + } } - if($DefaultTimeOutexistst) + if ($DefaultTimeOutexistst) { $ApplicationPolicies += @{ - ApplicationId = "default" + ApplicationId = 'default' WebSessionIdleTimeout = "$DefaultTimeOut" } } - if($null -eq $ApplicationPolicies) + if ($null -eq $ApplicationPolicies) { - throw "At least one of the parameters AzurePortalTimeOut or DefaultTimeOut must be specified" + throw 'At least one of the parameters AzurePortalTimeOut or DefaultTimeOut must be specified' } - elseif($AzurePortalTimeOutexist -or $DefaultTimeOutexistst) { + elseif ($AzurePortalTimeOutexist -or $DefaultTimeOutexistst) + { $policy = @{ ActivityBasedTimeoutPolicy = @{ - Version = 1 + Version = 1 ApplicationPolicies = @( $ApplicationPolicies ) @@ -239,10 +240,10 @@ function Set-TargetResource $json = $policy | ConvertTo-Json -Depth 10 -Compress $params = @{ - definition = @( + definition = @( "$json" ) - displayName = "displayName-value" + displayName = 'displayName-value' isOrganizationDefault = $true } @@ -252,28 +253,29 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Creating an Azure AD Activity Based Timeout Policy with DisplayName {$DisplayName}" - if($AzurePortalTimeOutexist) + if ($AzurePortalTimeOutexist) { $ApplicationPolicies += @{ - ApplicationId = "c44b4083-3bb0-49c1-b47d-974e53cbdf3c" - WebSessionIdleTimeout = "$AzurePortalTimeOut" - } + ApplicationId = 'c44b4083-3bb0-49c1-b47d-974e53cbdf3c' + WebSessionIdleTimeout = "$AzurePortalTimeOut" + } } - if($DefaultTimeOutexistst) + if ($DefaultTimeOutexistst) { $ApplicationPolicies += @{ - ApplicationId = "default" + ApplicationId = 'default' WebSessionIdleTimeout = "$DefaultTimeOut" } } - if($null -eq $ApplicationPolicies) + if ($null -eq $ApplicationPolicies) { - throw "At least one of the parameters AzurePortalTimeOut or DefaultTimeOut must be specified" + throw 'At least one of the parameters AzurePortalTimeOut or DefaultTimeOut must be specified' } - elseif($AzurePortalTimeOutexist -or $DefaultTimeOutexistst) { + elseif ($AzurePortalTimeOutexist -or $DefaultTimeOutexistst) + { $policy = @{ ActivityBasedTimeoutPolicy = @{ - Version = 1 + Version = 1 ApplicationPolicies = @( $ApplicationPolicies ) @@ -282,10 +284,10 @@ function Set-TargetResource $json = $policy | ConvertTo-Json -Depth 10 -Compress $params = @{ - definition = @( + definition = @( "$json" ) - displayName = "displayName-value" + displayName = 'displayName-value' isOrganizationDefault = $true } @@ -501,14 +503,14 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - DisplayName = $config.displayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + DisplayName = $config.displayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent + Managedidentity = $ManagedIdentity.IsPresent } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdminConsentRequestPolicy/MSFT_AADAdminConsentRequestPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdminConsentRequestPolicy/MSFT_AADAdminConsentRequestPolicy.psm1 index 88b9e6c5f6..3aa77cfbdb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdminConsentRequestPolicy/MSFT_AADAdminConsentRequestPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdminConsentRequestPolicy/MSFT_AADAdminConsentRequestPolicy.psm1 @@ -117,7 +117,7 @@ function Get-TargetResource } elseif ($reviewer.Query.Contains('directory/roleAssignments?$')) { - $roleId = $reviewer.Query.Replace("/beta/roleManagement/directory/roleAssignments?`$filter=roleDefinitionId eq ", "").Replace("'", '') + $roleId = $reviewer.Query.Replace("/beta/roleManagement/directory/roleAssignments?`$filter=roleDefinitionId eq ", '').Replace("'", '') $roleInfo = Get-MgBetaRoleManagementDirectoryRoleDefinition -UnifiedRoleDefinitionId $roleId $entry = @{ ReviewerType = 'Role' @@ -274,8 +274,8 @@ function Set-TargetResource Write-Verbose -Message "Updating the Entra Id Admin Consent Request Policy with values: $updateJSON" $Uri = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/policies/adminConsentRequestPolicy' Invoke-MgGraphRequest -Method 'PUT' ` - -Uri $Uri ` - -Body $updateJSON | Out-Null + -Uri $Uri ` + -Body $updateJSON | Out-Null } function Test-TargetResource @@ -358,7 +358,7 @@ function Test-TargetResource $testResult = $true foreach ($reviewer in $Reviewers) { - $currentEquivalent = $CurrentValues.Reviewers | Where-Object -FilterScript {$_.ReviewerId -eq $reviewer.ReviewerId -and $_.ReviewerType -eq $reviewer.ReviewerType} + $currentEquivalent = $CurrentValues.Reviewers | Where-Object -FilterScript { $_.ReviewerId -eq $reviewer.ReviewerId -and $_.ReviewerType -eq $reviewer.ReviewerType } if ($null -eq $currentEquivalent) { $testResult = $false @@ -482,7 +482,7 @@ function Export-TargetResource if ($Results.Reviewers) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Reviewers" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Reviewers' -IsCIMArray:$true } $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdministrativeUnit/MSFT_AADAdministrativeUnit.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdministrativeUnit/MSFT_AADAdministrativeUnit.psm1 index 0685ca72c5..184a4d6c9c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdministrativeUnit/MSFT_AADAdministrativeUnit.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdministrativeUnit/MSFT_AADAdministrativeUnit.psm1 @@ -92,8 +92,8 @@ function Get-TargetResource Write-Verbose -Message ($_) } - #Ensure the proper dependencies are installed in the current environment. - Confirm-M365DSCDependencies + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies #region Telemetry $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') @@ -114,7 +114,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $getValue = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $getValue = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } else { @@ -129,7 +129,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $getValue = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $getValue = $Script:exportedInstances | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } else { @@ -1020,17 +1020,17 @@ function Export-TargetResource ErrorAction = 'Stop' } $queryTypes = @{ - 'eq' = @('description') - 'startsWith' = @('description') - 'eq null' = @( - 'description', - 'displayName' - ) + 'eq' = @('description') + 'startsWith' = @('description') + 'eq null' = @( + 'description', + 'displayName' + ) } #extract arguments from the query # Define the regex pattern to match all words in the query - $pattern = "([^\s,()]+)" + $pattern = '([^\s,()]+)' $query = $Filter # Match all words in the query @@ -1038,16 +1038,18 @@ function Export-TargetResource # Extract the matched argument into an array $arguments = @() - foreach ($match in $matches) { - $arguments += $match.Value + foreach ($match in $matches) + { + $arguments += $match.Value } #extracting keys to check vs arguments in the filter $Keys = $queryTypes.Keys $matchedKey = $arguments | Where-Object { $_ -in $Keys } - $matchedProperty = $arguments | Where-Object { $_ -in $queryTypes[$matchedKey]} - if ($matchedProperty -and $matchedKey) { + $matchedProperty = $arguments | Where-Object { $_ -in $queryTypes[$matchedKey] } + if ($matchedProperty -and $matchedKey) + { $allConditionsMatched = $true } @@ -1055,7 +1057,7 @@ function Export-TargetResource if ($allConditionsMatched -or $Filter -like '*endsWith*') { $ExportParameters.Add('CountVariable', 'count') - $ExportParameters.Add('headers', @{"ConsistencyLevel" = "Eventual"}) + $ExportParameters.Add('headers', @{'ConsistencyLevel' = 'Eventual' }) } [array] $Script:exportedInstances = Get-MgBetaDirectoryAdministrativeUnit @ExportParameters @@ -1145,9 +1147,9 @@ function Export-TargetResource if ($null -ne $Results.Members) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Members' -IsCIMArray $true - $currentDSCBlock = $currentDSCBlock.Replace("`",`"`r`n", "") + $currentDSCBlock = $currentDSCBlock.Replace("`",`"`r`n", '') $currentDSCBlock = $currentDSCBlock.Replace(",`r`n", '').Replace("`");`r`n", ");`r`n") - $currentDSCBlock = $currentDSCBlock.Replace("Members = @(`"", "Members = @(") + $currentDSCBlock = $currentDSCBlock.Replace("Members = @(`"", 'Members = @(') $currentDSCBlock = $currentDSCBlock.Replace("`$OrganizationName'", "' + `$OrganizationName") } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADApplication/MSFT_AADApplication.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADApplication/MSFT_AADApplication.psm1 index 69b7f58fa4..f60e307747 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADApplication/MSFT_AADApplication.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADApplication/MSFT_AADApplication.psm1 @@ -157,7 +157,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $AADApp = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $AppId} + $AADApp = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $AppId } } else { @@ -176,7 +176,7 @@ function Get-TargetResource if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $AADApp = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $AADApp = $Script:exportedInstances | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } else { @@ -196,8 +196,8 @@ function Get-TargetResource { Write-Verbose -Message 'An instance of Azure AD App was retrieved.' - $AADBetaApp= Get-MgBetaApplication -Property "id,displayName,appId,authenticationBehaviors,additionalProperties" -ApplicationId $AADApp.Id -ErrorAction SilentlyContinue - $AADAppKeyCredentials = Get-MgBetaApplication -Property "keyCredentials" -ApplicationId $AADApp.Id -ErrorAction SilentlyContinue + $AADBetaApp = Get-MgBetaApplication -Property 'id,displayName,appId,authenticationBehaviors,additionalProperties' -ApplicationId $AADApp.Id -ErrorAction SilentlyContinue + $AADAppKeyCredentials = Get-MgBetaApplication -Property 'keyCredentials' -ApplicationId $AADApp.Id -ErrorAction SilentlyContinue $complexAuthenticationBehaviors = @{} if ($null -ne $AADBetaApp.authenticationBehaviors.blockAzureADGraphAccess) @@ -212,7 +212,7 @@ function Get-TargetResource { $complexAuthenticationBehaviors.Add('RequireClientServicePrincipal', $AADBetaApp.authenticationBehaviors.requireClientServicePrincipal) } - if ($complexAuthenticationBehaviors.values.Where({$null -ne $_}).Count -eq 0) + if ($complexAuthenticationBehaviors.values.Where({ $null -ne $_ }).Count -eq 0) { $complexAuthenticationBehaviors = $null } @@ -225,12 +225,12 @@ function Get-TargetResource $myAccessToken.Add('Essential', $currentAccessToken.essential) $myAccessToken.Add('Name', $currentAccessToken.name) $myAccessToken.Add('Source', $currentAccessToken.source) - if ($myAccessToken.values.Where({$null -ne $_}).Count -gt 0) + if ($myAccessToken.values.Where({ $null -ne $_ }).Count -gt 0) { $complexAccessToken += $myAccessToken } } - $complexOptionalClaims.Add('AccessToken',$complexAccessToken) + $complexOptionalClaims.Add('AccessToken', $complexAccessToken) $complexIdToken = @() foreach ($currentIdToken in $AADApp.optionalClaims.idToken) { @@ -238,12 +238,12 @@ function Get-TargetResource $myIdToken.Add('Essential', $currentIdToken.essential) $myIdToken.Add('Name', $currentIdToken.name) $myIdToken.Add('Source', $currentIdToken.source) - if ($myIdToken.values.Where({$null -ne $_}).Count -gt 0) + if ($myIdToken.values.Where({ $null -ne $_ }).Count -gt 0) { $complexIdToken += $myIdToken } } - $complexOptionalClaims.Add('IdToken',$complexIdToken) + $complexOptionalClaims.Add('IdToken', $complexIdToken) $complexSaml2Token = @() foreach ($currentSaml2Token in $AADApp.optionalClaims.saml2Token) { @@ -251,13 +251,13 @@ function Get-TargetResource $mySaml2Token.Add('Essential', $currentSaml2Token.essential) $mySaml2Token.Add('Name', $currentSaml2Token.name) $mySaml2Token.Add('Source', $currentSaml2Token.source) - if ($mySaml2Token.values.Where({$null -ne $_}).Count -gt 0) + if ($mySaml2Token.values.Where({ $null -ne $_ }).Count -gt 0) { $complexSaml2Token += $mySaml2Token } } - $complexOptionalClaims.Add('Saml2Token',$complexSaml2Token) - if ($complexOptionalClaims.values.Where({$null -ne $_}).Count -eq 0) + $complexOptionalClaims.Add('Saml2Token', $complexSaml2Token) + if ($complexOptionalClaims.values.Where({ $null -ne $_ }).Count -eq 0) { $complexOptionalClaims = $null } @@ -270,13 +270,13 @@ function Get-TargetResource $myPreAuthorizedApplications = @{} $myPreAuthorizedApplications.Add('AppId', $currentPreAuthorizedApplications.appId) $myPreAuthorizedApplications.Add('PermissionIds', $currentPreAuthorizedApplications.permissionIds) - if ($myPreAuthorizedApplications.values.Where({$null -ne $_}).Count -gt 0) + if ($myPreAuthorizedApplications.values.Where({ $null -ne $_ }).Count -gt 0) { $complexPreAuthorizedApplications += $myPreAuthorizedApplications } } - $complexApi.Add('PreAuthorizedApplications',$complexPreAuthorizedApplications) - if ($complexApi.values.Where({$null -ne $_}).Count -eq 0) + $complexApi.Add('PreAuthorizedApplications', $complexPreAuthorizedApplications) + if ($complexApi.values.Where({ $null -ne $_ }).Count -eq 0) { $complexApi = $null } @@ -285,7 +285,7 @@ function Get-TargetResource foreach ($currentkeyCredentials in $AADAppKeyCredentials.keyCredentials) { $mykeyCredentials = @{} - if($null -ne $currentkeyCredentials.customKeyIdentifier) + if ($null -ne $currentkeyCredentials.customKeyIdentifier) { $mykeyCredentials.Add('CustomKeyIdentifier', [convert]::ToBase64String($currentkeyCredentials.customKeyIdentifier)) } @@ -297,7 +297,7 @@ function Get-TargetResource $mykeyCredentials.Add('KeyId', $currentkeyCredentials.keyId) - if($null -ne $currentkeyCredentials.Key) + if ($null -ne $currentkeyCredentials.Key) { $mykeyCredentials.Add('Key', [convert]::ToBase64String($currentkeyCredentials.key)) } @@ -308,7 +308,7 @@ function Get-TargetResource } $mykeyCredentials.Add('Type', $currentkeyCredentials.type) $mykeyCredentials.Add('Usage', $currentkeyCredentials.usage) - if ($mykeyCredentials.values.Where({$null -ne $_}).Count -gt 0) + if ($mykeyCredentials.values.Where({ $null -ne $_ }).Count -gt 0) { $complexKeyCredentials += $mykeyCredentials } @@ -329,7 +329,7 @@ function Get-TargetResource { $mypasswordCredentials.Add('StartDateTime', ([DateTimeOffset]$currentpasswordCredentials.startDateTime).ToString('o')) } - if ($mypasswordCredentials.values.Where({$null -ne $_}).Count -gt 0) + if ($mypasswordCredentials.values.Where({ $null -ne $_ }).Count -gt 0) { $complexPasswordCredentials += $mypasswordCredentials } @@ -346,7 +346,7 @@ function Get-TargetResource $myappRoles.Add('IsEnabled', $currentappRoles.isEnabled) $myappRoles.Add('Origin', $currentappRoles.origin) $myappRoles.Add('Value', $currentappRoles.value) - if ($myappRoles.values.Where({$null -ne $_}).Count -gt 0) + if ($myappRoles.values.Where({ $null -ne $_ }).Count -gt 0) { $complexAppRoles += $myappRoles } @@ -393,8 +393,8 @@ function Get-TargetResource { $Uri = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/applications/$($AADBetaApp.Id)/onPremisesPublishing" $oppInfo = Invoke-MgGraphRequest -Method GET ` - -Uri $Uri ` - -ErrorAction SilentlyContinue + -Uri $Uri ` + -ErrorAction SilentlyContinue } catch { @@ -451,7 +451,7 @@ function Get-TargetResource kerberosServicePrincipalName = $oppInfo.singleSignOnSettings.kerberosSignOnSettings.kerberosServicePrincipalName kerberosSignOnMappingAttributeType = $oppInfo.singleSignOnSettings.kerberosSignOnSettings.kerberosSignOnMappingAttributeType } - singleSignOnMode = $oppInfo.singleSignOnSettings.singleSignOnMode + singleSignOnMode = $oppInfo.singleSignOnSettings.singleSignOnMode } $onPremisesPublishingValue.Add('singleSignOnSettings', $singleSignOnValues) } @@ -722,7 +722,7 @@ function Set-TargetResource $currentParameters.Remove('PasswordCredentials') | Out-Null if ($PasswordCredentials) { - Write-Warning -Message "PasswordCredentials is a readonly property and cannot be configured." + Write-Warning -Message 'PasswordCredentials is a readonly property and cannot be configured.' } @@ -825,13 +825,13 @@ function Set-TargetResource # Create from Template $createdFromTemplate = $false if ($Ensure -eq 'Present' -and $currentAADApp.Ensure -eq 'Absent' -and -not $skipToUpdate -and ` - -not [System.String]::IsNullOrEmpty($ApplicationTemplateId) -and ` - $ApplicationTemplateId -ne '8adf8e6e-67b2-4cf2-a259-e3dc5476c621') + -not [System.String]::IsNullOrEmpty($ApplicationTemplateId) -and ` + $ApplicationTemplateId -ne '8adf8e6e-67b2-4cf2-a259-e3dc5476c621') { $skipToUpdate = $true Write-Verbose -Message "Creating application {$DisplayName} from Application Template {$ApplicationTemplateId}" $newApp = Invoke-MgBetaInstantiateApplicationTemplate -DisplayName $DisplayName ` - -ApplicationTemplateId $ApplicationTemplateId + -ApplicationTemplateId $ApplicationTemplateId $currentAADApp = @{ AppId = $newApp.Application.AppId Id = $newApp.Application.AppId @@ -999,7 +999,7 @@ function Set-TargetResource if ($null -eq $scope) { $ObjectGuid = [System.Guid]::empty - if ([System.Guid]::TryParse($permission.Name,[System.Management.Automation.PSReference]$ObjectGuid)) + if ([System.Guid]::TryParse($permission.Name, [System.Management.Automation.PSReference]$ObjectGuid)) { $scopeId = $permission.Name } @@ -1022,7 +1022,7 @@ function Set-TargetResource if ($null -eq $role) { $ObjectGuid = [System.Guid]::empty - if ([System.Guid]::TryParse($permission.Name,[System.Management.Automation.PSReference]$ObjectGuid)) + if ([System.Guid]::TryParse($permission.Name, [System.Management.Automation.PSReference]$ObjectGuid)) { $roleId = $permission.Name } @@ -1052,31 +1052,31 @@ function Set-TargetResource -RequiredResourceAccess $allRequiredAccess | Out-Null } - if($needToUpdateAuthenticationBehaviors -and $AuthenticationBehaviors) + if ($needToUpdateAuthenticationBehaviors -and $AuthenticationBehaviors) { Write-Verbose -Message "Updating for Azure AD Application {$($currentAADApp.DisplayName)} with AuthenticationBehaviors:`r`n$($AuthenticationBehaviors| Out-String)" Write-Verbose -Message "Current App Id: $($currentAADApp.AppId)" $IAuthenticationBehaviors = @{ - blockAzureADGraphAccess = $AuthenticationBehaviors.blockAzureADGraphAccess - removeUnverifiedEmailClaim = $AuthenticationBehaviors.removeUnverifiedEmailClaim + blockAzureADGraphAccess = $AuthenticationBehaviors.blockAzureADGraphAccess + removeUnverifiedEmailClaim = $AuthenticationBehaviors.removeUnverifiedEmailClaim requireClientServicePrincipal = $AuthenticationBehaviors.requireClientServicePrincipal } Update-MgBetaApplication -ApplicationId $currentAADApp.Id -AuthenticationBehaviors $IAuthenticationBehaviors | Out-Null } - if($needToUpdateKeyCredentials -and $KeyCredentials) + if ($needToUpdateKeyCredentials -and $KeyCredentials) { Write-Verbose -Message "Updating for Azure AD Application {$($currentAADApp.DisplayName)} with KeyCredentials:`r`n$($KeyCredentials| Out-String)" - if((currentAADApp.KeyCredentials.Length -eq 0 -and $KeyCredentials.Length -eq 1) -or (currentAADApp.KeyCredentials.Length -eq 1 -and $KeyCredentials.Length -eq 0)) + if ((currentAADApp.KeyCredentials.Length -eq 0 -and $KeyCredentials.Length -eq 1) -or (currentAADApp.KeyCredentials.Length -eq 1 -and $KeyCredentials.Length -eq 0)) { Update-MgApplication -ApplicationId $currentAADApp.Id -KeyCredentials $KeyCredentials | Out-Null } else { - Write-Warning -Message "KeyCredentials cannot be updated for AAD Applications with more than one KeyCredentials due to technical limitation of Update-MgApplication Cmdlet. Learn more at: https://learn.microsoft.com/en-us/graph/api/application-addkey" + Write-Warning -Message 'KeyCredentials cannot be updated for AAD Applications with more than one KeyCredentials due to technical limitation of Update-MgApplication Cmdlet. Learn more at: https://learn.microsoft.com/en-us/graph/api/application-addkey' } } @@ -1132,7 +1132,7 @@ function Set-TargetResource kerberosServicePrincipalName = $oppInfo.singleSignOnSettings.kerberosSignOnSettings.kerberosServicePrincipalName kerberosSignOnMappingAttributeType = $oppInfo.singleSignOnSettings.kerberosSignOnSettings.kerberosSignOnMappingAttributeType } - singleSignOnMode = $oppInfo.singleSignOnSettings.singleSignOnMode + singleSignOnMode = $oppInfo.singleSignOnSettings.singleSignOnMode } if ($null -eq $singleSignOnValues.kerberosSignOnSettings.kerberosServicePrincipalName) { @@ -1145,8 +1145,8 @@ function Set-TargetResource $Uri = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/applications/$($currentAADApp.Id)/onPremisesPublishing" Invoke-MgGraphRequest -Method 'PATCH' ` - -Uri $Uri ` - -Body $onPremisesPayload + -Uri $Uri ` + -Body $onPremisesPayload } #endregion } @@ -1353,7 +1353,8 @@ function Test-TargetResource Write-Verbose "TestResult returned False for $source" $testTargetResource = $false } - else { + else + { $ValuesToCheck.Remove($key) | Out-Null } } @@ -1367,12 +1368,12 @@ function Test-TargetResource $ValuesToCheck.Remove('Permissions') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys ` - -IncludedDrifts $driftedParams + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys ` + -IncludedDrifts $driftedParams - if(-not $TestResult) + if (-not $TestResult) { $testTargetResource = $false } @@ -1481,20 +1482,20 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'Api' + Name = 'Api' CimInstanceName = 'MicrosoftGraphApiApplication' - IsRequired = $False + IsRequired = $False } @{ - Name = 'PreAuthorizedApplications' + Name = 'PreAuthorizedApplications' CimInstanceName = 'MicrosoftGraphPreAuthorizedApplication' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.Api ` - -CIMInstanceName 'MicrosoftGraphapiApplication' ` - -ComplexTypeMapping $complexMapping + -ComplexObject $Results.Api ` + -CIMInstanceName 'MicrosoftGraphapiApplication' ` + -ComplexTypeMapping $complexMapping if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { @@ -1509,8 +1510,8 @@ function Export-TargetResource if ($null -ne $Results.AuthenticationBehaviors) { $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.AuthenticationBehaviors ` - -CIMInstanceName 'MicrosoftGraphauthenticationBehaviors' + -ComplexObject $Results.AuthenticationBehaviors ` + -CIMInstanceName 'MicrosoftGraphauthenticationBehaviors' if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { $Results.AuthenticationBehaviors = $complexTypeStringResult @@ -1525,24 +1526,24 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'singleSignOnSettings' + Name = 'singleSignOnSettings' CimInstanceName = 'AADApplicationOnPremisesPublishingSingleSignOnSetting' - IsRequired = $False + IsRequired = $False }, @{ - Name = 'onPremisesApplicationSegments' + Name = 'onPremisesApplicationSegments' CimInstanceName = 'AADApplicationOnPremisesPublishingSegment' - IsRequired = $False + IsRequired = $False }, @{ - Name = 'kerberosSignOnSettings' + Name = 'kerberosSignOnSettings' CimInstanceName = 'AADApplicationOnPremisesPublishingSingleSignOnSettingKerberos' - IsRequired = $False + IsRequired = $False }, @{ - Name = 'corsConfigurations' + Name = 'corsConfigurations' CimInstanceName = 'AADApplicationOnPremisesPublishingSegmentCORS' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -1567,30 +1568,30 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'OptionalClaims' + Name = 'OptionalClaims' CimInstanceName = 'MicrosoftGraphOptionalClaims' - IsRequired = $False + IsRequired = $False } @{ - Name = 'AccessToken' + Name = 'AccessToken' CimInstanceName = 'MicrosoftGraphOptionalClaim' - IsRequired = $False + IsRequired = $False } @{ - Name = 'IdToken' + Name = 'IdToken' CimInstanceName = 'MicrosoftGraphOptionalClaim' - IsRequired = $False + IsRequired = $False } @{ - Name = 'Saml2Token' + Name = 'Saml2Token' CimInstanceName = 'MicrosoftGraphOptionalClaim' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.OptionalClaims ` - -CIMInstanceName 'MicrosoftGraphoptionalClaims' ` - -ComplexTypeMapping $complexMapping + -ComplexObject $Results.OptionalClaims ` + -CIMInstanceName 'MicrosoftGraphoptionalClaims' ` + -ComplexTypeMapping $complexMapping if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { @@ -1606,8 +1607,8 @@ function Export-TargetResource if ($null -ne $Results.KeyCredentials) { $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.KeyCredentials ` - -CIMInstanceName 'MicrosoftGraphkeyCredential' + -ComplexObject $Results.KeyCredentials ` + -CIMInstanceName 'MicrosoftGraphkeyCredential' if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { $Results.KeyCredentials = $complexTypeStringResult @@ -1621,8 +1622,8 @@ function Export-TargetResource if ($null -ne $Results.PasswordCredentials) { $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.PasswordCredentials ` - -CIMInstanceName 'MicrosoftGraphpasswordCredential' + -ComplexObject $Results.PasswordCredentials ` + -CIMInstanceName 'MicrosoftGraphpasswordCredential' if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { $Results.PasswordCredentials = $complexTypeStringResult @@ -1636,8 +1637,8 @@ function Export-TargetResource if ($null -ne $Results.AppRoles) { $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.AppRoles ` - -CIMInstanceName 'MicrosoftGraphappRole' + -ComplexObject $Results.AppRoles ` + -CIMInstanceName 'MicrosoftGraphappRole' if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { $Results.AppRoles = $complexTypeStringResult @@ -1656,7 +1657,7 @@ function Export-TargetResource if ($Results.Api) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Api" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Api' -IsCIMArray:$False } if ($null -ne $Results.Permissions) @@ -1666,30 +1667,30 @@ function Export-TargetResource } if ($Results.OptionalClaims) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "OptionalClaims" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'OptionalClaims' -IsCIMArray:$False } if ($Results.OnPremisesPublishing) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "OnPremisesPublishing" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'OnPremisesPublishing' -IsCIMArray:$False } if ($Results.AuthenticationBehaviors) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "AuthenticationBehaviors" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'AuthenticationBehaviors' -IsCIMArray:$False } if ($Results.KeyCredentials) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "KeyCredentials" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'KeyCredentials' -IsCIMArray:$True } if ($Results.PasswordCredentials) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "PasswordCredentials" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'PasswordCredentials' -IsCIMArray:$True } if ($Results.AppRoles) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "AppRoles" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'AppRoles' -IsCIMArray:$True } $dscContent.Append($currentDSCBlock) | Out-Null @@ -1701,7 +1702,7 @@ function Export-TargetResource } catch { - if ($_.Exception.Message -like "*Multiple AAD Apps with the Displayname*") + if ($_.Exception.Message -like '*Multiple AAD Apps with the Displayname*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle)" -NoNewline Write-Host " Multiple app instances wth name {$($AADApp.DisplayName)} were found. We will skip exporting these instances." @@ -1754,7 +1755,7 @@ function Get-M365DSCAzureADAppPermissions if ($null -eq $scopeInfo) { $ObjectGuid = [System.Guid]::empty - if ([System.Guid]::TryParse($resourceAccess.Id,[System.Management.Automation.PSReference]$ObjectGuid)) + if ([System.Guid]::TryParse($resourceAccess.Id, [System.Management.Automation.PSReference]$ObjectGuid)) { $scopeInfoValue = $resourceAccess.Id } @@ -1789,7 +1790,7 @@ function Get-M365DSCAzureADAppPermissions if ($null -eq $role) { $ObjectGuid = [System.Guid]::empty - if ([System.Guid]::TryParse($resourceAccess.Id,[System.Management.Automation.PSReference]$ObjectGuid)) + if ([System.Guid]::TryParse($resourceAccess.Id, [System.Management.Automation.PSReference]$ObjectGuid)) { $roleValue = $resourceAccess.Id } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAttributeSet/MSFT_AADAttributeSet.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAttributeSet/MSFT_AADAttributeSet.psm1 index ee160a0fba..759be2e842 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAttributeSet/MSFT_AADAttributeSet.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAttributeSet/MSFT_AADAttributeSet.psm1 @@ -13,7 +13,7 @@ function Get-TargetResource $Description, [Parameter()] - [ValidateRange(1,500)] + [ValidateRange(1, 500)] [System.Int32] $MaxAttributesPerSet = $null, @@ -74,8 +74,8 @@ function Get-TargetResource $getValue = $null $getValue = Get-MgBetaDirectoryAttributeSet ` - -AttributeSetId $Id ` - -ErrorAction SilentlyContinue + -AttributeSetId $Id ` + -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -126,7 +126,7 @@ function Set-TargetResource $Description, [Parameter()] - [ValidateRange(1,500)] + [ValidateRange(1, 500)] [System.Int32] $MaxAttributesPerSet = $null, @@ -208,7 +208,7 @@ function Test-TargetResource $Description, [Parameter()] - [ValidateRange(1,500)] + [ValidateRange(1, 500)] [System.Int32] $MaxAttributesPerSet = $null, @@ -381,7 +381,7 @@ function Export-TargetResource } catch { - if ($_.ErrorDetails.Message -like "*Insufficient privileges*") + if ($_.ErrorDetails.Message -like '*Insufficient privileges*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) Insufficient permissions or license to export Attribute Sets." } @@ -389,10 +389,10 @@ function Export-TargetResource { Write-Host $Global:M365DSCEmojiRedX New-M365DSCLogEntry -Message 'Error during Export:' ` - -Exception $_ ` - -Source $($MyInvocation.MyCommand.Source) ` - -TenantId $TenantId ` - -Credential $Credential + -Exception $_ ` + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential } return '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAttributeSet/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAttributeSet/settings.json index 227706211e..e43f48ff9b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAttributeSet/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAttributeSet/settings.json @@ -12,10 +12,8 @@ "permissions": { "graph": { "delegated": { - "read": [ - ], - "update": [ - ] + "read": [], + "update": [] }, "application": { "read": [ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationContextClassReference/MSFT_AADAuthenticationContextClassReference.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationContextClassReference/MSFT_AADAuthenticationContextClassReference.psm1 index 3044c0388e..d889676bfd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationContextClassReference/MSFT_AADAuthenticationContextClassReference.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationContextClassReference/MSFT_AADAuthenticationContextClassReference.psm1 @@ -79,8 +79,8 @@ function Get-TargetResource $getValue = $null $getValue = Get-MgBetaIdentityConditionalAccessAuthenticationContextClassReference ` - -AuthenticationContextClassReferenceId $Id ` - -ErrorAction SilentlyContinue + -AuthenticationContextClassReferenceId $Id ` + -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -370,7 +370,7 @@ function Export-TargetResource $Global:M365DSCExportResourceInstancesCount++ } - $displayedKey = $config.Id + " - " + $config.DisplayName + $displayedKey = $config.Id + ' - ' + $config.DisplayName Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationContextClassReference/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationContextClassReference/settings.json index 60045eb8e5..0e333901c3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationContextClassReference/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationContextClassReference/settings.json @@ -12,10 +12,8 @@ "permissions": { "graph": { "delegated": { - "read": [ - ], - "update": [ - ] + "read": [], + "update": [] }, "application": { "read": [ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationFlowPolicy/MSFT_AADAuthenticationFlowPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationFlowPolicy/MSFT_AADAuthenticationFlowPolicy.psm1 index d9ff57506c..e6587bf8fc 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationFlowPolicy/MSFT_AADAuthenticationFlowPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationFlowPolicy/MSFT_AADAuthenticationFlowPolicy.psm1 @@ -338,14 +338,14 @@ function Export-TargetResource } $Params = @{ - IsSingleInstance = 'Yes' - Credential = $Credential - ApplicationId = $ApplicationId - ApplicationSecret = $ApplicationSecret - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + IsSingleInstance = 'Yes' + Credential = $Credential + ApplicationId = $ApplicationId + ApplicationSecret = $ApplicationSecret + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicy/MSFT_AADAuthenticationMethodPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicy/MSFT_AADAuthenticationMethodPolicy.psm1 index f67f0d12f3..be5b8e6c1a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicy/MSFT_AADAuthenticationMethodPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicy/MSFT_AADAuthenticationMethodPolicy.psm1 @@ -14,7 +14,7 @@ function Get-TargetResource $DisplayName, [Parameter()] - [ValidateSet('preMigration','migrationInProgress','migrationComplete','unknownFutureValue')] + [ValidateSet('preMigration', 'migrationInProgress', 'migrationComplete', 'unknownFutureValue')] [System.String] $PolicyMigrationState, @@ -114,8 +114,8 @@ function Get-TargetResource -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` $_.DisplayName -eq "$($DisplayName)" ` - -and $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.AuthenticationMethodsPolicy" ` - } + -and $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.AuthenticationMethodsPolicy' ` + } } } #endregion @@ -139,12 +139,12 @@ function Get-TargetResource { $myExcludeTargets.Add('TargetType', $currentExcludeTargets.targetType.toString()) } - if ($myExcludeTargets.values.Where({$null -ne $_}).count -gt 0) + if ($myExcludeTargets.values.Where({ $null -ne $_ }).count -gt 0) { $complexExcludeTargets += $myExcludeTargets } } - $complexAuthenticationMethodsRegistrationCampaign.Add('ExcludeTargets',$complexExcludeTargets) + $complexAuthenticationMethodsRegistrationCampaign.Add('ExcludeTargets', $complexExcludeTargets) $complexIncludeTargets = @() foreach ($currentIncludeTargets in $getValue.registrationEnforcement.authenticationMethodsRegistrationCampaign.includeTargets) { @@ -155,23 +155,23 @@ function Get-TargetResource { $myIncludeTargets.Add('TargetType', $currentIncludeTargets.targetType.toString()) } - if ($myIncludeTargets.values.Where({$null -ne $_}).count -gt 0) + if ($myIncludeTargets.values.Where({ $null -ne $_ }).count -gt 0) { $complexIncludeTargets += $myIncludeTargets } } - $complexAuthenticationMethodsRegistrationCampaign.Add('IncludeTargets',$complexIncludeTargets) + $complexAuthenticationMethodsRegistrationCampaign.Add('IncludeTargets', $complexIncludeTargets) $complexAuthenticationMethodsRegistrationCampaign.Add('SnoozeDurationInDays', $getValue.registrationEnforcement.authenticationMethodsRegistrationCampaign.snoozeDurationInDays) if ($null -ne $getValue.registrationEnforcement.authenticationMethodsRegistrationCampaign.state) { $complexAuthenticationMethodsRegistrationCampaign.Add('State', $getValue.registrationEnforcement.authenticationMethodsRegistrationCampaign.state.toString()) } - if ($complexAuthenticationMethodsRegistrationCampaign.values.Where({$null -ne $_}).count -eq 0) + if ($complexAuthenticationMethodsRegistrationCampaign.values.Where({ $null -ne $_ }).count -eq 0) { $complexAuthenticationMethodsRegistrationCampaign = $null } - $complexRegistrationEnforcement.Add('AuthenticationMethodsRegistrationCampaign',$complexAuthenticationMethodsRegistrationCampaign) - if ($complexRegistrationEnforcement.values.Where({$null -ne $_}).count -eq 0) + $complexRegistrationEnforcement.Add('AuthenticationMethodsRegistrationCampaign', $complexAuthenticationMethodsRegistrationCampaign) + if ($complexRegistrationEnforcement.values.Where({ $null -ne $_ }).count -eq 0) { $complexRegistrationEnforcement = $null } @@ -183,17 +183,17 @@ function Get-TargetResource { $newComplexIncludeTarget.Add('TargetType', $getValue.ReportSuspiciousActivitySettings.IncludeTarget.targetType.toString()) } - $complexReportSuspiciousActivitySettings.Add('IncludeTarget',$newComplexIncludeTarget) + $complexReportSuspiciousActivitySettings.Add('IncludeTarget', $newComplexIncludeTarget) if ($null -ne $getValue.ReportSuspiciousActivitySettings.state) { $complexReportSuspiciousActivitySettings.Add('State', $getValue.ReportSuspiciousActivitySettings.state.toString()) } - if($null -ne $getValue.ReportSuspiciousActivitySettings.VoiceReportingCode) + if ($null -ne $getValue.ReportSuspiciousActivitySettings.VoiceReportingCode) { $complexReportSuspiciousActivitySettings.Add('VoiceReportingCode', $getValue.ReportSuspiciousActivitySettings.VoiceReportingCode) } - if ($complexReportSuspiciousActivitySettings.values.Where({$null -ne $_}).count -eq 0) + if ($complexReportSuspiciousActivitySettings.values.Where({ $null -ne $_ }).count -eq 0) { $complexReportSuspiciousActivitySettings = $null } @@ -208,12 +208,12 @@ function Get-TargetResource { $myExcludeTargets.Add('TargetType', $currentExcludeTargets.targetType.toString()) } - if ($myExcludeTargets.values.Where({$null -ne $_}).count -gt 0) + if ($myExcludeTargets.values.Where({ $null -ne $_ }).count -gt 0) { $complexExcludeTargets += $myExcludeTargets } } - $complexSystemCredentialPreferences.Add('ExcludeTargets',$complexExcludeTargets) + $complexSystemCredentialPreferences.Add('ExcludeTargets', $complexExcludeTargets) $complexIncludeTargets = @() foreach ($currentIncludeTargets in $getValue.SystemCredentialPreferences.includeTargets) { @@ -223,17 +223,17 @@ function Get-TargetResource { $myIncludeTargets.Add('TargetType', $currentIncludeTargets.targetType.toString()) } - if ($myIncludeTargets.values.Where({$null -ne $_}).count -gt 0) + if ($myIncludeTargets.values.Where({ $null -ne $_ }).count -gt 0) { $complexIncludeTargets += $myIncludeTargets } } - $complexSystemCredentialPreferences.Add('IncludeTargets',$complexIncludeTargets) + $complexSystemCredentialPreferences.Add('IncludeTargets', $complexIncludeTargets) if ($null -ne $getValue.SystemCredentialPreferences.state) { $complexSystemCredentialPreferences.Add('State', $getValue.SystemCredentialPreferences.state.toString()) } - if ($complexSystemCredentialPreferences.values.Where({$null -ne $_}).count -eq 0) + if ($complexSystemCredentialPreferences.values.Where({ $null -ne $_ }).count -eq 0) { $complexSystemCredentialPreferences = $null } @@ -249,23 +249,23 @@ function Get-TargetResource $results = @{ #region resource generator code - Description = $getValue.Description - DisplayName = $getValue.DisplayName - PolicyMigrationState = $enumPolicyMigrationState - PolicyVersion = $getValue.PolicyVersion - ReconfirmationInDays = $getValue.ReconfirmationInDays - RegistrationEnforcement = $complexRegistrationEnforcement + Description = $getValue.Description + DisplayName = $getValue.DisplayName + PolicyMigrationState = $enumPolicyMigrationState + PolicyVersion = $getValue.PolicyVersion + ReconfirmationInDays = $getValue.ReconfirmationInDays + RegistrationEnforcement = $complexRegistrationEnforcement ReportSuspiciousActivitySettings = $complexReportSuspiciousActivitySettings - SystemCredentialPreferences = $complexSystemCredentialPreferences - Id = $getValue.Id - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + SystemCredentialPreferences = $complexSystemCredentialPreferences + Id = $getValue.Id + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens #endregion } @@ -298,7 +298,7 @@ function Set-TargetResource $DisplayName, [Parameter()] - [ValidateSet('preMigration','migrationInProgress','migrationComplete','unknownFutureValue')] + [ValidateSet('preMigration', 'migrationInProgress', 'migrationComplete', 'unknownFutureValue')] [System.String] $PolicyMigrationState, @@ -379,7 +379,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { - Write-Verbose -Message "Azure AD Authentication Method Policy instance cannot be created" + Write-Verbose -Message 'Azure AD Authentication Method Policy instance cannot be created' } elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { @@ -399,7 +399,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.AuthenticationMethodsPolicy") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.AuthenticationMethodsPolicy') Write-Verbose -Message "Updating AuthenticationMethodPolicy with: `r`n$(Convert-M365DscHashtableToString -Hashtable $UpdateParameters)" Update-MgBetaPolicyAuthenticationMethodPolicy -BodyParameter $UpdateParameters #endregion @@ -422,7 +422,7 @@ function Test-TargetResource $DisplayName, [Parameter()] - [ValidateSet('preMigration','migrationInProgress','migrationComplete','unknownFutureValue')] + [ValidateSet('preMigration', 'migrationInProgress', 'migrationComplete', 'unknownFutureValue')] [System.String] $PolicyMigrationState, @@ -603,7 +603,7 @@ function Export-TargetResource { #region resource generator code [array]$getValue = Get-MgBetaPolicyAuthenticationMethodPolicy ` - -ErrorAction Stop | Where-Object -FilterScript {$null -ne $_.DisplayName} + -ErrorAction Stop | Where-Object -FilterScript { $null -ne $_.DisplayName } #endregion $i = 1 @@ -631,7 +631,7 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ Id = $config.Id - DisplayName = $config.DisplayName + DisplayName = $config.DisplayName Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId @@ -649,24 +649,24 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'RegistrationEnforcement' + Name = 'RegistrationEnforcement' CimInstanceName = 'MicrosoftGraphRegistrationEnforcement' - IsRequired = $False + IsRequired = $False } @{ - Name = 'AuthenticationMethodsRegistrationCampaign' + Name = 'AuthenticationMethodsRegistrationCampaign' CimInstanceName = 'MicrosoftGraphAuthenticationMethodsRegistrationCampaign' - IsRequired = $False + IsRequired = $False } @{ - Name = 'ExcludeTargets' + Name = 'ExcludeTargets' CimInstanceName = 'MicrosoftGraphExcludeTarget' - IsRequired = $False + IsRequired = $False } @{ - Name = 'IncludeTargets' + Name = 'IncludeTargets' CimInstanceName = 'MicrosoftGraphAuthenticationMethodsRegistrationCampaignIncludeTarget' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -688,14 +688,14 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'ReportSuspiciousActivitySettings' + Name = 'ReportSuspiciousActivitySettings' CimInstanceName = 'MicrosoftGraphReportSuspiciousActivitySettings' - IsRequired = $False + IsRequired = $False } @{ - Name = 'IncludeTarget' + Name = 'IncludeTarget' CimInstanceName = 'AADAuthenticationMethodPolicyIncludeTarget' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -718,19 +718,19 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'SystemCredentialPreferences' + Name = 'SystemCredentialPreferences' CimInstanceName = 'MicrosoftGraphSystemCredentialPreferences' - IsRequired = $False + IsRequired = $False } @{ - Name = 'ExcludeTargets' + Name = 'ExcludeTargets' CimInstanceName = 'AADAuthenticationMethodPolicyExcludeTarget' - IsRequired = $False + IsRequired = $False } @{ - Name = 'IncludeTargets' + Name = 'IncludeTargets' CimInstanceName = 'AADAuthenticationMethodPolicyIncludeTarget' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -755,16 +755,16 @@ function Export-TargetResource -Credential $Credential if ($Results.RegistrationEnforcement) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "RegistrationEnforcement" -isCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'RegistrationEnforcement' -IsCIMArray:$False } if ($Results.SystemCredentialPreferences) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "SystemCredentialPreferences" -isCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'SystemCredentialPreferences' -IsCIMArray:$False } if ($Results.ReportSuspiciousActivitySettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "ReportSuspiciousActivitySettings" -isCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'ReportSuspiciousActivitySettings' -IsCIMArray:$False } $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyAuthenticator/MSFT_AADAuthenticationMethodPolicyAuthenticator.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyAuthenticator/MSFT_AADAuthenticationMethodPolicyAuthenticator.psm1 index 121463a947..f65651139d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyAuthenticator/MSFT_AADAuthenticationMethodPolicyAuthenticator.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyAuthenticator/MSFT_AADAuthenticationMethodPolicyAuthenticator.psm1 @@ -103,7 +103,7 @@ function Get-TargetResource #region resource generator code $complexFeatureSettings = @{} - Write-Verbose "Processing FeatureSettings > companionAppAllowedState > excludeTarget" + Write-Verbose 'Processing FeatureSettings > companionAppAllowedState > excludeTarget' $complexCompanionAppAllowedState = @{} $complexExcludeTarget = @{} if ($getValue.additionalProperties.featureSettings.companionAppAllowedState.excludeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000') @@ -146,7 +146,7 @@ function Get-TargetResource } $complexCompanionAppAllowedState.Add('ExcludeTarget', $complexExcludeTarget) - Write-Verbose "Processing FeatureSettings > companionAppAllowedState > includeTarget" + Write-Verbose 'Processing FeatureSettings > companionAppAllowedState > includeTarget' $complexIncludeTarget = @{} if ($getValue.additionalProperties.featureSettings.companionAppAllowedState.includeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000') { @@ -188,7 +188,7 @@ function Get-TargetResource } $complexCompanionAppAllowedState.Add('IncludeTarget', $complexIncludeTarget) - Write-Verbose "Processing FeatureSettings > companionAppAllowedState > state" + Write-Verbose 'Processing FeatureSettings > companionAppAllowedState > state' if ($null -ne $getValue.additionalProperties.featureSettings.companionAppAllowedState.state) { $complexCompanionAppAllowedState.Add('State', $getValue.additionalProperties.featureSettings.companionAppAllowedState.state.toString()) @@ -202,7 +202,7 @@ function Get-TargetResource $complexFeatureSettings.Add('CompanionAppAllowedState', $complexCompanionAppAllowedState) $complexDisplayAppInformationRequiredState = @{} - Write-Verbose "Processing FeatureSettings > displayAppInformationRequiredState > excludeTarget" + Write-Verbose 'Processing FeatureSettings > displayAppInformationRequiredState > excludeTarget' $complexExcludeTarget = @{} if ($getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.excludeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000') { @@ -243,7 +243,7 @@ function Get-TargetResource } $complexDisplayAppInformationRequiredState.Add('ExcludeTarget', $complexExcludeTarget) - Write-Verbose "Processing FeatureSettings > displayAppInformationRequiredState > includeTarget" + Write-Verbose 'Processing FeatureSettings > displayAppInformationRequiredState > includeTarget' $complexIncludeTarget = @{} if ($getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.includeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000') { @@ -285,7 +285,7 @@ function Get-TargetResource } $complexDisplayAppInformationRequiredState.Add('IncludeTarget', $complexIncludeTarget) - Write-Verbose "Processing FeatureSettings > displayAppInformationRequiredState > state" + Write-Verbose 'Processing FeatureSettings > displayAppInformationRequiredState > state' if ($null -ne $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.state) { $complexDisplayAppInformationRequiredState.Add('State', $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.state.toString()) @@ -298,7 +298,7 @@ function Get-TargetResource $complexFeatureSettings.Add('DisplayAppInformationRequiredState', $complexDisplayAppInformationRequiredState) - Write-Verbose "Processing FeatureSettings > displayLocationInformationRequiredState > excludeTarget" + Write-Verbose 'Processing FeatureSettings > displayLocationInformationRequiredState > excludeTarget' $complexDisplayLocationInformationRequiredState = @{} $complexExcludeTarget = @{} if ($getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.excludeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000') @@ -342,7 +342,7 @@ function Get-TargetResource $complexDisplayLocationInformationRequiredState.Add('ExcludeTarget', $complexExcludeTarget) - Write-Verbose "Processing FeatureSettings > displayLocationInformationRequiredState > includeTarget" + Write-Verbose 'Processing FeatureSettings > displayLocationInformationRequiredState > includeTarget' $complexIncludeTarget = @{} if ($getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.includeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000') { @@ -385,7 +385,7 @@ function Get-TargetResource $complexDisplayLocationInformationRequiredState.Add('IncludeTarget', $complexIncludeTarget) - Write-Verbose "Processing FeatureSettings > displayLocationInformationRequiredState > state" + Write-Verbose 'Processing FeatureSettings > displayLocationInformationRequiredState > state' if ($null -ne $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.state) { $complexDisplayLocationInformationRequiredState.Add('State', $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.state.toString()) @@ -592,64 +592,64 @@ function Set-TargetResource # replace group Displayname with group id if ($UpdateParameters.featureSettings.companionAppAllowedState.includeTarget.id -and ` - $UpdateParameters.featureSettings.companionAppAllowedState.includeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and + $UpdateParameters.featureSettings.companionAppAllowedState.includeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and $UpdateParameters.featureSettings.ContainsKey('companionAppAllowedState')) { Write-Verbose -Message 'Retrieving companionAppAllowedState include target' $Filter = "Displayname eq '$($UpdateParameters.featureSettings.companionAppAllowedState.includeTarget.id)'" | Out-String $groupid = (Get-MgGroup -Filter $Filter).id.ToString() - $UpdateParameters.featureSettings.companionAppAllowedState.includeTarget.foreach('id',$groupid) + $UpdateParameters.featureSettings.companionAppAllowedState.includeTarget.foreach('id', $groupid) } if ($UpdateParameters.featureSettings.companionAppAllowedState.excludeTarget.id -and ` - $UpdateParameters.featureSettings.companionAppAllowedState.excludeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and + $UpdateParameters.featureSettings.companionAppAllowedState.excludeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and $UpdateParameters.featureSettings.ContainsKey('companionAppAllowedState')) { Write-Verbose -Message 'Retrieving companionAppAllowedState include target' $Filter = "Displayname eq '$($UpdateParameters.featureSettings.companionAppAllowedState.excludeTarget.id)'" | Out-String $groupid = (Get-MgGroup -Filter $Filter).id.ToString() - $UpdateParameters.featureSettings.companionAppAllowedState.excludeTarget.foreach('id',$groupid) + $UpdateParameters.featureSettings.companionAppAllowedState.excludeTarget.foreach('id', $groupid) } if ($UpdateParameters.featureSettings.displayAppInformationRequiredState.includeTarget.id -and ` - $UpdateParameters.featureSettings.displayAppInformationRequiredState.includeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and + $UpdateParameters.featureSettings.displayAppInformationRequiredState.includeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and $UpdateParameters.featureSettings.ContainsKey('displayAppInformationRequiredState')) { Write-Verbose -Message 'Retrieving displayAppInformationRequiredState include target' $Filter = "Displayname eq '$($UpdateParameters.featureSettings.displayAppInformationRequiredState.includeTarget.id)'" | Out-String $groupid = (Get-MgGroup -Filter $Filter).id.ToString() - $UpdateParameters.featureSettings.displayAppInformationRequiredState.includeTarget.foreach('id',$groupid) + $UpdateParameters.featureSettings.displayAppInformationRequiredState.includeTarget.foreach('id', $groupid) } if ($UpdateParameters.featureSettings.displayAppInformationRequiredState.excludeTarget.id -and ` - $UpdateParameters.featureSettings.displayAppInformationRequiredState.excludeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and + $UpdateParameters.featureSettings.displayAppInformationRequiredState.excludeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and $UpdateParameters.featureSettings.ContainsKey('displayAppInformationRequiredState')) { Write-Verbose -Message 'Retrieving displayAppInformationRequiredState exclude target' $Filter = "Displayname eq '$($UpdateParameters.featureSettings.displayAppInformationRequiredState.excludeTarget.id)'" | Out-String $groupid = (Get-MgGroup -Filter $Filter).id.ToString() - $UpdateParameters.featureSettings.displayAppInformationRequiredState.excludeTarget.foreach('id',$groupid) + $UpdateParameters.featureSettings.displayAppInformationRequiredState.excludeTarget.foreach('id', $groupid) } if ($UpdateParameters.featureSettings.displayLocationInformationRequiredState.includeTarget.id -and ` - $UpdateParameters.featureSettings.displayLocationInformationRequiredState.includeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and + $UpdateParameters.featureSettings.displayLocationInformationRequiredState.includeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and $UpdateParameters.featureSettings.ContainsKey('displayLocationInformationRequiredState')) { Write-Verbose -Message 'Retrieving displayLocationInformationRequiredState include target' $Filter = "Displayname eq '$($UpdateParameters.featureSettings.displayLocationInformationRequiredState.includeTarget.id)'" | Out-String $groupid = (Get-MgGroup -Filter $Filter).id.ToString() - $UpdateParameters.featureSettings.displayLocationInformationRequiredState.includeTarget.foreach('id',$groupid) + $UpdateParameters.featureSettings.displayLocationInformationRequiredState.includeTarget.foreach('id', $groupid) } if ($UpdateParameters.featureSettings.displayLocationInformationRequiredState.excludeTarget.id -and ` - $UpdateParameters.featureSettings.displayLocationInformationRequiredState.excludeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and + $UpdateParameters.featureSettings.displayLocationInformationRequiredState.excludeTarget.id -notmatch '00000000-0000-0000-0000-000000000000|all_users' -and $UpdateParameters.featureSettings.ContainsKey('displayLocationInformationRequiredState')) { Write-Verbose -Message 'Retrieving displayLocationInformationRequiredState exclude target' $Filter = "Displayname eq '$($UpdateParameters.featureSettings.displayLocationInformationRequiredState.excludeTarget.id)'" | Out-String $groupid = (Get-MgGroup -Filter $Filter).id.ToString() - $UpdateParameters.featureSettings.displayLocationInformationRequiredState.excludeTarget.foreach('id',$groupid) + $UpdateParameters.featureSettings.displayLocationInformationRequiredState.excludeTarget.foreach('id', $groupid) } # DEPRECATED if ($UpdateParameters.featureSettings.ContainsKey('NumberMatchingRequiredState')) { - Write-Verbose -Message "The NumberMatchingRequiredState feature is deprecated and will be ignored. Please remove it from your configuration." + Write-Verbose -Message 'The NumberMatchingRequiredState feature is deprecated and will be ignored. Please remove it from your configuration.' $UpdateParameters.featureSettings.Remove('NumberMatchingRequiredState') } @@ -885,7 +885,7 @@ function Export-TargetResource #region resource generator code [array]$getValue = Get-MgBetaPolicyAuthenticationMethodPolicyAuthenticationMethodConfiguration ` -AuthenticationMethodConfigurationId MicrosoftAuthenticator ` - -ErrorAction Stop | Where-Object -FilterScript {$null -ne $_.Id} + -ErrorAction Stop | Where-Object -FilterScript { $null -ne $_.Id } #endregion $i = 1 @@ -1028,7 +1028,7 @@ function Export-TargetResource $currentDSCBlock = Remove-M365DSCCimInstanceTrailingCharacterFromExport -DSCBlock $currentDSCBlock # FIX #3645 - $currentDSCBlock = $currentDSCBlock.Replace("} State = 'default'`r`n","}`r`n State = 'default'`r`n") + $currentDSCBlock = $currentDSCBlock.Replace("} State = 'default'`r`n", "}`r`n State = 'default'`r`n") $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` -FileName $Global:PartialExportFileName diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyEmail/MSFT_AADAuthenticationMethodPolicyEmail.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyEmail/MSFT_AADAuthenticationMethodPolicyEmail.psm1 index 120f294f03..a7007111ec 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyEmail/MSFT_AADAuthenticationMethodPolicyEmail.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyEmail/MSFT_AADAuthenticationMethodPolicyEmail.psm1 @@ -320,7 +320,7 @@ function Set-TargetResource } if ($key -eq 'IncludeTargets') { - Write-Verbose -Message "Processing IncludeTargets" + Write-Verbose -Message 'Processing IncludeTargets' $i = 0 foreach ($entry in $UpdateParameters.$key) { @@ -334,7 +334,7 @@ function Set-TargetResource } if ($key -eq 'ExcludeTargets') { - Write-Verbose -Message "Processing ExcludeTargets" + Write-Verbose -Message 'Processing ExcludeTargets' $i = 0 foreach ($entry in $UpdateParameters.$key) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyFido2/MSFT_AADAuthenticationMethodPolicyFido2.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyFido2/MSFT_AADAuthenticationMethodPolicyFido2.psm1 index 66066badf9..71598a41d3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyFido2/MSFT_AADAuthenticationMethodPolicyFido2.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyFido2/MSFT_AADAuthenticationMethodPolicyFido2.psm1 @@ -105,7 +105,7 @@ function Get-TargetResource Write-Verbose -Message "An Azure AD Authentication Method Policy Fido2 with Id {$Id} was found." #region resource generator code - Write-Verbose "Processing KeyRestrictions" + Write-Verbose 'Processing KeyRestrictions' $complexKeyRestrictions = @{} $complexKeyRestrictions.Add('AaGuids', $getValue.AdditionalProperties.keyRestrictions.aaGuids) if ($null -ne $getValue.AdditionalProperties.keyRestrictions.enforcementType) @@ -118,7 +118,7 @@ function Get-TargetResource $complexKeyRestrictions = $null } - Write-Verbose "Processing ExcludeTargets" + Write-Verbose 'Processing ExcludeTargets' $complexExcludeTargets = @() foreach ($currentExcludeTargets in $getValue.excludeTargets) { @@ -158,7 +158,7 @@ function Get-TargetResource } #endregion - Write-Verbose "Processing IncludeTargets" + Write-Verbose 'Processing IncludeTargets' $complexIncludeTargets = @() foreach ($currentIncludeTargets in $getValue.AdditionalProperties.includeTargets) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/MSFT_AADAuthenticationMethodPolicySms.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/MSFT_AADAuthenticationMethodPolicySms.psm1 index f0cc33f024..89aa38ef21 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/MSFT_AADAuthenticationMethodPolicySms.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/MSFT_AADAuthenticationMethodPolicySms.psm1 @@ -93,7 +93,7 @@ function Get-TargetResource Write-Verbose -Message "An Azure AD Authentication Method Policy Sms with Id {$Id} was found." #region resource generator code - Write-Verbose -Message "Processing ExcludeTargets" + Write-Verbose -Message 'Processing ExcludeTargets' $complexExcludeTargets = @() foreach ($currentExcludeTargets in $getValue.excludeTargets) { @@ -133,7 +133,7 @@ function Get-TargetResource } #endregion - Write-Verbose -Message "Processing IncludeTargets" + Write-Verbose -Message 'Processing IncludeTargets' $complexincludeTargets = @() foreach ($currentincludeTargets in $getValue.AdditionalProperties.includeTargets) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/settings.json index d76dc8bbff..324bba1b9c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/settings.json @@ -1,6 +1,7 @@ { "resourceName": "AADAuthenticationMethodPolicySms", - "description": "This resource configures an Azure AD Authentication Method Policy Sms.","roles": { + "description": "This resource configures an Azure AD Authentication Method Policy Sms.", + "roles": { "read": [ "Security Reader" ], diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySoftware/MSFT_AADAuthenticationMethodPolicySoftware.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySoftware/MSFT_AADAuthenticationMethodPolicySoftware.psm1 index 5d5ab861f5..b881b56147 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySoftware/MSFT_AADAuthenticationMethodPolicySoftware.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySoftware/MSFT_AADAuthenticationMethodPolicySoftware.psm1 @@ -93,7 +93,7 @@ function Get-TargetResource Write-Verbose -Message "An Azure AD Authentication Method Policy Software with Id {$Id} was found." #region resource generator code - Write-Verbose -Message "Processing ExcludeTargets" + Write-Verbose -Message 'Processing ExcludeTargets' $complexExcludeTargets = @() foreach ($currentExcludeTargets in $getValue.excludeTargets) { @@ -133,7 +133,7 @@ function Get-TargetResource } #endregion - Write-Verbose -Message "Processing IncludeTargets" + Write-Verbose -Message 'Processing IncludeTargets' $complexincludeTargets = @() foreach ($currentincludeTargets in $getValue.AdditionalProperties.includeTargets) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyTemporary/MSFT_AADAuthenticationMethodPolicyTemporary.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyTemporary/MSFT_AADAuthenticationMethodPolicyTemporary.psm1 index afbb27114f..db3c3228fd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyTemporary/MSFT_AADAuthenticationMethodPolicyTemporary.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyTemporary/MSFT_AADAuthenticationMethodPolicyTemporary.psm1 @@ -113,7 +113,7 @@ function Get-TargetResource Write-Verbose -Message "An Azure AD Authentication Method Policy Temporary with Id {$($currentExcludeTargets.id))} was found." #region resource generator code - Write-Verbose -Message "Processing ExcludeTargets" + Write-Verbose -Message 'Processing ExcludeTargets' $complexExcludeTargets = @() foreach ($currentExcludeTargets in $getValue.excludeTargets) { @@ -154,7 +154,7 @@ function Get-TargetResource } #endregion - Write-Verbose -Message "Processing IncludeTargets" + Write-Verbose -Message 'Processing IncludeTargets' $complexincludeTargets = @() foreach ($currentincludeTargets in $getValue.AdditionalProperties.includeTargets) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyVoice/MSFT_AADAuthenticationMethodPolicyVoice.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyVoice/MSFT_AADAuthenticationMethodPolicyVoice.psm1 index c74b6b96e1..7112443f8d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyVoice/MSFT_AADAuthenticationMethodPolicyVoice.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyVoice/MSFT_AADAuthenticationMethodPolicyVoice.psm1 @@ -97,7 +97,7 @@ function Get-TargetResource Write-Verbose -Message "An Azure AD Authentication Method Policy Voice with Id {$Id} was found." #region resource generator code - Write-Verbose -Message "Processing ExcludeTargets" + Write-Verbose -Message 'Processing ExcludeTargets' $complexExcludeTargets = @() foreach ($currentExcludeTargets in $getValue.excludeTargets) { @@ -137,7 +137,7 @@ function Get-TargetResource } #endregion - Write-Verbose -Message "Processing IncludeTargets" + Write-Verbose -Message 'Processing IncludeTargets' $complexincludeTargets = @() foreach ($currentincludeTargets in $getValue.AdditionalProperties.includeTargets) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/MSFT_AADAuthenticationRequirement.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/MSFT_AADAuthenticationRequirement.psm1 index d78d5bfbf1..a858c0fc4d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/MSFT_AADAuthenticationRequirement.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/MSFT_AADAuthenticationRequirement.psm1 @@ -161,13 +161,13 @@ function Set-TargetResource if ($PerUserMfaState -eq 'enabled' -and $currentInstance.PerUserMfaState -eq 'disabled') { $params = @{ - "perUserMfaState" = "enabled" + 'perUserMfaState' = 'enabled' } } elseif ($PerUserMfaState -eq 'disabled' -and $currentInstance.PerUserMfaState -eq 'enabled') { $params = @{ - "perUserMfaState" = "disabled" + 'perUserMfaState' = 'disabled' } } @@ -310,7 +310,7 @@ function Export-TargetResource try { - [array]$getValue = Get-MgUser -ErrorAction Stop | Where-Object -FilterScript {$null -ne $_.Id} + [array]$getValue = Get-MgUser -ErrorAction Stop | Where-Object -FilterScript { $null -ne $_.Id } $i = 1 $dscContent = '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/settings.json index e56d74c0d4..09b1b4aab0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/settings.json @@ -8,28 +8,24 @@ "permissions": { "graph": { "delegated": { - "read": - [ + "read": [ { "name": "UserAuthenticationMethod.Read.All" } ], - "update": - [ + "update": [ { "name": "UserAuthenticationMethod.ReadWrite.All" } ] }, "application": { - "read": - [ + "read": [ { "name": "UserAuthenticationMethod.Read.All" } ], - "update": - [ + "update": [ { "name": "UserAuthenticationMethod.ReadWrite.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 index 2f47cae8a5..63e999016f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 @@ -84,7 +84,7 @@ function Get-TargetResource if ($null -eq $getValue) { - $getValue = Get-MgBetaPolicyAuthenticationStrengthPolicy | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} -ErrorAction SilentlyContinue + $getValue = Get-MgBetaPolicyAuthenticationStrengthPolicy | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } -ErrorAction SilentlyContinue } if ($null -eq $getValue) @@ -196,16 +196,16 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating new Azure AD AuthenticationStrengthPolicy {$DisplayName}" - $BoundParameters.Remove("Id") | Out-Null + $BoundParameters.Remove('Id') | Out-Null New-MgBetaPolicyAuthenticationStrengthPolicy @BoundParameters } elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Azure AD Authentication Strength Policy with DisplayName {$DisplayName}" - $BoundParameters.Add("AuthenticationStrengthPolicyId", $currentInstance.Id) - $BoundParameters.Remove("Id") | Out-Null + $BoundParameters.Add('AuthenticationStrengthPolicyId', $currentInstance.Id) + $BoundParameters.Remove('Id') | Out-Null $combinations = $BoundParameters.AllowedCombinations - $BoundParameters.Remove("AllowedCombinations") | Out-Null + $BoundParameters.Remove('AllowedCombinations') | Out-Null Update-MgBetaPolicyAuthenticationStrengthPolicy @BoundParameters Write-Verbose -Message "Updating the Azure AD Authentication Strength Policy allowed combination with DisplayName {$DisplayName}" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADClaimsMappingPolicy/MSFT_AADClaimsMappingPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADClaimsMappingPolicy/MSFT_AADClaimsMappingPolicy.psm1 index 20974fa4ca..95b5e0af32 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADClaimsMappingPolicy/MSFT_AADClaimsMappingPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADClaimsMappingPolicy/MSFT_AADClaimsMappingPolicy.psm1 @@ -83,7 +83,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaPolicyClaimMappingPolicy -ClaimsMappingPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaPolicyClaimMappingPolicy -ClaimsMappingPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -95,8 +95,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.ClaimsMappingPolicy" - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.ClaimsMappingPolicy' + } } } #endregion @@ -109,15 +109,15 @@ function Get-TargetResource Write-Verbose -Message "An Azure AD Claims Mapping Policy with Id {$Id} and DisplayName {$DisplayName} was found" $complexDefinition = @() - foreach($getDefinitionJson in $getValue.Definition) + foreach ($getDefinitionJson in $getValue.Definition) { $getDefinition = ($getDefinitionJson | ConvertFrom-Json) $ClaimsSchema = @() foreach ($claimschema in $getDefinition.ClaimsMappingPolicy.ClaimsSchema) { $ClaimsSchema += @{ - Source = $claimschema.Source - Id = $claimschema.Id + Source = $claimschema.Source + Id = $claimschema.Id SamlClaimType = $claimschema.SamlClaimType } } @@ -129,8 +129,8 @@ function Get-TargetResource foreach ($inputparam in $claimtransformation.InputParameters) { $inputparams += @{ - Value = $inputparam.Value - Id = $inputparam.Id + Value = $inputparam.Value + Id = $inputparam.Id DataType = $inputparam.DataType } } @@ -139,23 +139,23 @@ function Get-TargetResource foreach ($outclaim in $claimtransformation.OutputClaims) { $outputClaimsObj += @{ - ClaimTypeReferenceId = $outclaim.ClaimTypeReferenceId + ClaimTypeReferenceId = $outclaim.ClaimTypeReferenceId TransformationClaimType = $outclaim.TransformationClaimType } } $ClaimsTransformation += @{ - Id = $claimtransformation.Id + Id = $claimtransformation.Id TransformationMethod = $claimtransformation.TransformationMethod - InputParameters = $inputparams - OutputClaims = $outputClaimsObj + InputParameters = $inputparams + OutputClaims = $outputClaimsObj } } $complexDefinition += @{ ClaimsMappingPolicy = @{ - Version = $getDefinition.ClaimsMappingPolicy.Version + Version = $getDefinition.ClaimsMappingPolicy.Version IncludeBasicClaimSet = [bool]$getDefinition.ClaimsMappingPolicy.IncludeBasicClaimSet - ClaimsSchema = $ClaimsSchema + ClaimsSchema = $ClaimsSchema ClaimsTransformation = $ClaimsTransformation } } @@ -540,16 +540,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -560,29 +560,29 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'ClaimsMappingPolicy' + Name = 'ClaimsMappingPolicy' CimInstanceName = 'MSFT_AADClaimsMappingPolicyDefinitionMappingPolicy' - IsRequired = $False + IsRequired = $False }, @{ - Name = 'ClaimsSchema' + Name = 'ClaimsSchema' CimInstanceName = 'AADClaimsMappingPolicyDefinitionMappingPolicyClaimsSchema' - IsRequired = $False + IsRequired = $False }, @{ - Name = 'ClaimsTransformation' + Name = 'ClaimsTransformation' CimInstanceName = 'AADClaimsMappingPolicyDefinitionMappingPolicyClaimsTransformation' - IsRequired = $False + IsRequired = $False }, @{ - Name = 'InputParameters' + Name = 'InputParameters' CimInstanceName = 'AADClaimsMappingPolicyDefinitionMappingPolicyClaimsTransformationInputParameter' - IsRequired = $False + IsRequired = $False }, @{ - Name = 'OutputClaims' + Name = 'OutputClaims' CimInstanceName = 'AADClaimsMappingPolicyDefinitionMappingPolicyClaimsTransformationOutputClaims' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADClaimsMappingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADClaimsMappingPolicy/settings.json index 65ae94f99c..10d0e1b741 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADClaimsMappingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADClaimsMappingPolicy/settings.json @@ -1,33 +1,32 @@ { "resourceName": "AADClaimsMappingPolicy", "description": "This resource configures an Azure AD Claims Mapping Policy.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Policy.Read.All" - } - ], - "update": [ - { - "name": "Policy.ReadWrite.ApplicationConfiguration" - } - ] - }, - "application": { - "read": [ - { - "name": "Policy.Read.All" - } - ], - "update": [ - { - "name": "Policy.ReadWrite.ApplicationConfiguration" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Policy.Read.All" + } + ], + "update": [ + { + "name": "Policy.ReadWrite.ApplicationConfiguration" + } + ] + }, + "application": { + "read": [ + { + "name": "Policy.Read.All" + } + ], + "update": [ + { + "name": "Policy.ReadWrite.ApplicationConfiguration" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.psm1 index af09ab623d..d7e0d55a4e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.psm1 @@ -1436,7 +1436,8 @@ function Set-TargetResource Write-Verbose -Message 'Set-Targetresource: process includeServicePrincipals' if ($currentParameters.ContainsKey('IncludeServicePrincipals')) { - if (-not $conditions.ContainsKey('clientApplications')) { + if (-not $conditions.ContainsKey('clientApplications')) + { $conditions.Add('clientApplications', @{}) } $conditions.clientApplications.Add('includeServicePrincipals', $IncludeServicePrincipals) @@ -1445,7 +1446,8 @@ function Set-TargetResource Write-Verbose -Message 'Set-Targetresource: process excludeServicePrincipals' if ($currentParameters.ContainsKey('ExcludeServicePrincipals')) { - if (-not $conditions.ContainsKey('clientApplications')) { + if (-not $conditions.ContainsKey('clientApplications')) + { $conditions.Add('clientApplications', @{}) } $conditions.clientApplications.Add('excludeServicePrincipals', $ExcludeServicePrincipals) @@ -1455,18 +1457,21 @@ function Set-TargetResource if ($currentParameters.ContainsKey('ServicePrincipalFilterMode') -and $currentParameters.ContainsKey('ServicePrincipalFilterRule')) { #check if the custom attribute exist. - $customattribute = Invoke-MgGraphRequest -Method GET -Uri ($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/directory/customSecurityAttributeDefinitions") - $ServicePrincipalFilterRule -match "CustomSecurityAttribute.(?.*) -.*" + $customattribute = Invoke-MgGraphRequest -Method GET -Uri ($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'v1.0/directory/customSecurityAttributeDefinitions') + $ServicePrincipalFilterRule -match 'CustomSecurityAttribute.(?.*) -.*' $attrinrule = $matches.attribute - if ($customattribute.value.id -contains $attrinrule){ - if (-not $conditions.ContainsKey('clientApplications')) { + if ($customattribute.value.id -contains $attrinrule) + { + if (-not $conditions.ContainsKey('clientApplications')) + { $conditions.Add('clientApplications', @{}) } $conditions.clientApplications.Add('servicePrincipalFilter', @{}) $conditions.clientApplications.servicePrincipalFilter.Add('mode', $ServicePrincipalFilterMode) $conditions.clientApplications.servicePrincipalFilter.Add('rule', $ServicePrincipalFilterRule) } - else{ + else + { $message = "Couldn't find the custom attribute $attrinrule in the tenant, couldn't add the filter to policy $DisplayName" Write-Verbose -Message $message New-M365DSCLogEntry -Message $message ` @@ -1634,7 +1639,7 @@ function Set-TargetResource if ([String]::IsNullOrEmpty($InsiderRiskLevels) -eq $false) { - $conditions.Add("insiderRiskLevels", $InsiderRiskLevels) + $conditions.Add('insiderRiskLevels', $InsiderRiskLevels) } Write-Verbose -Message 'Set-Targetresource: process risk levels and app types' @@ -1836,7 +1841,7 @@ function Set-TargetResource { try { - $Uri = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identity/conditionalAccess/policies" + $Uri = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/identity/conditionalAccess/policies' Invoke-MgGraphRequest -Method POST -Uri $Uri -Body $NewParameters } catch @@ -2164,7 +2169,7 @@ function Test-TargetResource else { Write-Verbose -Message "TransferMethods are not equal: [$TransferMethods] - [$($CurrentValues.TransferMethods)]" - $TestResult = $false + $TestResult = $false } if ($TestResult) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 index d77e4aa571..a798d8cbaa 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/MSFT_AADConnectorGroupApplicationProxy.psm1 @@ -9,7 +9,7 @@ function Get-TargetResource $Name, [Parameter()] - [ValidateSet('nam','eur','aus','asia','ind','unknownFutureValue')] + [ValidateSet('nam', 'eur', 'aus', 'asia', 'ind', 'unknownFutureValue')] [System.String] $Region, @@ -77,7 +77,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $getValue = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $getValue = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } else { @@ -92,7 +92,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $getValue = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $getValue = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } else { @@ -156,7 +156,7 @@ function Set-TargetResource $Name, [Parameter()] - [ValidateSet('nam','eur','aus','asia','ind','unknownFutureValue')] + [ValidateSet('nam', 'eur', 'aus', 'asia', 'ind', 'unknownFutureValue')] [System.String] $Region, @@ -213,7 +213,7 @@ function Set-TargetResource $currentInstance = Get-TargetResource @PSBoundParameters $BoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters - $OnPremisesPublishingProfileId = "applicationProxy" + $OnPremisesPublishingProfileId = 'applicationProxy' if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { @@ -265,7 +265,7 @@ function Test-TargetResource $Name, [Parameter()] - [ValidateSet('nam','eur','aus','asia','ind','unknownFutureValue')] + [ValidateSet('nam', 'eur', 'aus', 'asia', 'ind', 'unknownFutureValue')] [System.String] $Region, @@ -428,8 +428,8 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - Name = $config.Name + Id = $config.Id + Name = $config.Name Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/settings.json index aa6b7ca3b9..f6d7c7de75 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConnectorGroupApplicationProxy/settings.json @@ -30,4 +30,3 @@ } } } - diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicy/MSFT_AADCrossTenantAccessPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicy/MSFT_AADCrossTenantAccessPolicy.psm1 index 6cf95e4059..6722945bfb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicy/MSFT_AADCrossTenantAccessPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicy/MSFT_AADCrossTenantAccessPolicy.psm1 @@ -177,25 +177,25 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { - Write-Verbose -Message "Azure AD Cross Tenant Access Policy instance cannot be created" + Write-Verbose -Message 'Azure AD Cross Tenant Access Policy instance cannot be created' } elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { - Write-Verbose -Message "Updating the Azure AD Cross Tenant Access Policy" + Write-Verbose -Message 'Updating the Azure AD Cross Tenant Access Policy' $UpdateParams = @{} if (-not [System.String]::IsNullOrEmpty($DisplayName)) { - $UpdateParams.Add("DisplayName", $DisplayName) + $UpdateParams.Add('DisplayName', $DisplayName) } if ($null -ne $AllowedCloudEndpoints) { - $UpdateParams.Add("AllowedCloudEndpoints", $AllowedCloudEndpoints) + $UpdateParams.Add('AllowedCloudEndpoints', $AllowedCloudEndpoints) } Update-MgBetaPolicyCrossTenantAccessPolicy -BodyParameter $UpdateParams } elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { - Write-Verbose -Message "Azure AD Cross Tenant Access Policies cannot be removed." + Write-Verbose -Message 'Azure AD Cross Tenant Access Policies cannot be removed.' } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/MSFT_AADCrossTenantAccessPolicyConfigurationDefault.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/MSFT_AADCrossTenantAccessPolicyConfigurationDefault.psm1 index bdcbf0e75a..161a160feb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/MSFT_AADCrossTenantAccessPolicyConfigurationDefault.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/MSFT_AADCrossTenantAccessPolicyConfigurationDefault.psm1 @@ -222,14 +222,14 @@ function Set-TargetResource $currentInstance = Get-TargetResource @PSBoundParameters $OperationParams = ([Hashtable]$PSBoundParameters).Clone() - $OperationParams.Remove("Credential") | Out-Null - $OperationParams.Remove("ManagedIdentity") | Out-Null - $OperationParams.Remove("ApplicationId") | Out-Null - $OperationParams.Remove("TenantId") | Out-Null - $OperationParams.Remove("CertificateThumbprint") | Out-Null - $OperationParams.Remove("ApplicationSecret") | Out-Null - $OperationParams.Remove("Ensure") | Out-Null - $OperationParams.Remove("IsSingleInstance") | Out-Null + $OperationParams.Remove('Credential') | Out-Null + $OperationParams.Remove('ManagedIdentity') | Out-Null + $OperationParams.Remove('ApplicationId') | Out-Null + $OperationParams.Remove('TenantId') | Out-Null + $OperationParams.Remove('CertificateThumbprint') | Out-Null + $OperationParams.Remove('ApplicationSecret') | Out-Null + $OperationParams.Remove('Ensure') | Out-Null + $OperationParams.Remove('IsSingleInstance') | Out-Null $OperationParams.Remove('AccessTokens') | Out-Null if ($null -ne $OperationParams.B2BCollaborationInbound) @@ -259,12 +259,12 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { - Write-Verbose -Message "Updating Cross Tenant Access Policy Configuration Default" + Write-Verbose -Message 'Updating Cross Tenant Access Policy Configuration Default' Update-MgBetaPolicyCrossTenantAccessPolicyDefault @OperationParams } elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { - Write-Verbose -Message "Removing Cross Tenant Access Policy Configuration Default is not supported" + Write-Verbose -Message 'Removing Cross Tenant Access Policy Configuration Default is not supported' } } @@ -709,7 +709,7 @@ function Get-M365DSCAADCrossTenantAccessPolicyB2BSetting } #endregion $results = @{ - Applications = $applications + Applications = $applications UsersAndGroups = $usersAndGroups } @@ -746,7 +746,7 @@ function Get-M365DSCAADCrossTenantAccessPolicyInboundTrustAsString $StringContent = $null if ($null -ne $Setting.IsCompliantDeviceAccepted -or $null -ne $Setting.IsHybridAzureADJoinedDeviceAccepted -or ` - $null -ne $Setting.IsMfaAccepted) + $null -ne $Setting.IsMfaAccepted) { $StringContent = "MSFT_AADCrossTenantAccessPolicyInboundTrust {`r`n" if ($null -ne $Setting.IsCompliantDeviceAccepted) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/MSFT_AADCrossTenantAccessPolicyConfigurationPartner.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/MSFT_AADCrossTenantAccessPolicyConfigurationPartner.psm1 index 000ddfa281..ef0bd66662 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/MSFT_AADCrossTenantAccessPolicyConfigurationPartner.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/MSFT_AADCrossTenantAccessPolicyConfigurationPartner.psm1 @@ -797,7 +797,7 @@ function Get-M365DSCAADCrossTenantAccessPolicyAutomaticUserConsentSettingsAsStri { $StringContent += " InboundAllowed = `$" + $Setting.InboundAllowed.ToString() + "`r`n" } - if ($null -ne $Setting.OutboundAllowed) + if ($null -ne $Setting.OutboundAllowed) { $StringContent += " OutboundAllowed = `$" + $Setting.OutboundAllowed.ToString() + "`r`n" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCustomAuthenticationExtension/MSFT_AADCustomAuthenticationExtension.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCustomAuthenticationExtension/MSFT_AADCustomAuthenticationExtension.psm1 index 63f67975f9..9139139416 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCustomAuthenticationExtension/MSFT_AADCustomAuthenticationExtension.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCustomAuthenticationExtension/MSFT_AADCustomAuthenticationExtension.psm1 @@ -104,7 +104,7 @@ function Get-TargetResource $nullResult = $PSBoundParameters $nullResult.Ensure = 'Absent' - Write-Verbose -Message "Fetching result...." + Write-Verbose -Message 'Fetching result....' try { # check for export. @@ -113,13 +113,13 @@ function Get-TargetResource # check with Id first if (-not [System.String]::IsNullOrEmpty($Id)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } # check with display name next. if ($null -eq $instance) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } } else @@ -127,12 +127,12 @@ function Get-TargetResource if (-not [System.String]::IsNullOrEmpty($Id)) { $instance = Get-MgBetaIdentityCustomAuthenticationExtension -CustomAuthenticationExtensionId $Id ` - -ErrorAction SilentlyContinue + -ErrorAction SilentlyContinue } if ($null -eq $instance) { $instance = Get-MgBetaIdentityCustomAuthenticationExtension -Filter "DisplayName eq '$DisplayName'" ` - -ErrorAction SilentlyContinue + -ErrorAction SilentlyContinue } } if ($null -eq $instance) @@ -140,7 +140,7 @@ function Get-TargetResource return $nullResult } - Write-Verbose "Instance found for the resource. Calculating result...." + Write-Verbose 'Instance found for the resource. Calculating result....' $results = @{ DisplayName = $instance.DisplayName @@ -151,13 +151,13 @@ function Get-TargetResource if ($instance.AdditionalProperties -ne $null) { - $results.Add('CustomAuthenticationExtensionType', $instance.AdditionalProperties["@odata.type"]) + $results.Add('CustomAuthenticationExtensionType', $instance.AdditionalProperties['@odata.type']) } if ($instance.AuthenticationConfiguration -ne $null) { - $results.Add('AuthenticationConfigurationType', $instance.AuthenticationConfiguration["@odata.type"]) - $results.Add('AuthenticationConfigurationResourceId', $instance.AuthenticationConfiguration["resourceId"]) + $results.Add('AuthenticationConfigurationType', $instance.AuthenticationConfiguration['@odata.type']) + $results.Add('AuthenticationConfigurationResourceId', $instance.AuthenticationConfiguration['resourceId']) } if ($instance.ClientConfiguration -ne $null) @@ -169,25 +169,25 @@ function Get-TargetResource $endpointConfigurationInstance = @{} if ($instance.EndPointConfiguration -ne $null -and $instance.EndPointConfiguration.AdditionalProperties -ne $null) { - $endpointConfigurationInstance.Add("EndpointType", $instance.EndPointConfiguration.AdditionalProperties["@odata.type"]) + $endpointConfigurationInstance.Add('EndpointType', $instance.EndPointConfiguration.AdditionalProperties['@odata.type']) - if ($endpointConfigurationInstance["EndpointType"] -eq '#microsoft.graph.httpRequestEndpoint') + if ($endpointConfigurationInstance['EndpointType'] -eq '#microsoft.graph.httpRequestEndpoint') { - $endpointConfigurationInstance.Add("TargetUrl", $instance.EndPointConfiguration.AdditionalProperties["targetUrl"]) + $endpointConfigurationInstance.Add('TargetUrl', $instance.EndPointConfiguration.AdditionalProperties['targetUrl']) } - if ($endpointConfigurationInstance["EndpointType"] -eq '#microsoft.graph.logicAppTriggerEndpointConfiguration') + if ($endpointConfigurationInstance['EndpointType'] -eq '#microsoft.graph.logicAppTriggerEndpointConfiguration') { - $endpointConfigurationInstance.Add("SubscriptionId", $instance.EndPointConfiguration.AdditionalProperties["subscriptionId"]) - $endpointConfigurationInstance.Add("ResourceGroupName", $instance.EndPointConfiguration.AdditionalProperties["resourceGroupName"]) - $endpointConfigurationInstance.Add("LogicAppWorkflowName", $instance.EndPointConfiguration.AdditionalProperties["logicAppWorkflowName"]) + $endpointConfigurationInstance.Add('SubscriptionId', $instance.EndPointConfiguration.AdditionalProperties['subscriptionId']) + $endpointConfigurationInstance.Add('ResourceGroupName', $instance.EndPointConfiguration.AdditionalProperties['resourceGroupName']) + $endpointConfigurationInstance.Add('LogicAppWorkflowName', $instance.EndPointConfiguration.AdditionalProperties['logicAppWorkflowName']) } } $ClaimsForTokenConfigurationInstance = @() - if ($instance.AdditionalProperties -ne $null -and $instance.AdditionalProperties["claimsForTokenConfiguration"] -ne $null) + if ($instance.AdditionalProperties -ne $null -and $instance.AdditionalProperties['claimsForTokenConfiguration'] -ne $null) { - foreach ($claim in $instance.AdditionalProperties["claimsForTokenConfiguration"]) + foreach ($claim in $instance.AdditionalProperties['claimsForTokenConfiguration']) { $c = @{ ClaimIdInApiResponse = $claim.claimIdInApiResponse @@ -319,52 +319,52 @@ function Set-TargetResource $setParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters $params = @{ - "@odata.type" = $setParameters.CustomAuthenticationExtensionType - displayName = $setParameters.DisplayName - description = $setParameters.Description - endpointConfiguration = @{ - "@odata.type" = $setParameters.EndPointConfiguration.EndpointType + '@odata.type' = $setParameters.CustomAuthenticationExtensionType + displayName = $setParameters.DisplayName + description = $setParameters.Description + endpointConfiguration = @{ + '@odata.type' = $setParameters.EndPointConfiguration.EndpointType } authenticationConfiguration = @{ - "@odata.type" = $setParameters.AuthenticationConfigurationType - resourceId = $setParameters.AuthenticationConfigurationResourceId + '@odata.type' = $setParameters.AuthenticationConfigurationType + resourceId = $setParameters.AuthenticationConfigurationResourceId } - clientConfiguration = @{ - timeoutInMilliseconds = $setParameters["ClientConfigurationTimeoutMilliseconds"] - maximumRetries = $setParameters["ClientConfigurationMaximumRetries"] + clientConfiguration = @{ + timeoutInMilliseconds = $setParameters['ClientConfigurationTimeoutMilliseconds'] + maximumRetries = $setParameters['ClientConfigurationMaximumRetries'] } } - if ($params.endpointConfiguration["@odata.type"] -eq "#microsoft.graph.httpRequestEndpoint") + if ($params.endpointConfiguration['@odata.type'] -eq '#microsoft.graph.httpRequestEndpoint') { Write-Verbose -Message "{$setParameters.EndPointConfiguration.TargetUrl}" - $params.endpointConfiguration["targetUrl"] = $setParameters.EndPointConfiguration.TargetUrl + $params.endpointConfiguration['targetUrl'] = $setParameters.EndPointConfiguration.TargetUrl } - if ($params.endpointConfiguration["@odata.type"] -eq "#microsoft.graph.logicAppTriggerEndpointConfiguration") + if ($params.endpointConfiguration['@odata.type'] -eq '#microsoft.graph.logicAppTriggerEndpointConfiguration') { - $params.endpointConfiguration["subscriptionId"] = $setParameters.EndPointConfiguration["SubscriptionId"] - $params.endpointConfiguration["resourceGroupName"] = $setParameters.EndPointConfiguration["ResourceGroupName"] - $params.endpointConfiguration["logicAppWorkflowName"] = $setParameters.EndPointConfiguration["LogicAppWorkflowName"] + $params.endpointConfiguration['subscriptionId'] = $setParameters.EndPointConfiguration['SubscriptionId'] + $params.endpointConfiguration['resourceGroupName'] = $setParameters.EndPointConfiguration['ResourceGroupName'] + $params.endpointConfiguration['logicAppWorkflowName'] = $setParameters.EndPointConfiguration['LogicAppWorkflowName'] } # CREATE if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { - $params.Add("claimsForTokenConfiguration", @()) + $params.Add('claimsForTokenConfiguration', @()) foreach ($claim in $setParameters.claimsForTokenConfiguration) { $val = $claim.claimIdInApiResponse Write-Verbose -Message "{$val}" $c = @{ - "claimIdInApiResponse" = $claim.claimIdInApiResponse + 'claimIdInApiResponse' = $claim.claimIdInApiResponse } $params.claimsForTokenConfiguration += $c } $params.Remove('Id') | Out-Null - $type = $params["@odata.type"] + $type = $params['@odata.type'] Write-Verbose -Message "Creating new Custom authentication extension with display name {$DisplayName} and type {$type}" New-MgBetaIdentityCustomAuthenticationExtension -BodyParameter $params } @@ -376,16 +376,16 @@ function Set-TargetResource $params.Add('CustomAuthenticationExtensionId', $currentInstance.Id) $params.Remove('Id') | Out-Null - $params.Add("AdditionalProperties", @{}) - $params["AdditionalProperties"].Add("ClaimsForTokenConfiguration", @()) + $params.Add('AdditionalProperties', @{}) + $params['AdditionalProperties'].Add('ClaimsForTokenConfiguration', @()) - foreach ($claim in $setParameters["ClaimsForTokenConfiguration"]) + foreach ($claim in $setParameters['ClaimsForTokenConfiguration']) { $c = @{ - "claimIdInApiResponse" = $claim["ClaimIdInApiResponse"] + 'claimIdInApiResponse' = $claim['ClaimIdInApiResponse'] } - $params["AdditionalProperties"]["claimsForTokenConfiguration"] += $c + $params['AdditionalProperties']['claimsForTokenConfiguration'] += $c } Write-Verbose -Message "{$params['@odata.type']}" @@ -519,7 +519,8 @@ function Test-TargetResource Write-Verbose "TestResult returned False for $source" $testTargetResource = $false } - else { + else + { $ValuesToCheck.Remove($key) | Out-Null } } @@ -627,12 +628,12 @@ function Export-TargetResource $Results = Get-TargetResource @Params $endpointConfigurationCimString = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.EndpointConfiguration ` - -CIMInstanceName 'MSFT_AADCustomAuthenticationExtensionEndPointConfiguration' + -ComplexObject $Results.EndpointConfiguration ` + -CIMInstanceName 'MSFT_AADCustomAuthenticationExtensionEndPointConfiguration' $ClaimsForTokenConfigurationCimString = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.ClaimsForTokenConfiguration ` - -CIMInstanceName 'MSFT_AADCustomAuthenticationExtensionClaimForTokenConfiguration' + -ComplexObject $Results.ClaimsForTokenConfiguration ` + -CIMInstanceName 'MSFT_AADCustomAuthenticationExtensionClaimForTokenConfiguration' $Results.EndPointConfiguration = $endpointConfigurationCimString $Results.ClaimsForTokenConfiguration = $ClaimsForTokenConfigurationCimString @@ -648,12 +649,12 @@ function Export-TargetResource if ($Results.EndPointConfiguration -ne $null) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "EndPointConfiguration" + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'EndPointConfiguration' } if ($Results.ClaimsForTokenConfiguration -ne $null) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "ClaimsForTokenConfiguration" -IsCIMArray $true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'ClaimsForTokenConfiguration' -IsCIMArray $true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCustomSecurityAttributeDefinition/MSFT_AADCustomSecurityAttributeDefinition.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCustomSecurityAttributeDefinition/MSFT_AADCustomSecurityAttributeDefinition.psm1 index 1e7e5822ab..2e68367f7d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCustomSecurityAttributeDefinition/MSFT_AADCustomSecurityAttributeDefinition.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCustomSecurityAttributeDefinition/MSFT_AADCustomSecurityAttributeDefinition.psm1 @@ -97,11 +97,11 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($Id)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } if ($null -eq $instance) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } } else @@ -109,12 +109,12 @@ function Get-TargetResource if (-not [System.String]::IsNullOrEmpty($Id)) { $instance = Get-MgBetaDirectoryCustomSecurityAttributeDefinition -CustomSecurityAttributeDefinitionId $Id ` - -ErrorAction SilentlyContinue + -ErrorAction SilentlyContinue } if ($null -eq $instance) { $instance = Get-MgBetaDirectoryCustomSecurityAttributeDefinition -Filter "Name eq '$Name'" ` - -ErrorAction SilentlyContinue + -ErrorAction SilentlyContinue } } if ($null -eq $instance) @@ -271,7 +271,7 @@ function Set-TargetResource { Write-Verbose -Message "Removing Atribute Definition {$Name}. Setting its status to 'Deprecated'" Update-MgBetaDirectoryCustomSecurityAttributeDefinition -CustomSecurityAttributeDefinitionId $currentInstance.Id ` - -Status 'Deprecated' + -Status 'Deprecated' } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADDeviceRegistrationPolicy/MSFT_AADDeviceRegistrationPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADDeviceRegistrationPolicy/MSFT_AADDeviceRegistrationPolicy.psm1 index 8fe76dc299..70c85ef25f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADDeviceRegistrationPolicy/MSFT_AADDeviceRegistrationPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADDeviceRegistrationPolicy/MSFT_AADDeviceRegistrationPolicy.psm1 @@ -345,20 +345,20 @@ function Set-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - $MultiFactorAuthConfigurationValue = "notRequired" + $MultiFactorAuthConfigurationValue = 'notRequired' if ($MultiFactorAuthConfiguration) { $MultiFactorAuthConfigurationValue = 'required' } - $azureADRegistrationAllowedToRegister = "#microsoft.graph.noDeviceRegistrationMembership" + $azureADRegistrationAllowedToRegister = '#microsoft.graph.noDeviceRegistrationMembership' if ($AzureAdJoinLocalAdminsRegisteringMode -eq 'All') { - $azureADRegistrationAllowedToRegister = "#microsoft.graph.allDeviceRegistrationMembership" + $azureADRegistrationAllowedToRegister = '#microsoft.graph.allDeviceRegistrationMembership' } elseif ($AzureAdJoinLocalAdminsRegisteringMode -eq 'Selected') { - $azureADRegistrationAllowedToRegister = "#microsoft.graph.enumeratedDeviceRegistrationMembership" + $azureADRegistrationAllowedToRegister = '#microsoft.graph.enumeratedDeviceRegistrationMembership' $azureADRegistrationAllowedUsers = @() foreach ($user in $AzureAdJoinLocalAdminsRegisteringUsers) @@ -375,14 +375,14 @@ function Set-TargetResource } } - $localAdminAllowedMode = "#microsoft.graph.noDeviceRegistrationMembership" + $localAdminAllowedMode = '#microsoft.graph.noDeviceRegistrationMembership' if ($AzureAdJoinLocalAdminsRegisteringMode -eq 'All') { - $localAdminAllowedMode = "#microsoft.graph.allDeviceRegistrationMembership" + $localAdminAllowedMode = '#microsoft.graph.allDeviceRegistrationMembership' } elseif ($AzureAdJoinLocalAdminsRegisteringMode -eq 'Selected') { - $localAdminAllowedMode = "#microsoft.graph.enumeratedDeviceRegistrationMembership" + $localAdminAllowedMode = '#microsoft.graph.enumeratedDeviceRegistrationMembership' $localAdminAllowedUsers = @() foreach ($user in $AzureAdJoinLocalAdminsRegisteringUsers) @@ -400,31 +400,31 @@ function Set-TargetResource } $updateParameters = @{ - userDeviceQuota = $UserDeviceQuota + userDeviceQuota = $UserDeviceQuota multiFactorAuthConfiguration = $MultiFactorAuthConfigurationValue - azureADJoin = @{ - isAdminConfigurable =$AzureADJoinIsAdminConfigurable - allowedToJoin = @{ + azureADJoin = @{ + isAdminConfigurable = $AzureADJoinIsAdminConfigurable + allowedToJoin = @{ '@odata.type' = $azureADRegistrationAllowedToRegister - users = $AzureADAllowedToJoinUsers - groups = $AzureADAllowedToJoinGroups + users = $AzureADAllowedToJoinUsers + groups = $AzureADAllowedToJoinGroups } - localAdmins = @{ + localAdmins = @{ enableGlobalAdmins = $LocalAdminsEnableGlobalAdmins - registeringUsers = @{ + registeringUsers = @{ '@odata.type' = $localAdminAllowedMode - users = $localAdminAllowedUsers - groups = $localAdminAllowedGroups + users = $localAdminAllowedUsers + groups = $localAdminAllowedGroups } } } - localAdminPassword = @{ + localAdminPassword = @{ isEnabled = $LocalAdminPasswordIsEnabled } - azureADRegistration = @{ + azureADRegistration = @{ isAdminConfigurable = $false - allowedToRegister = @{ - '@odata.type' = "#microsoft.graph.allDeviceRegistrationMembership" + allowedToRegister = @{ + '@odata.type' = '#microsoft.graph.allDeviceRegistrationMembership' } } } @@ -531,7 +531,7 @@ function Test-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Testing configuration of the Device Registration Policy" + Write-Verbose -Message 'Testing configuration of the Device Registration Policy' $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() @@ -617,7 +617,7 @@ function Export-TargetResource $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results + -Results $Results $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` -ConnectionMode $ConnectionMode ` @@ -634,7 +634,7 @@ function Export-TargetResource } catch { - if ($_.ErrorDetails.Message -like "*Insufficient privileges*") + if ($_.ErrorDetails.Message -like '*Insufficient privileges*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) Insufficient permissions or license to export Attribute Sets." } @@ -642,10 +642,10 @@ function Export-TargetResource { Write-Host $Global:M365DSCEmojiRedX New-M365DSCLogEntry -Message 'Error during Export:' ` - -Exception $_ ` - -Source $($MyInvocation.MyCommand.Source) ` - -TenantId $TenantId ` - -Credential $Credential + -Exception $_ ` + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential } return '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADDeviceRegistrationPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADDeviceRegistrationPolicy/settings.json index 3324b5f4e0..0017f57ca4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADDeviceRegistrationPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADDeviceRegistrationPolicy/settings.json @@ -12,10 +12,8 @@ "permissions": { "graph": { "delegated": { - "read": [ - ], - "update": [ - ] + "read": [], + "update": [] }, "application": { "read": [ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEnrichedAuditLogs/MSFT_AADEnrichedAuditLogs.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEnrichedAuditLogs/MSFT_AADEnrichedAuditLogs.psm1 index 24534197ea..3b82984982 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEnrichedAuditLogs/MSFT_AADEnrichedAuditLogs.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEnrichedAuditLogs/MSFT_AADEnrichedAuditLogs.psm1 @@ -161,18 +161,18 @@ function Set-TargetResource Write-Verbose -Message 'Updating Enriched Audit Logs settings' $values = @{ - "@odata.type" = "#microsoft.graph.networkaccess.enrichedAuditLogs" - exchange = @{ - "@odata.type" = "#microsoft.graph.networkaccess.enrichedAuditLogsSettings" - status = $ExchangeOnline + '@odata.type' = '#microsoft.graph.networkaccess.enrichedAuditLogs' + exchange = @{ + '@odata.type' = '#microsoft.graph.networkaccess.enrichedAuditLogsSettings' + status = $ExchangeOnline } - sharepoint = @{ - "@odata.type" = "#microsoft.graph.networkaccess.enrichedAuditLogsSettings" - status = $SharePoint + sharepoint = @{ + '@odata.type' = '#microsoft.graph.networkaccess.enrichedAuditLogsSettings' + status = $SharePoint } - teams = @{ - "@odata.type" = "#microsoft.graph.networkaccess.enrichedAuditLogsSettings" - status = $Teams + teams = @{ + '@odata.type' = '#microsoft.graph.networkaccess.enrichedAuditLogsSettings' + status = $Teams } } $body = ConvertTo-Json $values -Depth 10 -Compress @@ -328,7 +328,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint ManagedIdentity = $ManagedIdentity.IsPresent AccessTokens = $AccessTokens - } + } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackage/MSFT_AADEntitlementManagementAccessPackage.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackage/MSFT_AADEntitlementManagementAccessPackage.psm1 index 7f6b0dc6de..2ef5d6db5a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackage/MSFT_AADEntitlementManagementAccessPackage.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackage/MSFT_AADEntitlementManagementAccessPackage.psm1 @@ -117,7 +117,7 @@ function Get-TargetResource if ($null -eq $getValue) { - if(-not [System.String]::IsNullOrEmpty($id)) + if (-not [System.String]::IsNullOrEmpty($id)) { Write-Verbose -Message "Nothing with id {$id} was found" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy.psm1 index 3c068d29e1..8a1595dd4b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy.psm1 @@ -134,7 +134,7 @@ function Get-TargetResource #region Format AccessReviewSettings $formattedAccessReviewSettings = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $getValue.AccessReviewSettings -Verbose - if($null -ne $formattedAccessReviewSettings) + if ($null -ne $formattedAccessReviewSettings) { $formattedAccessReviewSettings.remove('additionalProperties') | Out-Null } @@ -227,11 +227,11 @@ function Get-TargetResource { foreach ($setting in $formattedRequestorSettings.allowedRequestors) { - if (-not $setting.ContainsKey("odataType")) + if (-not $setting.ContainsKey('odataType')) { - $setting.add('odataType',$setting.AdditionalProperties."@odata.type") + $setting.add('odataType', $setting.AdditionalProperties.'@odata.type') } - if(-not [String]::isNullOrEmpty($setting.AdditionalProperties.id)) + if (-not [String]::isNullOrEmpty($setting.AdditionalProperties.id)) { $user = Get-MgUser -UserId $setting.AdditionalProperties.id -ErrorAction SilentlyContinue if ($null -ne $user) @@ -252,9 +252,9 @@ function Get-TargetResource $formattedQuestions = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $getValue.Questions foreach ($question in $formattedQuestions) { - if (-not $question.ContainsKey("odataType")) + if (-not $question.ContainsKey('odataType')) { - $question.add("odataType",$question.AdditionalProperties."@odata.type") + $question.add('odataType', $question.AdditionalProperties.'@odata.type') } if ($null -ne $question.Text) { @@ -288,7 +288,7 @@ function Get-TargetResource { $customExt = @{ #Id = $customExtensionHandler.Id #Read Only - Stage = $customExtensionHandler.Stage + Stage = $customExtensionHandler.Stage CustomExtensionId = $customExtensionHandler.CustomExtension.Id } $formattedCustomExtensionHandlers += $customExt @@ -540,9 +540,9 @@ function Set-TargetResource $formattedCustomExtensionHandlers = @() foreach ($customExtensionHandler in $CreateParameters.CustomExtensionHandlers) { - $extensionId= $customExtensionHandler.CustomExtensionId + $extensionId = $customExtensionHandler.CustomExtensionId $formattedCustomExtensionHandlers += @{ - stage = $customExtensionHandler.Stage + stage = $customExtensionHandler.Stage customExtension = @{ id = $extensionId } @@ -661,9 +661,9 @@ function Set-TargetResource $formattedCustomExtensionHandlers = @() foreach ($customExtensionHandler in $UpdateParameters.CustomExtensionHandlers) { - $extensionId= $customExtensionHandler.CustomExtensionId + $extensionId = $customExtensionHandler.CustomExtensionId $formattedCustomExtensionHandlers += @{ - stage = $customExtensionHandler.Stage + stage = $customExtensionHandler.Stage customExtension = @{ id = $extensionId } @@ -963,9 +963,9 @@ function Export-TargetResource } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.AccessReviewSettings ` - -CIMInstanceName MicrosoftGraphassignmentreviewsettings ` - -ComplexTypeMapping $complexMapping + -ComplexObject $Results.AccessReviewSettings ` + -CIMInstanceName MicrosoftGraphassignmentreviewsettings ` + -ComplexTypeMapping $complexMapping if ($complexTypeStringResult) { $Results.AccessReviewSettings = $complexTypeStringResult diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalog/MSFT_AADEntitlementManagementAccessPackageCatalog.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalog/MSFT_AADEntitlementManagementAccessPackageCatalog.psm1 index 36cd50c4af..99e4030a26 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalog/MSFT_AADEntitlementManagementAccessPackageCatalog.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalog/MSFT_AADEntitlementManagementAccessPackageCatalog.psm1 @@ -450,7 +450,7 @@ function Export-TargetResource try { #region resource generator code - [array]$getValue = (Get-MgBetaEntitlementManagementAccessPackage -all -ErrorAction Stop)| Select-Object -Unique CatalogId |Select-Object -ExpandProperty CatalogId + [array]$getValue = (Get-MgBetaEntitlementManagementAccessPackage -All -ErrorAction Stop) | Select-Object -Unique CatalogId | Select-Object -ExpandProperty CatalogId #endregion $i = 1 $dscContent = '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalogResource/MSFT_AADEntitlementManagementAccessPackageCatalogResource.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalogResource/MSFT_AADEntitlementManagementAccessPackageCatalogResource.psm1 index 06bdda2938..63e6cb1b3d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalogResource/MSFT_AADEntitlementManagementAccessPackageCatalogResource.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalogResource/MSFT_AADEntitlementManagementAccessPackageCatalogResource.psm1 @@ -128,14 +128,14 @@ function Get-TargetResource } $getValue = Get-MgBetaEntitlementManagementAccessPackageCatalogAccessPackageResource ` - -AccessPackageCatalogId $CatalogId ` + -AccessPackageCatalogId $CatalogId ` -Filter "Id eq '$Id'" -ErrorAction SilentlyContinue if ($null -eq $getValue) { Write-Verbose -Message "Retrieving Resource by Display Name {$DisplayName}" $getValue = Get-MgBetaEntitlementManagementAccessPackageCatalogAccessPackageResource ` - -AccessPackageCatalogId $CatalogId ` + -AccessPackageCatalogId $CatalogId ` -Filter "DisplayName eq '$DisplayName'" -ErrorAction SilentlyContinue } } @@ -339,7 +339,7 @@ function Set-TargetResource $resource = ([Hashtable]$PSBoundParameters).clone() $ObjectGuid = [System.Guid]::empty if ($OriginSystem -eq 'AADGroup' -and ` - -not [System.Guid]::TryParse($OriginId, [System.Management.Automation.PSReference]$ObjectGuid)) + -not [System.Guid]::TryParse($OriginId, [System.Management.Automation.PSReference]$ObjectGuid)) { Write-Verbose -Message "The Group reference was provided by name {$OriginId}. Retrieving associated id." $groupInfo = Get-MgGroup -Filter "DisplayName eq '$OriginId'" @@ -353,7 +353,7 @@ function Set-TargetResource $ObjectGuid = [System.Guid]::empty if (-not [System.Guid]::TryParse($CatalogId, [System.Management.Automation.PSReference]$ObjectGuid)) { - Write-Verbose -Message "Retrieving Catalog by Display Name" + Write-Verbose -Message 'Retrieving Catalog by Display Name' $catalogInstance = Get-MgBetaEntitlementManagementAccessPackageCatalog -Filter "DisplayName eq '$($CatalogId)'" if ($catalogInstance) { @@ -406,7 +406,7 @@ function Set-TargetResource $ObjectGuid = [System.Guid]::empty if (-not [System.Guid]::TryParse($CatalogId, [System.Management.Automation.PSReference]$ObjectGuid)) { - Write-Verbose -Message "Retrieving Catalog by Display Name" + Write-Verbose -Message 'Retrieving Catalog by Display Name' $catalogInstance = Get-MgBetaEntitlementManagementAccessPackageCatalog -Filter "DisplayName eq '$($CatalogId)'" if ($catalogInstance) { @@ -725,7 +725,7 @@ function Export-TargetResource $catalogId = $catalog.id - [array]$resources = Get-MgBetaEntitlementManagementAccessPackageCatalogAccessPackageResource -AccessPackageCatalogId $catalogId -ErrorAction Stop + [array]$resources = Get-MgBetaEntitlementManagementAccessPackageCatalogAccessPackageResource -AccessPackageCatalogId $catalogId -ErrorAction Stop $j = 1 diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/MSFT_AADEntitlementManagementConnectedOrganization.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/MSFT_AADEntitlementManagementConnectedOrganization.psm1 index 1c0587dc95..1e50576601 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/MSFT_AADEntitlementManagementConnectedOrganization.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/MSFT_AADEntitlementManagementConnectedOrganization.psm1 @@ -443,10 +443,10 @@ function Set-TargetResource foreach ($sponsor in $ExternalSponsors) { $directoryObject = Get-MgBetaDirectoryObject -DirectoryObjectId $sponsor - $directoryObjectType=$directoryObject.AdditionalProperties."@odata.type" - $directoryObjectType=($directoryObject.AdditionalProperties."@odata.type").split(".")|select-object -last 1 - $directoryObjectRef=@{ - "@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/$($directoryObjectType)s/$($sponsor)" + $directoryObjectType = $directoryObject.AdditionalProperties.'@odata.type' + $directoryObjectType = ($directoryObject.AdditionalProperties.'@odata.type').split('.') | Select-Object -Last 1 + $directoryObjectRef = @{ + '@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/$($directoryObjectType)s/$($sponsor)" } New-MgBetaEntitlementManagementConnectedOrganizationExternalSponsorByRef ` @@ -457,9 +457,9 @@ function Set-TargetResource foreach ($sponsor in $InternalSponsors) { $directoryObject = Get-MgBetaDirectoryObject -DirectoryObjectId $sponsor - $directoryObjectType=($directoryObject.AdditionalProperties."@odata.type").split(".")|select-object -last 1 - $directoryObjectRef=@{ - "@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/$($directoryObjectType)s/$($sponsor)" + $directoryObjectType = ($directoryObject.AdditionalProperties.'@odata.type').split('.') | Select-Object -Last 1 + $directoryObjectRef = @{ + '@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/$($directoryObjectType)s/$($sponsor)" } New-MgBetaEntitlementManagementConnectedOrganizationInternalSponsorByRef ` @@ -506,16 +506,16 @@ function Set-TargetResource } $currentInstance.ExternalSponsors = $currentExternalSponsors } - $sponsorsDifferences = compare-object -ReferenceObject @($ExternalSponsors|select-object) -DifferenceObject @($currentInstance.ExternalSponsors|select-object) - $sponsorsToAdd=($sponsorsDifferences | where-object -filterScript {$_.SideIndicator -eq '<='}).InputObject - $sponsorsToRemove=($sponsorsDifferences | where-object -filterScript {$_.SideIndicator -eq '=>'}).InputObject + $sponsorsDifferences = Compare-Object -ReferenceObject @($ExternalSponsors | Select-Object) -DifferenceObject @($currentInstance.ExternalSponsors | Select-Object) + $sponsorsToAdd = ($sponsorsDifferences | Where-Object -FilterScript { $_.SideIndicator -eq '<=' }).InputObject + $sponsorsToRemove = ($sponsorsDifferences | Where-Object -FilterScript { $_.SideIndicator -eq '=>' }).InputObject foreach ($sponsor in $sponsorsToAdd) { $directoryObject = Get-MgBetaDirectoryObject -DirectoryObjectId $sponsor - $directoryObjectType=$directoryObject.AdditionalProperties."@odata.type" - $directoryObjectType=($directoryObject.AdditionalProperties."@odata.type").split(".")|select-object -last 1 - $directoryObjectRef=@{ - "@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/$($directoryObjectType)s/$($sponsor)" + $directoryObjectType = $directoryObject.AdditionalProperties.'@odata.type' + $directoryObjectType = ($directoryObject.AdditionalProperties.'@odata.type').split('.') | Select-Object -Last 1 + $directoryObjectRef = @{ + '@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/$($directoryObjectType)s/$($sponsor)" } New-MgBetaEntitlementManagementConnectedOrganizationExternalSponsorByRef ` @@ -544,16 +544,16 @@ function Set-TargetResource } $currentInstance.InternalSponsors = $currentInternalSponsors } - $sponsorsDifferences = compare-object -ReferenceObject @($InternalSponsors|select-object) -DifferenceObject @($currentInstance.InternalSponsors|select-object) - $sponsorsToAdd=($sponsorsDifferences | where-object -filterScript {$_.SideIndicator -eq '<='}).InputObject - $sponsorsToRemove=($sponsorsDifferences | where-object -filterScript {$_.SideIndicator -eq '=>'}).InputObject + $sponsorsDifferences = Compare-Object -ReferenceObject @($InternalSponsors | Select-Object) -DifferenceObject @($currentInstance.InternalSponsors | Select-Object) + $sponsorsToAdd = ($sponsorsDifferences | Where-Object -FilterScript { $_.SideIndicator -eq '<=' }).InputObject + $sponsorsToRemove = ($sponsorsDifferences | Where-Object -FilterScript { $_.SideIndicator -eq '=>' }).InputObject foreach ($sponsor in $sponsorsToAdd) { $directoryObject = Get-MgBetaDirectoryObject -DirectoryObjectId $sponsor - $directoryObjectType=$directoryObject.AdditionalProperties."@odata.type" - $directoryObjectType=($directoryObject.AdditionalProperties."@odata.type").split(".")|select-object -last 1 - $directoryObjectRef=@{ - "@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/$($directoryObjectType)s/$($sponsor)" + $directoryObjectType = $directoryObject.AdditionalProperties.'@odata.type' + $directoryObjectType = ($directoryObject.AdditionalProperties.'@odata.type').split('.') | Select-Object -Last 1 + $directoryObjectRef = @{ + '@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/$($directoryObjectType)s/$($sponsor)" } New-MgBetaEntitlementManagementConnectedOrganizationInternalSponsorByRef ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json index 3a9096b509..b1f1eeda04 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json @@ -3,12 +3,12 @@ "description": "This resource configures an Azure AD Entitlement Management Connected Organization.", "roles": { "read": [ - "Security Reader" + "Security Reader" ], "update": [ - "Identity Governance Administrator" + "Identity Governance Administrator" ] - }, + }, "permissions": { "graph": { "delegated": { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementRoleAssignment/MSFT_AADEntitlementManagementRoleAssignment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementRoleAssignment/MSFT_AADEntitlementManagementRoleAssignment.psm1 index b3b1c7aadc..0f76cb1c7a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementRoleAssignment/MSFT_AADEntitlementManagementRoleAssignment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementRoleAssignment/MSFT_AADEntitlementManagementRoleAssignment.psm1 @@ -93,12 +93,12 @@ function Get-TargetResource $getValue = Get-MgBetaRoleManagementEntitlementManagementRoleAssignment -UnifiedRoleAssignmentId $Id } - $user = Get-mguser -UserId $Principal + $user = Get-MgUser -UserId $Principal $roleInfo = Get-MgBetaRoleManagementEntitlementManagementRoleDefinition -Filter "DisplayName eq '$RoleDefinition'" if ($null -eq $getValue) { - if(-not [System.String]::IsNullOrEmpty($Id)) + if (-not [System.String]::IsNullOrEmpty($Id)) { Write-Verbose -Message "Nothing with id {$Id} was found" } @@ -122,7 +122,7 @@ function Get-TargetResource if ($null -eq $getValue) { - Write-Verbose -Message "No existing assignments were found" + Write-Verbose -Message 'No existing assignments were found' return $nullResult } @@ -268,7 +268,7 @@ function Set-TargetResource } elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { - Write-Verbose -Message "Entitlement Management Role Assignments cannot be updated." + Write-Verbose -Message 'Entitlement Management Role Assignments cannot be updated.' } elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { @@ -350,7 +350,7 @@ function Test-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Testing configuration of Assignment" + Write-Verbose -Message 'Testing configuration of Assignment' $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementRoleAssignment/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementRoleAssignment/settings.json index 5eb3981dd3..d28e733648 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementRoleAssignment/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementRoleAssignment/settings.json @@ -40,7 +40,7 @@ "name": "EntitlementManagement.ReadWrite.All" }, { - "name" : "RoleManagement.ReadWrite.Directory" + "name": "RoleManagement.ReadWrite.Directory" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementSettings/MSFT_AADEntitlementManagementSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementSettings/MSFT_AADEntitlementManagementSettings.psm1 index 7ffb6e65bc..e2c28a72c0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementSettings/MSFT_AADEntitlementManagementSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementSettings/MSFT_AADEntitlementManagementSettings.psm1 @@ -156,7 +156,7 @@ function Set-TargetResource $setParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters $setParameters.Remove('IsSingleInstance') | Out-Null - Write-Verbose -Message "Updating Entitlement Management settings" + Write-Verbose -Message 'Updating Entitlement Management settings' Update-MgBetaEntitlementManagementSetting @setParameters | Out-Null } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementSettings/settings.json index 3005622fd8..631b6cdbc1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementSettings/settings.json @@ -40,7 +40,7 @@ "name": "EntitlementManagement.ReadWrite.All" }, { - "name" : "RoleManagement.ReadWrite.Directory" + "name": "RoleManagement.ReadWrite.Directory" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADExternalIdentityPolicy/MSFT_AADExternalIdentityPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADExternalIdentityPolicy/MSFT_AADExternalIdentityPolicy.psm1 index b4cc15b5e9..28b76ad13a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADExternalIdentityPolicy/MSFT_AADExternalIdentityPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADExternalIdentityPolicy/MSFT_AADExternalIdentityPolicy.psm1 @@ -343,7 +343,7 @@ function Export-TargetResource if ($Results -is [System.Collections.Hashtable] -and $Results.Count -gt 1) { Write-Host "`r`n" -NoNewline - Write-Host " |---[1/1] External Identity Policy" -NoNewline + Write-Host ' |---[1/1] External Identity Policy' -NoNewline $results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $results $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADFeatureRolloutPolicy/MSFT_AADFeatureRolloutPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADFeatureRolloutPolicy/MSFT_AADFeatureRolloutPolicy.psm1 index 97857762ed..26944c5c3c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADFeatureRolloutPolicy/MSFT_AADFeatureRolloutPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADFeatureRolloutPolicy/MSFT_AADFeatureRolloutPolicy.psm1 @@ -14,7 +14,7 @@ function Get-TargetResource $DisplayName, [Parameter()] - [ValidateSet('passthroughAuthentication','seamlessSso','passwordHashSync','emailAsAlternateId','unknownFutureValue','certificateBasedAuthentication')] + [ValidateSet('passthroughAuthentication', 'seamlessSso', 'passwordHashSync', 'emailAsAlternateId', 'unknownFutureValue', 'certificateBasedAuthentication')] [System.String] $Feature, @@ -100,8 +100,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.FeatureRolloutPolicy" - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.FeatureRolloutPolicy' + } } } #endregion @@ -168,7 +168,7 @@ function Set-TargetResource $DisplayName, [Parameter()] - [ValidateSet('passthroughAuthentication','seamlessSso','passwordHashSync','emailAsAlternateId','unknownFutureValue','certificateBasedAuthentication')] + [ValidateSet('passthroughAuthentication', 'seamlessSso', 'passwordHashSync', 'emailAsAlternateId', 'unknownFutureValue', 'certificateBasedAuthentication')] [System.String] $Feature, @@ -287,7 +287,7 @@ function Test-TargetResource $DisplayName, [Parameter()] - [ValidateSet('passthroughAuthentication','seamlessSso','passwordHashSync','emailAsAlternateId','unknownFutureValue','certificateBasedAuthentication')] + [ValidateSet('passthroughAuthentication', 'seamlessSso', 'passwordHashSync', 'emailAsAlternateId', 'unknownFutureValue', 'certificateBasedAuthentication')] [System.String] $Feature, @@ -465,16 +465,16 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADFederationConfiguration/MSFT_AADFederationConfiguration.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADFederationConfiguration/MSFT_AADFederationConfiguration.psm1 index d5c9a56bd8..47bd688e1b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADFederationConfiguration/MSFT_AADFederationConfiguration.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADFederationConfiguration/MSFT_AADFederationConfiguration.psm1 @@ -93,11 +93,11 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($Id)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } if ($null -eq $instance) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } } else @@ -106,11 +106,11 @@ function Get-TargetResource $instances = Invoke-MgGraphRequest $uri -Method Get if (-not [System.String]::IsNullOrEmpty($Id)) { - $instance = $instances.value | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $instances.value | Where-Object -FilterScript { $_.Id -eq $Id } } if ($null -eq $instance) { - $instance = $instances.value | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $instance = $instances.value | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } } if ($null -eq $instance) @@ -237,7 +237,7 @@ function Set-TargetResource $currentInstance = Get-TargetResource @PSBoundParameters $instanceParams = @{ - "@odata.type" = "microsoft.graph.samlOrWsFedExternalDomainFederation" + '@odata.type' = 'microsoft.graph.samlOrWsFedExternalDomainFederation' displayName = $DisplayName metadataExchangeUri = $MetadataExchangeUri issuerUri = $IssuerUri @@ -249,7 +249,7 @@ function Set-TargetResource foreach ($domain in $domains) { $instanceParams.domains += @{ - "@odata.type" = "microsoft.graph.externalDomainName" + '@odata.type' = 'microsoft.graph.externalDomainName' id = $domain } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringPolicy/MSFT_AADFilteringPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringPolicy/MSFT_AADFilteringPolicy.psm1 index 1a447cc253..086b244212 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringPolicy/MSFT_AADFilteringPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringPolicy/MSFT_AADFilteringPolicy.psm1 @@ -78,12 +78,12 @@ function Get-TargetResource if (-not [System.String]::IsNullOrEmpty($Id)) { Write-Verbose -Message "Retrieving policy by id {$Id}" - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } if ($null -eq $instance) { Write-Verbose -Message "Retrieving policy by name {$Name}" - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } } else @@ -96,7 +96,7 @@ function Get-TargetResource if ($null -eq $instance) { Write-Verbose -Message "Retrieving policy by name {$Name}" - $instance = Get-MgBetaNetworkAccessFilteringPolicy -All | Where-Object -FilterScript {$_.Name -eq $Name} + $instance = Get-MgBetaNetworkAccessFilteringPolicy -All | Where-Object -FilterScript { $_.Name -eq $Name } } } if ($null -eq $instance) @@ -219,7 +219,7 @@ function Set-TargetResource { Write-Verbose -Message "Updating filtering policy {$Name}" Update-MgBetaNetworkAccessFilteringPolicy -FilteringPolicyId $currentInstance.Id ` - -BodyParameter $instanceParams + -BodyParameter $instanceParams } # REMOVE elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringPolicyRule/MSFT_AADFilteringPolicyRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringPolicyRule/MSFT_AADFilteringPolicyRule.psm1 index 3d5d4eda49..a54318f96d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringPolicyRule/MSFT_AADFilteringPolicyRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringPolicyRule/MSFT_AADFilteringPolicyRule.psm1 @@ -77,7 +77,7 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' try { - $policyInstance = Get-MgBetaNetworkAccessFilteringPolicy | Where-Object -Filter {$_.Name -eq $Policy} + $policyInstance = Get-MgBetaNetworkAccessFilteringPolicy | Where-Object -Filter { $_.Name -eq $Policy } if ($null -ne $policyInstance) { Write-Verbose -Message "Found existing Policy {$Policy}" @@ -86,12 +86,12 @@ function Get-TargetResource { Write-Verbose -Message "Retrieving Filtering Policy Rule by Id {$Id}" $instance = Get-MgBetaNetworkAccessFilteringPolicyRule -FilteringPolicyId $policyInstance.Id ` - -PolicyRuleId Id -ErrorAction SilentlyContinue + -PolicyRuleId Id -ErrorAction SilentlyContinue } if ($null -eq $instance) { Write-Verbose -Message "Retrieving Filtering Policy Rule by Name {$Name}" - $instance = Get-MgBetaNetworkAccessFilteringPolicyRule -FilteringPolicyId $policyInstance.Id | Where-Object -FilterScript {$_.Name -eq $Name} + $instance = Get-MgBetaNetworkAccessFilteringPolicyRule -FilteringPolicyId $policyInstance.Id | Where-Object -FilterScript { $_.Name -eq $Name } } } if ($null -eq $instance) @@ -111,7 +111,7 @@ function Get-TargetResource elseif ($instance.AdditionalProperties.ruleType -eq 'webCategory') { $DestinationsValue += @{ - name = $destination.name + name = $destination.name } } } @@ -205,7 +205,7 @@ function Set-TargetResource $AccessTokens ) - Write-Verbose -Message "Entering the Set-TargetResource function" + Write-Verbose -Message 'Entering the Set-TargetResource function' #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -220,21 +220,21 @@ function Set-TargetResource #endregion $currentInstance = Get-TargetResource @PSBoundParameters - $policyInstance = Get-MgBetaNetworkAccessFilteringPolicy | Where-Object -Filter {$_.Name -eq $Policy} + $policyInstance = Get-MgBetaNetworkAccessFilteringPolicy | Where-Object -Filter { $_.Name -eq $Policy } if ($RuleType -eq 'webCategory') { $instanceParams = @{ - "@odata.type" = "#microsoft.graph.networkaccess.webCategoryFilteringRule" + '@odata.type' = '#microsoft.graph.networkaccess.webCategoryFilteringRule' name = $Name ruleType = $RuleType - destinations = @() + destinations = @() } foreach ($destination in $Destinations) { $instanceParams.destinations += @{ - "@odata.type" = "#microsoft.graph.networkaccess.webCategory" + '@odata.type' = '#microsoft.graph.networkaccess.webCategory' name = $destination.name } } @@ -242,7 +242,7 @@ function Set-TargetResource elseif ($RuleType -eq 'fqdn') { $instanceParams = @{ - "@odata.type" = "#microsoft.graph.networkaccess.fqdnFilteringRule" + '@odata.type' = '#microsoft.graph.networkaccess.fqdnFilteringRule' name = $Name ruleType = $RuleType destinations = @() @@ -251,7 +251,7 @@ function Set-TargetResource foreach ($destination in $Destinations) { $instanceParams.destinations += @{ - "@odata.type" = "#microsoft.graph.networkaccess.fqdn" + '@odata.type' = '#microsoft.graph.networkaccess.fqdn' value = $destination.value } } @@ -262,7 +262,7 @@ function Set-TargetResource { Write-Verbose -Message "Creating new Filtering Policy Rule {$Name}" New-MgBetaNetworkAccessFilteringPolicyRule -FilteringPolicyId $policyInstance.Id ` - -BodyParameter $instanceParams + -BodyParameter $instanceParams } # UPDATE elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') @@ -270,15 +270,15 @@ function Set-TargetResource Write-Verbose -Message "Updating Filtering Policy Rule {$Name}" $instanceParams.Remove('ruleType') | Out-Null Update-MgBetaNetworkAccessFilteringPolicyRule -FilteringPolicyId $policyInstance.Id ` - -PolicyRuleId $currentInstance.Id ` - -BodyParameter $instanceParams + -PolicyRuleId $currentInstance.Id ` + -BodyParameter $instanceParams } # REMOVE elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Removing Filtering Policy Rule {$Name}" Remove-MgBetaNetworkAccessFilteringPolicyRule -FilteringPolicyId $policyInstance.Id ` - -PolicyRuleId $currentInstance.Id + -PolicyRuleId $currentInstance.Id } } @@ -464,7 +464,7 @@ function Export-TargetResource $displayedKey = $policy.Name Write-Host " |---[$i/$($policies.Count)] $displayedKey" -NoNewline $rules = Get-MgBetaNetworkAccessFilteringPolicyRule -FilteringPolicyId $policy.Id ` - -ErrorAction SilentlyContinue + -ErrorAction SilentlyContinue if ($rules.Length -eq 0) { Write-Host $Global:M365DSCEmojiGreenCheckMark diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringProfile/MSFT_AADFilteringProfile.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringProfile/MSFT_AADFilteringProfile.psm1 index 882f42d4f4..13cc48b691 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringProfile/MSFT_AADFilteringProfile.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADFilteringProfile/MSFT_AADFilteringProfile.psm1 @@ -86,12 +86,12 @@ function Get-TargetResource if (-not [System.String]::IsNullOrEmpty($Id)) { Write-Verbose -Message "Retrieving profile by Id {$Id}" - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } if ($null -eq $instance) { Write-Verbose -Message "Retrieving profile by Name {$Name}" - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } } else @@ -104,7 +104,7 @@ function Get-TargetResource if ($null -eq $instance) { Write-Verbose -Message "Retrieving profile by Name {$Name}" - $instance = Get-MgBetaNetworkAccessFilteringProfile -All -ExpandProperty Policies | Where-Object -FilterScript {$_.Name -eq $Name} + $instance = Get-MgBetaNetworkAccessFilteringProfile -All -ExpandProperty Policies | Where-Object -FilterScript { $_.Name -eq $Name } } } if ($null -eq $instance) @@ -250,16 +250,16 @@ function Set-TargetResource foreach ($policy in $Policies) { - $policyInfo = Get-MgBetaNetworkAccessFilteringPolicy -All | Where-Object -FilterScript {$_.Name -eq $policy.PolicyName} + $policyInfo = Get-MgBetaNetworkAccessFilteringPolicy -All | Where-Object -FilterScript { $_.Name -eq $policy.PolicyName } if ($null -ne $policyInfo) { $entry = @{ - "@odata.type" = "#microsoft.graph.networkaccess.filteringPolicyLink" + '@odata.type' = '#microsoft.graph.networkaccess.filteringPolicyLink' loggingState = $policy.LoggingState priority = $policy.Priority state = $policy.State policy = @{ - "@odata.type" = "#microsoft.graph.networkaccess.filteringPolicy" + '@odata.type' = '#microsoft.graph.networkaccess.filteringPolicy' id = $policyInfo.Id } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 index 00cc64d642..538b67f9f6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 @@ -209,7 +209,7 @@ function Get-TargetResource { $OwnersValues += $owner.AdditionalProperties.userPrincipalName } - elseif($owner.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.servicePrincipal") + elseif ($owner.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.servicePrincipal') { $OwnersValues += $owner.AdditionalProperties.displayName } @@ -224,7 +224,7 @@ function Get-TargetResource $GroupAsMembersValues = @() foreach ($member in $members) { - if ($member.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.user") + if ($member.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.user') { $MembersValues += $member.AdditionalProperties.userPrincipalName } @@ -232,7 +232,7 @@ function Get-TargetResource { $MembersValues += $member.AdditionalProperties.displayName } - elseif($member.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.group") + elseif ($member.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.group') { $GroupAsMembersValues += $member.AdditionalProperties.displayName } @@ -619,7 +619,7 @@ function Set-TargetResource { try { - Write-Verbose -Message "Setting Group Licenses" + Write-Verbose -Message 'Setting Group Licenses' Set-MgGroupLicense -GroupId $currentGroup.Id ` -AddLicenses $licensesToAdd ` -RemoveLicenses $licensesToRemove ` @@ -655,7 +655,7 @@ function Set-TargetResource if ($Ensure -ne 'Absent') { #Owners - Write-Verbose -Message "Updating Owners" + Write-Verbose -Message 'Updating Owners' if ($PSBoundParameters.ContainsKey('Owners')) { $currentOwnersValue = @() @@ -713,7 +713,7 @@ function Set-TargetResource } #Members - Write-Verbose -Message "Updating Members" + Write-Verbose -Message 'Updating Members' if ($MembershipRuleProcessingState -ne 'On' -and $PSBoundParameters.ContainsKey('Members')) { $currentMembersValue = @() @@ -730,7 +730,7 @@ function Set-TargetResource { $backCurrentMembers = @() } - Write-Verbose -Message "Comparing current members and desired list" + Write-Verbose -Message 'Comparing current members and desired list' $membersDiff = Compare-Object -ReferenceObject $backCurrentMembers -DifferenceObject $desiredMembersValue foreach ($diff in $membersDiff) { @@ -771,7 +771,7 @@ function Set-TargetResource } #GroupAsMembers - Write-Verbose -Message "Updating GroupAsMembers" + Write-Verbose -Message 'Updating GroupAsMembers' if ($MembershipRuleProcessingState -ne 'On' -and $PSBoundParameters.ContainsKey('GroupAsMembers')) { $currentGroupAsMembersValue = @() @@ -809,7 +809,7 @@ function Set-TargetResource { Write-Verbose -Message "Adding AAD group {$($groupAsMember.DisplayName)} as member of AAD group {$($currentGroup.DisplayName)}" $groupAsMemberObject = @{ - "@odata.id"= $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/directoryObjects/$($groupAsMember.Id)" + '@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/directoryObjects/$($groupAsMember.Id)" } New-MgBetaGroupMemberByRef -GroupId ($currentGroup.Id) -Body $groupAsMemberObject | Out-Null } @@ -823,7 +823,7 @@ function Set-TargetResource } #MemberOf - Write-Verbose -Message "Updating MemberOf" + Write-Verbose -Message 'Updating MemberOf' if ($PSBoundParameters.ContainsKey('MemberOf')) { $currentMemberOfValue = @() @@ -1120,10 +1120,11 @@ function Test-TargetResource foreach ($assignedLicense in $AssignedLicenses) { Write-Verbose "Compare DisabledPlans for SkuId $($assignedLicense.SkuId) in group {$DisplayName}" - $currentLicense = $CurrentValues.AssignedLicenses | Where-Object -FilterScript {$_.SkuId -eq $assignedLicense.SkuId} + $currentLicense = $CurrentValues.AssignedLicenses | Where-Object -FilterScript { $_.SkuId -eq $assignedLicense.SkuId } if ($assignedLicense.DisabledPlans.Count -ne 0 -or $currentLicense.DisabledPlans.Count -ne 0) { - try { + try + { $licensesDiff = Compare-Object -ReferenceObject $assignedLicense.DisabledPlans -DifferenceObject $currentLicense.DisabledPlans if ($null -ne $licensesDiff) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsSettings/MSFT_AADGroupsSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsSettings/MSFT_AADGroupsSettings.psm1 index 6f20b8aabf..e3c46d2491 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsSettings/MSFT_AADGroupsSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsSettings/MSFT_AADGroupsSettings.psm1 @@ -130,28 +130,28 @@ function Get-TargetResource $valueNewUnifiedGroupWritebackDefault = $Policy.Values | Where-Object -FilterScript { $_.Name -eq 'NewUnifiedGroupWritebackDefault' } $result = @{ - IsSingleInstance = 'Yes' - EnableGroupCreation = [Boolean]::Parse($valueEnableGroupCreation.Value) - EnableMIPLabels = [Boolean]::Parse($valueEnableMIPLabels.Value) - AllowGuestsToBeGroupOwner = [Boolean]::Parse($valueAllowGuestsToBeGroupOwner.Value) - AllowGuestsToAccessGroups = [Boolean]::Parse($valueAllowGuestsToAccessGroups.Value) - GuestUsageGuidelinesUrl = $valueGuestUsageGuidelinesUrl.Value - AllowToAddGuests = [Boolean]::Parse($valueAllowToAddGuests.Value) - UsageGuidelinesUrl = $valueUsageGuidelinesUrl.Value - Ensure = 'Present' - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - Credential = $Credential - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + IsSingleInstance = 'Yes' + EnableGroupCreation = [Boolean]::Parse($valueEnableGroupCreation.Value) + EnableMIPLabels = [Boolean]::Parse($valueEnableMIPLabels.Value) + AllowGuestsToBeGroupOwner = [Boolean]::Parse($valueAllowGuestsToBeGroupOwner.Value) + AllowGuestsToAccessGroups = [Boolean]::Parse($valueAllowGuestsToAccessGroups.Value) + GuestUsageGuidelinesUrl = $valueGuestUsageGuidelinesUrl.Value + AllowToAddGuests = [Boolean]::Parse($valueAllowToAddGuests.Value) + UsageGuidelinesUrl = $valueUsageGuidelinesUrl.Value + Ensure = 'Present' + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + Credential = $Credential + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } if (-not [System.String]::IsNullOrEmpty($valueNewUnifiedGroupWritebackDefault.Value)) { - $result.Add('NewUnifiedGroupWritebackDefault', [Boolean]::Parse($valueNewUnifiedGroupWritebackDefault.Value)) + $result.Add('NewUnifiedGroupWritebackDefault', [Boolean]::Parse($valueNewUnifiedGroupWritebackDefault.Value)) } - + if (-not [System.String]::IsNullOrEmpty($AllowedGroupName)) { $result.Add('GroupCreationAllowedGroupName', $AllowedGroupName) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADHomeRealmDiscoveryPolicy/MSFT_AADHomeRealmDiscoveryPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADHomeRealmDiscoveryPolicy/MSFT_AADHomeRealmDiscoveryPolicy.psm1 index bd3c930dee..75f731e717 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADHomeRealmDiscoveryPolicy/MSFT_AADHomeRealmDiscoveryPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADHomeRealmDiscoveryPolicy/MSFT_AADHomeRealmDiscoveryPolicy.psm1 @@ -79,7 +79,7 @@ function Get-TargetResource $getValue = $null #region resource generator code $getValue = Get-MgBetaPolicyHomeRealmDiscoveryPolicy ` - -Filter "DisplayName eq '$DisplayName'" + -Filter "DisplayName eq '$DisplayName'" #endregion if ($null -eq $getValue) @@ -88,7 +88,8 @@ function Get-TargetResource return $nullResult } # if multiple objects with same name exist - if ($getValue -is [array]) { + if ($getValue -is [array]) + { Write-Verbose -Message "Multiple Azure AD Home Realm Discovery Policy with DisplayName {$DisplayName} found. Skipping Operation." return $nullResult } @@ -96,13 +97,14 @@ function Get-TargetResource Write-Verbose -Message "An Azure AD Home Realm Discovery Policy with DisplayName {$DisplayName} was found" $DefinitionArray = @() - foreach ($definitionValue in $getValue.definition) { + foreach ($definitionValue in $getValue.definition) + { $value = ConvertFrom-Json $definitionValue $DefinitionArray += @{ - AccelerateToFederatedDomain = $value.HomeRealmDiscoveryPolicy.AccelerateToFederatedDomain + AccelerateToFederatedDomain = $value.HomeRealmDiscoveryPolicy.AccelerateToFederatedDomain AllowCloudPasswordValidation = $value.HomeRealmDiscoveryPolicy.AllowCloudPasswordValidation - PreferredDomain = $value.HomeRealmDiscoveryPolicy.PreferredDomain - AlternateIdLogin = @{ + PreferredDomain = $value.HomeRealmDiscoveryPolicy.PreferredDomain + AlternateIdLogin = @{ Enabled = $value.HomeRealmDiscoveryPolicy.AlternateIdLogin.Enabled } } @@ -213,22 +215,27 @@ function Set-TargetResource # to get the id parameter $getValue = Get-MgBetaPolicyHomeRealmDiscoveryPolicy ` - -Filter "DisplayName eq '$DisplayName'" + -Filter "DisplayName eq '$DisplayName'" $newDefinitions = @() - foreach ($Def in $Definition) { + foreach ($Def in $Definition) + { $HomeRealmDiscoveryPolicy = @{} - if ($null -ne $Def.AccelerateToFederatedDomain){ + if ($null -ne $Def.AccelerateToFederatedDomain) + { $HomeRealmDiscoveryPolicy.Add('AccelerateToFederatedDomain', $Def.AccelerateToFederatedDomain) } - if ($null -ne $Def.AllowCloudPasswordValidation){ + if ($null -ne $Def.AllowCloudPasswordValidation) + { $HomeRealmDiscoveryPolicy.Add('AllowCloudPasswordValidation', $Def.AllowCloudPasswordValidation) } - if ($null -ne $Def.PreferredDomain){ + if ($null -ne $Def.PreferredDomain) + { $HomeRealmDiscoveryPolicy.Add('PreferredDomain', $Def.PreferredDomain) } - if ($null -ne $Def.AlternateIdLogin.Enabled){ - $HomeRealmDiscoveryPolicy.Add('AlternateIdLogin', @{Enabled = $Def.AlternateIdLogin.Enabled}) + if ($null -ne $Def.AlternateIdLogin.Enabled) + { + $HomeRealmDiscoveryPolicy.Add('AlternateIdLogin', @{Enabled = $Def.AlternateIdLogin.Enabled }) } $temp = @{ HomeRealmDiscoveryPolicy = $HomeRealmDiscoveryPolicy @@ -476,7 +483,7 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - DisplayName = $config.DisplayName + DisplayName = $config.DisplayName Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId @@ -547,14 +554,16 @@ function Get-M365DSCAADHomeRealDiscoveryPolicyDefinitionAsString { $StringContent.Append("`n MSFT_AADHomeRealDiscoveryPolicyDefinition {`r`n") | Out-Null $StringContent.Append(" PreferredDomain = '" + $definition.PreferredDomain + "'`r`n") | Out-Null - if ($null -ne $definition.AccelerateToFederatedDomain) { - $StringContent.Append(" AccelerateToFederatedDomain = $" + $definition.AccelerateToFederatedDomain + "`r`n") | Out-Null + if ($null -ne $definition.AccelerateToFederatedDomain) + { + $StringContent.Append(' AccelerateToFederatedDomain = $' + $definition.AccelerateToFederatedDomain + "`r`n") | Out-Null } - if ($null -ne $definition.AllowCloudPasswordValidation) { - $StringContent.Append(" AllowCloudPasswordValidation = $" + $definition.AllowCloudPasswordValidation + "`r`n") | Out-Null + if ($null -ne $definition.AllowCloudPasswordValidation) + { + $StringContent.Append(' AllowCloudPasswordValidation = $' + $definition.AllowCloudPasswordValidation + "`r`n") | Out-Null } $StringContent.Append(" AlternateIdLogin = MSFT_AADHomeRealDiscoveryPolicyDefinitionAlternateIdLogin {`r`n") | Out-Null - $StringContent.Append(" Enabled = $" + $definition.AlternateIdLogin.Enabled + "`r`n") | Out-Null + $StringContent.Append(' Enabled = $' + $definition.AlternateIdLogin.Enabled + "`r`n") | Out-Null $StringContent.Append(" }`r`n") | Out-Null $StringContent.Append(" }`r`n") | Out-Null } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADHomeRealmDiscoveryPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADHomeRealmDiscoveryPolicy/settings.json index b3c6ae18bd..30dd05e381 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADHomeRealmDiscoveryPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADHomeRealmDiscoveryPolicy/settings.json @@ -1,33 +1,32 @@ { "resourceName": "AADHomeRealmDiscoveryPolicy", "description": "This resource configures an Azure AD Home Realm Discovery Policy.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Policy.Read.All" - } - ], - "update": [ - { - "name": "Policy.ReadWrite.ApplicationConfiguration" - } - ] - }, - "application": { - "read": [ - { - "name": "Policy.Read.All" - } - ], - "update": [ - { - "name": "Policy.ReadWrite.ApplicationConfiguration" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Policy.Read.All" + } + ], + "update": [ + { + "name": "Policy.ReadWrite.ApplicationConfiguration" + } + ] + }, + "application": { + "read": [ + { + "name": "Policy.Read.All" + } + ], + "update": [ + { + "name": "Policy.ReadWrite.ApplicationConfiguration" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/MSFT_AADIdentityAPIConnector.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/MSFT_AADIdentityAPIConnector.psm1 index 04f48ad77f..e41811a9d2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/MSFT_AADIdentityAPIConnector.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/MSFT_AADIdentityAPIConnector.psm1 @@ -87,7 +87,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaIdentityAPIConnector -IdentityApiConnectorId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaIdentityApiConnector -IdentityApiConnectorId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -95,9 +95,9 @@ function Get-TargetResource if (-not [System.String]::IsNullOrEmpty($DisplayName)) { - $getValue = Get-MgBetaIdentityAPIConnector ` + $getValue = Get-MgBetaIdentityApiConnector ` -Filter "DisplayName eq '$DisplayName'" ` - -ErrorAction SilentlyContinue + -ErrorAction SilentlyContinue } } #endregion @@ -112,7 +112,8 @@ function Get-TargetResource #region resource generator code $complexAuthenticationConfiguration = @{} - if($null -ne $getValue.AuthenticationConfiguration.AdditionalProperties.password) { + if ($null -ne $getValue.AuthenticationConfiguration.AdditionalProperties.password) + { $securePassword = ConvertTo-SecureString $getValue.AuthenticationConfiguration.AdditionalProperties.password -AsPlainText -Force $Password = New-Object System.Management.Automation.PSCredential ('Password', $securePassword) @@ -122,13 +123,13 @@ function Get-TargetResource $complexCertificates = @() foreach ($currentCertificate in $getValue.AuthenticationConfiguration.AdditionalProperties.certificateList) { - $myCertificate= @{} - $myCertificate.Add('Pkcs12Value', "Please insert a valid Pkcs12Value") + $myCertificate = @{} + $myCertificate.Add('Pkcs12Value', 'Please insert a valid Pkcs12Value') $myCertificate.Add('Thumbprint', $currentCertificate.thumbprint) - $myCertificate.Add('Password', "Please insert a valid Password for the certificate") + $myCertificate.Add('Password', 'Please insert a valid Password for the certificate') $myCertificate.Add('IsActive', $currentCertificate.isActive) - if ($myCertificate.values.Where({$null -ne $_}).Count -gt 0) + if ($myCertificate.values.Where({ $null -ne $_ }).Count -gt 0) { $complexCertificates += $myCertificate } @@ -137,19 +138,19 @@ function Get-TargetResource $results = @{ #region resource generator code - DisplayName = $getValue.DisplayName - TargetUrl = $getValue.TargetUrl - Id = $getValue.Id - Username = $getValue.AuthenticationConfiguration.AdditionalProperties.username - Password = $Password - Certificates = $complexCertificates - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent + DisplayName = $getValue.DisplayName + TargetUrl = $getValue.TargetUrl + Id = $getValue.Id + Username = $getValue.AuthenticationConfiguration.AdditionalProperties.username + Password = $Password + Certificates = $complexCertificates + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent #endregion } @@ -252,11 +253,13 @@ function Set-TargetResource # If the certificates array is not empty, then we need to create a new instance of New-MgBetaAADIdentityAPIConnector $needToUpdateCertificates = $false - if($null -ne $Certificates -and $Certificates.Count -gt 0) { + if ($null -ne $Certificates -and $Certificates.Count -gt 0) + { $needToUpdateCertificates = $true } - if($needToUpdateCertificates -eq $false) { + if ($needToUpdateCertificates -eq $false) + { if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Azure AD Identity API Connector with DisplayName {$DisplayName}" @@ -268,16 +271,17 @@ function Set-TargetResource $createParameters.Remove('Password') | Out-Null $createParameters.Remove('Pkcs12Value') | Out-Null - if($username -ne $null) { - $createParameters.Add("AuthenticationConfiguration", @{ - '@odata.type' = "microsoft.graph.basicAuthentication" - "password" = $Password.GetNetworkCredential().Password - "username" = $Username - }) + if ($username -ne $null) + { + $createParameters.Add('AuthenticationConfiguration', @{ + '@odata.type' = 'microsoft.graph.basicAuthentication' + 'password' = $Password.GetNetworkCredential().Password + 'username' = $Username + }) } - $createParameters.Add("@odata.type", "#microsoft.graph.IdentityApiConnector") - $policy = New-MgBetaIdentityAPIConnector -BodyParameter $createParameters + $createParameters.Add('@odata.type', '#microsoft.graph.IdentityApiConnector') + $policy = New-MgBetaIdentityApiConnector -BodyParameter $createParameters } elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { @@ -291,29 +295,31 @@ function Set-TargetResource $updateParameters.Remove('Password') | Out-Null $updateParameters.Remove('Pkcs12Value') | Out-Null - $updateParameters.Add("AuthenticationConfiguration", @{ - '@odata.type' = "microsoft.graph.basicAuthentication" - "password" = $Password.GetNetworkCredential().Password - "username" = $Username - }) + $updateParameters.Add('AuthenticationConfiguration', @{ + '@odata.type' = 'microsoft.graph.basicAuthentication' + 'password' = $Password.GetNetworkCredential().Password + 'username' = $Username + }) - $UpdateParameters.Add("@odata.type", "#microsoft.graph.IdentityApiConnector") - Update-MgBetaIdentityAPIConnector ` - -IdentityApiConnectorId $currentInstance.Id ` - -BodyParameter $UpdateParameters + $UpdateParameters.Add('@odata.type', '#microsoft.graph.IdentityApiConnector') + Update-MgBetaIdentityApiConnector ` + -IdentityApiConnectorId $currentInstance.Id ` + -BodyParameter $UpdateParameters } elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Removing the Azure AD Identity API Connector with Id {$($currentInstance.Id)}" - Remove-MgBetaIdentityAPIConnector -IdentityApiConnectorId $currentInstance.Id + Remove-MgBetaIdentityApiConnector -IdentityApiConnectorId $currentInstance.Id } } - else { + else + { # Remove the existing instance if already present - if($currentInstance.Ensure -ne 'Absent') { + if ($currentInstance.Ensure -ne 'Absent') + { Write-Verbose -Message "Removing the Azure AD Identity API Connector with Id {$($currentInstance.Id)}" - Remove-MgBetaIdentityAPIConnector -IdentityApiConnectorId $currentInstance.Id + Remove-MgBetaIdentityApiConnector -IdentityApiConnectorId $currentInstance.Id } # Create a new instance with the certificates @@ -335,40 +341,45 @@ function Set-TargetResource $myCertificate.Add('Pkcs12Value', ($currentCertificate.Pkcs12Value).Password) $myCertificate.Add('Password', ($currentCertificate.Password).Password) - if($currentCertificate.IsActive -eq $true) { + if ($currentCertificate.IsActive -eq $true) + { $activeCertificates += $myCertificate } - else { + else + { $inactiveCertificates += $myCertificate } } # Only one certificate can be active - if($activeCertificates.Count -ne 1) { - Write-Error "There should be one active certificate" + if ($activeCertificates.Count -ne 1) + { + Write-Error 'There should be one active certificate' throw } - - if($inactiveCertificates.Count -eq 0) { - $createParameters.Add("AuthenticationConfiguration", @{ - '@odata.type' = "microsoft.graph.pkcs12Certificate" - "password" = $activeCertificates[0].Password - "pkcs12Value" = $activeCertificates[0].Pkcs12Value - }) + + if ($inactiveCertificates.Count -eq 0) + { + $createParameters.Add('AuthenticationConfiguration', @{ + '@odata.type' = 'microsoft.graph.pkcs12Certificate' + 'password' = $activeCertificates[0].Password + 'pkcs12Value' = $activeCertificates[0].Pkcs12Value + }) $activeCertificates = $activeCertificates[1..$activeCertificates.Count] } - else { - $createParameters.Add("AuthenticationConfiguration", @{ - '@odata.type' = "microsoft.graph.pkcs12Certificate" - "password" = $inactiveCertificates[0].Password - "pkcs12Value" = $inactiveCertificates[0].Pkcs12Value - }) + else + { + $createParameters.Add('AuthenticationConfiguration', @{ + '@odata.type' = 'microsoft.graph.pkcs12Certificate' + 'password' = $inactiveCertificates[0].Password + 'pkcs12Value' = $inactiveCertificates[0].Pkcs12Value + }) # remove the first element from the inactive certificates $inactiveCertificates = $inactiveCertificates[1..$inactiveCertificates.Count] } - $createParameters.Add("@odata.type", "#microsoft.graph.IdentityApiConnector") - $policy = New-MgBetaIdentityAPIConnector -BodyParameter $createParameters + $createParameters.Add('@odata.type', '#microsoft.graph.IdentityApiConnector') + $policy = New-MgBetaIdentityApiConnector -BodyParameter $createParameters # Upload the inactive certificates @@ -376,7 +387,7 @@ function Set-TargetResource { $params = @{ pkcs12Value = $currentCertificate.Pkcs12Value - password = $currentCertificate.Password + password = $currentCertificate.Password } Invoke-MgBetaUploadIdentityApiConnectorClientCertificate -IdentityApiConnectorId $policy.Id -BodyParameter $params @@ -387,7 +398,7 @@ function Set-TargetResource { $params = @{ pkcs12Value = $currentCertificate.Pkcs12Value - password = $currentCertificate.Password + password = $currentCertificate.Password } Invoke-MgBetaUploadIdentityApiConnectorClientCertificate -IdentityApiConnectorId $policy.Id -BodyParameter $params @@ -494,7 +505,7 @@ function Test-TargetResource $target = $CurrentValues.$key if ($null -ne $source -and $source.GetType().Name -like '*CimInstance*') { - + # create a list of thumbprints from the source list $sourceThumbprints = @() foreach ($item in $source) @@ -528,7 +539,7 @@ function Test-TargetResource { Write-Verbose -Message "Target Thumbprints: $(Convert-M365DscHashtableToString -Hashtable $item)" } - + # check if the lists are identical $compareResult = $true if ($sourceThumbprints.Count -ne $targetThumbprints.Count) @@ -548,7 +559,7 @@ function Test-TargetResource } } - if($compareResult -eq $true) + if ($compareResult -eq $true) { $ValuesToCheck.Remove($key) | Out-Null } @@ -632,7 +643,7 @@ function Export-TargetResource try { #region resource generator code - [array]$getValue = Get-MgBetaIdentityAPIConnector ` + [array]$getValue = Get-MgBetaIdentityApiConnector ` -Filter $Filter ` -All ` -ErrorAction Stop @@ -661,20 +672,20 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params - $Results.Password = "Please insert a valid Password" + $Results.Password = 'Please insert a valid Password' $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results @@ -683,8 +694,8 @@ function Export-TargetResource if ($null -ne $Results.Certificates) { $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.Certificates` - -CIMInstanceName 'AADIdentityAPIConnectionCertificate' + -ComplexObject $Results.Certificates` + -CIMInstanceName 'AADIdentityAPIConnectionCertificate' if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { $Results.Certificates = $complexTypeStringResult @@ -704,7 +715,7 @@ function Export-TargetResource if ($Results.Certificates) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Certificates" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Certificates' -IsCIMArray:$True } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/settings.json index 327fd87153..63bb04b661 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/settings.json @@ -1,25 +1,16 @@ { "resourceName": "AADIdentityAPIConnector", "description": "This resource configures an Azure AD Identity A P I Connector.", - "permissions": { - "graph": { - "delegated": { - "read": [ - - ], - "update": [ - - ] - }, - "application": { - "read": [ - - ], - "update": [ - - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [], + "update": [] + }, + "application": { + "read": [], + "update": [] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityB2XUserFlow/MSFT_AADIdentityB2XUserFlow.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityB2XUserFlow/MSFT_AADIdentityB2XUserFlow.psm1 index fc5e7abded..c0973a0bee 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityB2XUserFlow/MSFT_AADIdentityB2XUserFlow.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityB2XUserFlow/MSFT_AADIdentityB2XUserFlow.psm1 @@ -92,10 +92,10 @@ function Get-TargetResource Write-Verbose -Message "An Azure AD Identity B2 X User Flow with Id {$Id} was found" #region Get ApiConnectorConfiguration - $connectorConfiguration = Get-MgBetaIdentityB2XUserFlowApiConnectorConfiguration -B2xIdentityUserFlowId $Id -ExpandProperty "postFederationSignup,postAttributeCollection" + $connectorConfiguration = Get-MgBetaIdentityB2XUserFlowApiConnectorConfiguration -B2XIdentityUserFlowId $Id -ExpandProperty 'postFederationSignup,postAttributeCollection' $complexApiConnectorConfiguration = @{ - postFederationSignupConnectorName = Get-ConnectorName($connectorConfiguration.PostFederationSignup.DisplayName) + postFederationSignupConnectorName = Get-ConnectorName($connectorConfiguration.PostFederationSignup.DisplayName) postAttributeCollectionConnectorName = Get-ConnectorName($connectorConfiguration.PostAttributeCollection.DisplayName) } #endregion @@ -116,16 +116,16 @@ function Get-TargetResource foreach ($getUserAttributeAssignmentAttributeValue in $getUserAttributeAssignment.UserAttributeValues) { $getuserAttributeValues += @{ - Name = $getUserAttributeAssignmentAttributeValue.Name - Value = $getUserAttributeAssignmentAttributeValue.Value + Name = $getUserAttributeAssignmentAttributeValue.Name + Value = $getUserAttributeAssignmentAttributeValue.Value IsDefault = $getUserAttributeAssignmentAttributeValue.IsDefault } } $complexUserAttributeAssignments += @{ - Id = $getUserAttributeAssignment.Id - DisplayName = $getUserAttributeAssignment.DisplayName - IsOptional = $getUserAttributeAssignment.IsOptional - UserInputType = $getUserAttributeAssignment.UserInputType + Id = $getUserAttributeAssignment.Id + DisplayName = $getUserAttributeAssignment.DisplayName + IsOptional = $getUserAttributeAssignment.IsOptional + UserInputType = $getUserAttributeAssignment.UserInputType UserAttributeValues = $getuserAttributeValues } } @@ -257,9 +257,9 @@ function Set-TargetResource #endregion $params = @{ - id = $Id - userFlowType = "signUpOrSignIn" - userFlowTypeVersion = 1 + id = $Id + userFlowType = 'signUpOrSignIn' + userFlowTypeVersion = 1 apiConnectorConfiguration = $newApiConnectorConfiguration } @@ -269,7 +269,7 @@ function Set-TargetResource foreach ($provider in $IdentityProviders) { $params = @{ - "@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identityProviders/$($provider)" + '@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identityProviders/$($provider)" } Write-Verbose -Message "Adding the Identity Provider with Id {$provider} to the newly created Azure AD Identity B2X User Flow with Id {$($newObj.Id)}" @@ -280,16 +280,16 @@ function Set-TargetResource #region Add UserAtrributeAssignments to the newly created object $currentAttributes = Get-MgBetaIdentityB2XUserFlowUserAttributeAssignment -B2XIdentityUserFlowId $newObj.Id | Select-Object -ExpandProperty Id - $attributesToAdd = $UserAttributeAssignments | Where-Object {$_.Id -notin $currentAttributes} + $attributesToAdd = $UserAttributeAssignments | Where-Object { $_.Id -notin $currentAttributes } foreach ($userAttributeAssignment in $attributesToAdd) { $params = @{ - displayName = $userAttributeAssignment.DisplayName - isOptional = $userAttributeAssignment.IsOptional - userInputType = $userAttributeAssignment.UserInputType + displayName = $userAttributeAssignment.DisplayName + isOptional = $userAttributeAssignment.IsOptional + userInputType = $userAttributeAssignment.UserInputType userAttributeValues = @() - userAttribute = @{ + userAttribute = @{ id = $userAttributeAssignment.Id } } @@ -297,9 +297,9 @@ function Set-TargetResource foreach ($userAttributeValue in $userAttributeAssignment.UserAttributeValues) { $params['userAttributeValues'] += @{ - "Name" = $userAttributeValue.Name - "Value" = $userAttributeValue.Value - "IsDefault" = $userAttributeValue.IsDefault + 'Name' = $userAttributeValue.Name + 'Value' = $userAttributeValue.Value + 'IsDefault' = $userAttributeValue.IsDefault } } @@ -318,33 +318,33 @@ function Set-TargetResource { $getConnector = Get-MgBetaIdentityApiConnector -Filter "DisplayName eq '$($ApiConnectorConfiguration.postFederationSignupConnectorName)'" $params = @{ - "@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identity/apiConnectors/$($getConnector.Id)" + '@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identity/apiConnectors/$($getConnector.Id)" } Write-Verbose -Message "Updating the Post Federation Signup connector for Azure AD Identity B2X User Flow with Id {$($currentInstance.Id)}" - Set-MgBetaIdentityB2XUserFlowPostFederationSignupByRef -B2xIdentityUserFlowId $currentInstance.Id -BodyParameter $params + Set-MgBetaIdentityB2XUserFlowPostFederationSignupByRef -B2XIdentityUserFlowId $currentInstance.Id -BodyParameter $params } if (-not [string]::IsNullOrEmpty($ApiConnectorConfiguration.postAttributeCollectionConnectorName)) { $getConnector = Get-MgBetaIdentityApiConnector -Filter "DisplayName eq '$($ApiConnectorConfiguration.postAttributeCollectionConnectorName)'" $params = @{ - "@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identity/apiConnectors/$($getConnector.Id)" + '@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identity/apiConnectors/$($getConnector.Id)" } Write-Verbose -Message "Updating the Post Attribute Collection connector for Azure AD Identity B2X User Flow with Id {$($currentInstance.Id)}" - Set-MgBetaIdentityB2XUserFlowPostAttributeCollectionByRef -B2xIdentityUserFlowId $currentInstance.Id -BodyParameter $params + Set-MgBetaIdentityB2XUserFlowPostAttributeCollectionByRef -B2XIdentityUserFlowId $currentInstance.Id -BodyParameter $params } #endregion #region Add or Remove Identity Providers on the current instance - $providersToAdd = $IdentityProviders | Where-Object {$_ -notin $currentInstance.IdentityProviders} + $providersToAdd = $IdentityProviders | Where-Object { $_ -notin $currentInstance.IdentityProviders } foreach ($provider in $providersToAdd) { $params = @{ - "@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identityProviders/$($provider)" + '@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identityProviders/$($provider)" } Write-Verbose -Message "Adding the Identity Provider with Id {$provider} to the Azure AD Identity B2X User Flow with Id {$($currentInstance.Id)}" @@ -352,7 +352,7 @@ function Set-TargetResource New-MgBetaIdentityB2XUserFlowIdentityProviderByRef -B2XIdentityUserFlowId $currentInstance.Id -BodyParameter $params } - $providersToRemove = $currentInstance.IdentityProviders | Where-Object {$_ -notin $IdentityProviders} + $providersToRemove = $currentInstance.IdentityProviders | Where-Object { $_ -notin $IdentityProviders } foreach ($provider in $providersToRemove) { Write-Verbose -Message "Removing the Identity Provider with Id {$provider} from the Azure AD Identity B2X User Flow with Id {$($currentInstance.Id)}" @@ -362,7 +362,7 @@ function Set-TargetResource #endregion #region Add, remove or update User Attribute Assignments on the current instance - $attributesToRemove = $currentInstance.UserAttributeAssignments | Where-Object {$_.Id -notin $UserAttributeAssignments.Id} + $attributesToRemove = $currentInstance.UserAttributeAssignments | Where-Object { $_.Id -notin $UserAttributeAssignments.Id } #Remove foreach ($userAttributeAssignment in $attributesToRemove) @@ -376,24 +376,24 @@ function Set-TargetResource foreach ($userAttributeAssignment in $UserAttributeAssignments) { $params = @{ - displayName = $userAttributeAssignment.DisplayName - isOptional = $userAttributeAssignment.IsOptional - userInputType = $userAttributeAssignment.UserInputType + displayName = $userAttributeAssignment.DisplayName + isOptional = $userAttributeAssignment.IsOptional + userInputType = $userAttributeAssignment.UserInputType userAttributeValues = @() } foreach ($userAttributeValue in $userAttributeAssignment.UserAttributeValues) { $params['userAttributeValues'] += @{ - "Name" = $userAttributeValue.Name - "Value" = $userAttributeValue.Value - "IsDefault" = $userAttributeValue.IsDefault + 'Name' = $userAttributeValue.Name + 'Value' = $userAttributeValue.Value + 'IsDefault' = $userAttributeValue.IsDefault } } if ($userAttributeAssignment.Id -notin $currentInstance.UserAttributeAssignments.Id) { - $params["userAttribute"] = @{ + $params['userAttribute'] = @{ id = $userAttributeAssignment.Id } @@ -405,7 +405,7 @@ function Set-TargetResource { Write-Verbose -Message "Updating the User Attribute Assignment with Id {$($userAttributeAssignment.Id)} in the Azure AD Identity B2X User Flow with Id {$($currentInstance.Id)}" - Update-MgBetaIdentityB2XUserFlowUserAttributeAssignment -B2xIdentityUserFlowId $currentInstance.Id -IdentityUserFlowAttributeAssignmentId $userAttributeAssignment.Id -BodyParameter $params + Update-MgBetaIdentityB2XUserFlowUserAttributeAssignment -B2XIdentityUserFlowId $currentInstance.Id -IdentityUserFlowAttributeAssignmentId $userAttributeAssignment.Id -BodyParameter $params } } #endregion @@ -619,15 +619,15 @@ function Export-TargetResource $displayedKey = $config.Id Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -652,9 +652,9 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'UserAttributeValues' + Name = 'UserAttributeValues' CimInstanceName = 'MicrosoftGraphuserFlowUserAttributeAssignmentUserAttributeValues' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -679,11 +679,11 @@ function Export-TargetResource -Credential $Credential if ($Results.ApiConnectorConfiguration) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "ApiConnectorConfiguration" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'ApiConnectorConfiguration' -IsCIMArray:$False } if ($Results.UserAttributeAssignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "UserAttributeAssignments" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'UserAttributeAssignments' -IsCIMArray:$True } $dscContent += $currentDSCBlock @@ -708,11 +708,15 @@ function Export-TargetResource } } -function Get-ConnectorName($connectorName) { - if ($null -ne $connectorName) { +function Get-ConnectorName($connectorName) +{ + if ($null -ne $connectorName) + { return $connectorName - } else { - return "" + } + else + { + return '' } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityB2XUserFlow/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityB2XUserFlow/settings.json index d6df4d957a..def01e9efb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityB2XUserFlow/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityB2XUserFlow/settings.json @@ -1,29 +1,24 @@ { "resourceName": "AADIdentityB2XUserFlow", "description": "This resource configures an Azure AD Identity B2 X User Flow.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "IdentityUserFlow.Read.All" - } - ], - "update": [ - - ] - }, - "application": { - "read": [ - { - "name": "IdentityUserFlow.Read.All" - } - ], - "update": [ - - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "IdentityUserFlow.Read.All" + } + ], + "update": [] + }, + "application": { + "read": [ + { + "name": "IdentityUserFlow.Read.All" + } + ], + "update": [] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceLifecycleWorkflow/MSFT_AADIdentityGovernanceLifecycleWorkflow.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceLifecycleWorkflow/MSFT_AADIdentityGovernanceLifecycleWorkflow.psm1 index 1995d3719c..1513fd43c8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceLifecycleWorkflow/MSFT_AADIdentityGovernanceLifecycleWorkflow.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceLifecycleWorkflow/MSFT_AADIdentityGovernanceLifecycleWorkflow.psm1 @@ -87,7 +87,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } else { @@ -99,27 +99,28 @@ function Get-TargetResource } $instance = Get-MgBetaIdentityGovernanceLifecycleWorkflow -WorkflowId $instance.Id - if($null -ne $instance) { + if ($null -ne $instance) + { $executionConditionsResults = Get-M365DSCIdentityGovernanceWorkflowExecutionConditions -WorkflowId $instance.Id $taskResults = Get-M365DSCIdentityGovernanceTasks -WorkflowId $instance.Id } $results = @{ - DisplayName = $DisplayName; - Description = $instance.Description; - Category = $instance.Category; - IsEnabled = $instance.IsEnabled; - IsSchedulingEnabled = $instance.IsSchedulingEnabled; - Tasks = [Array]$taskResults - ExecutionConditions = $executionConditionsResults - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + DisplayName = $DisplayName + Description = $instance.Description + Category = $instance.Category + IsEnabled = $instance.IsEnabled + IsSchedulingEnabled = $instance.IsSchedulingEnabled + Tasks = [Array]$taskResults + ExecutionConditions = $executionConditionsResults + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } @@ -219,33 +220,38 @@ function Set-TargetResource $setParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters - if ($null -ne $ExecutionConditions){ + if ($null -ne $ExecutionConditions) + { $executionConditionsResult = @{ - Scope = @{ - Rule = $ExecutionConditions.ScopeValue.Rule - "@odata.type" = $ExecutionConditions.ScopeValue.ODataType + Scope = @{ + Rule = $ExecutionConditions.ScopeValue.Rule + '@odata.type' = $ExecutionConditions.ScopeValue.ODataType } - Trigger = @{ - OffsetInDays = $ExecutionConditions.TriggerValue.OffsetInDays + Trigger = @{ + OffsetInDays = $ExecutionConditions.TriggerValue.OffsetInDays TimeBasedAttribute = $ExecutionConditions.TriggerValue.TimeBasedAttribute - "@odata.type" = $ExecutionConditions.TriggerValue.ODataType + '@odata.type' = $ExecutionConditions.TriggerValue.ODataType } - "@odata.type" = $ExecutionConditions.ODataType + '@odata.type' = $ExecutionConditions.ODataType } $setParameters.Remove('ExecutionConditions') $setParameters.Add('executionConditions', $executionConditionsResult) } - if ($null -ne $Tasks) { + if ($null -ne $Tasks) + { $taskList = @() # Loop through each task and create a hashtable - foreach ($task in $Tasks) { + foreach ($task in $Tasks) + { [Array]$argumentsArray = @() - if ($task.Arguments) { - foreach ($arg in $task.Arguments) { + if ($task.Arguments) + { + foreach ($arg in $task.Arguments) + { # Create a hashtable for each argument $argumentsArray += @{ Name = $arg.Name.ToString() @@ -263,7 +269,7 @@ function Set-TargetResource TaskDefinitionId = $task.TaskDefinitionId # If Arguments exist, populate the hashtable - Arguments = [Array]$argumentsArray + Arguments = [Array]$argumentsArray } # Add the task hashtable to the task list @@ -403,7 +409,8 @@ function Test-TargetResource { $testTargetResource = $false } - else { + else + { $ValuesToCheck.Remove($key) | Out-Null } } @@ -413,12 +420,12 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys ` - -IncludedDrifts $driftedParams + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys ` + -IncludedDrifts $driftedParams - if(-not $TestResult) + if (-not $TestResult) { $testTargetResource = $false } @@ -577,17 +584,20 @@ function Get-M365DSCIdentityGovernanceTasks # Initialize an array to hold the hashtables $taskList = @() - if($null -eq $tasks) + if ($null -eq $tasks) { return $taskList } # Loop through each task and create a hashtable - foreach ($task in $tasks) { + foreach ($task in $tasks) + { [Array]$argumentsArray = @() - if ($task.Arguments) { - foreach ($arg in $task.Arguments) { + if ($task.Arguments) + { + foreach ($arg in $task.Arguments) + { # Create a hashtable for each argument $argumentsArray += @{ Name = $arg.Name.ToString() @@ -605,7 +615,7 @@ function Get-M365DSCIdentityGovernanceTasks TaskDefinitionId = $task.TaskDefinitionId # If Arguments exist, populate the hashtable - Arguments = [Array]$argumentsArray + Arguments = [Array]$argumentsArray } # Add the task hashtable to the task list @@ -632,11 +642,11 @@ function Get-M365DSCIdentityGovernanceTasksAsString { $StringContent.Append("`n MSFT_AADIdentityGovernanceTask {`r`n") | Out-Null $StringContent.Append(" DisplayName = '" + $task.DisplayName + "'`r`n") | Out-Null - $StringContent.Append(" Description = '" + $task.Description.replace("'","''") + "'`r`n") | Out-Null + $StringContent.Append(" Description = '" + $task.Description.replace("'", "''") + "'`r`n") | Out-Null $StringContent.Append(" Category = '" + $task.Category + "'`r`n") | Out-Null - $StringContent.Append(" IsEnabled = $" + $task.IsEnabled + "`r`n") | Out-Null - $StringContent.Append(" ExecutionSequence = " + $task.ExecutionSequence + "`r`n") | Out-Null - $StringContent.Append(" ContinueOnError = $" + $task.ContinueOnError + "`r`n") | Out-Null + $StringContent.Append(' IsEnabled = $' + $task.IsEnabled + "`r`n") | Out-Null + $StringContent.Append(' ExecutionSequence = ' + $task.ExecutionSequence + "`r`n") | Out-Null + $StringContent.Append(' ContinueOnError = $' + $task.ContinueOnError + "`r`n") | Out-Null $StringContent.Append(" TaskDefinitionId = '" + $task.TaskDefinitionId + "'`r`n") | Out-Null if ($task.Arguments.Length -gt 0) @@ -675,26 +685,28 @@ function Get-M365DSCIdentityGovernanceWorkflowExecutionConditions $instance = Get-MgBetaIdentityGovernanceLifecycleWorkflow -WorkflowId $WorkflowId $executionConditionsResult = @{} - if($null -ne $instance -and $null -ne $instance.ExecutionConditions){ + if ($null -ne $instance -and $null -ne $instance.ExecutionConditions) + { $executionConditions = $instance.ExecutionConditions.AdditionalProperties $executionConditionsResult = @{ - ScopeValue = @{ - Rule = $ExecutionConditions['scope']['rule'] + ScopeValue = @{ + Rule = $ExecutionConditions['scope']['rule'] OdataType = $ExecutionConditions['scope']['@odata.type'] } TriggerValue = @{ - OffsetInDays = $ExecutionConditions['trigger']['offsetInDays'] + OffsetInDays = $ExecutionConditions['trigger']['offsetInDays'] TimeBasedAttribute = $ExecutionConditions['trigger']['timeBasedAttribute'] - ODataType = $ExecutionConditions['trigger']['@odata.type'] + ODataType = $ExecutionConditions['trigger']['@odata.type'] } - OdataType = $ExecutionConditions['@odata.type'] + OdataType = $ExecutionConditions['@odata.type'] } } return $executionConditionsResult } -function Get-M365DSCIdentityGovernanceWorkflowExecutionConditionsAsString { +function Get-M365DSCIdentityGovernanceWorkflowExecutionConditionsAsString +{ [CmdletBinding()] [OutputType([System.String])] param ( @@ -708,29 +720,32 @@ function Get-M365DSCIdentityGovernanceWorkflowExecutionConditionsAsString { $StringContent.Append("MSFT_IdentityGovernanceWorkflowExecutionConditions {`r`n") | Out-Null # Scope section - if ($null -ne $ExecutionConditions.ScopeValue) { + if ($null -ne $ExecutionConditions.ScopeValue) + { $StringContent.Append(" ScopeValue = MSFT_IdentityGovernanceScope {`r`n") | Out-Null - $StringContent.Append(" Rule = '" + $ExecutionConditions.ScopeValue.Rule.replace("'","''") + "'`r`n") | Out-Null + $StringContent.Append(" Rule = '" + $ExecutionConditions.ScopeValue.Rule.replace("'", "''") + "'`r`n") | Out-Null $StringContent.Append(" ODataType = '" + $ExecutionConditions.ScopeValue.ODataType + "'`r`n") | Out-Null $StringContent.Append(" }`r`n") | Out-Null } # Trigger section - if ($null -ne $ExecutionConditions.TriggerValue) { + if ($null -ne $ExecutionConditions.TriggerValue) + { $StringContent.Append(" TriggerValue = MSFT_IdentityGovernanceTrigger {`r`n") | Out-Null - $StringContent.Append(" OffsetInDays = " + $ExecutionConditions.TriggerValue.OffsetInDays + "`r`n") | Out-Null + $StringContent.Append(' OffsetInDays = ' + $ExecutionConditions.TriggerValue.OffsetInDays + "`r`n") | Out-Null $StringContent.Append(" TimeBasedAttribute = '" + $ExecutionConditions.TriggerValue.TimeBasedAttribute + "'`r`n") | Out-Null $StringContent.Append(" ODataType = '" + $ExecutionConditions.TriggerValue.OdataType + "'`r`n") | Out-Null $StringContent.Append(" }`r`n") | Out-Null } # OdataType for executionConditions - if ($null -ne $ExecutionConditions.ODataType) { + if ($null -ne $ExecutionConditions.ODataType) + { $StringContent.Append(" ODataType = '" + $ExecutionConditions.ODataType + "'`r`n") | Out-Null } # End of execution conditions - $StringContent.Append(" }") | Out-Null + $StringContent.Append(' }') | Out-Null return $StringContent.ToString() } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceLifecycleWorkflowCustomTaskExtension/MSFT_AADIdentityGovernanceLifecycleWorkflowCustomTaskExtension.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceLifecycleWorkflowCustomTaskExtension/MSFT_AADIdentityGovernanceLifecycleWorkflowCustomTaskExtension.psm1 index f607e9aacf..536b10d670 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceLifecycleWorkflowCustomTaskExtension/MSFT_AADIdentityGovernanceLifecycleWorkflowCustomTaskExtension.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceLifecycleWorkflowCustomTaskExtension/MSFT_AADIdentityGovernanceLifecycleWorkflowCustomTaskExtension.psm1 @@ -85,11 +85,11 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($Id)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } if ($null -eq $instance) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } } else @@ -250,31 +250,31 @@ function Set-TargetResource $currentInstance = Get-TargetResource @PSBoundParameters $instanceParams = @{ - displayName = $DisplayName - description = $Description - endpointConfiguration = @{ - "@odata.type" = "#microsoft.graph.logicAppTriggerEndpointConfiguration" + displayName = $DisplayName + description = $Description + endpointConfiguration = @{ + '@odata.type' = '#microsoft.graph.logicAppTriggerEndpointConfiguration' subscriptionId = $EndpointConfiguration.subscriptionId resourceGroupName = $EndpointConfiguration.resourceGroupName logicAppWorkflowName = $EndpointConfiguration.logicAppWorkflowName url = $EndpointConfiguration.url } - clientConfiguration = @{ - "@odata.type" = "#microsoft.graph.customExtensionClientConfiguration" + clientConfiguration = @{ + '@odata.type' = '#microsoft.graph.customExtensionClientConfiguration' maximumRetries = $clientConfiguration.maximumRetries timeoutInMilliseconds = $clientConfiguration.timeoutInMilliseconds } authenticationConfiguration = @{ - "@odata.type" = "#microsoft.graph.azureAdPopTokenAuthentication" + '@odata.type' = '#microsoft.graph.azureAdPopTokenAuthentication' } } if ($null -ne $CallbackConfiguration) { $instanceParams.Add('callbackConfiguration', @{ - "@odata.type" = "#microsoft.graph.identityGovernance.customTaskExtensionCallbackConfiguration" - timeoutDuration = $CallbackConfiguration.timeoutDuration - }) + '@odata.type' = '#microsoft.graph.identityGovernance.customTaskExtensionCallbackConfiguration' + timeoutDuration = $CallbackConfiguration.timeoutDuration + }) if ($null -ne $CallbackConfiguration.AuthorizedApps) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceProgram/MSFT_AADIdentityGovernanceProgram.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceProgram/MSFT_AADIdentityGovernanceProgram.psm1 index c23efd0d87..4947911e15 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceProgram/MSFT_AADIdentityGovernanceProgram.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceProgram/MSFT_AADIdentityGovernanceProgram.psm1 @@ -85,7 +85,7 @@ function Get-TargetResource { $getValue = Get-MgBetaProgram ` -Filter "DisplayName eq '$DisplayName'" ` - -ErrorAction SilentlyContinue + -ErrorAction SilentlyContinue if ($null -ne $getValue -and $getValue.Count -gt 1) { @@ -103,16 +103,16 @@ function Get-TargetResource Write-Verbose -Message "An Azure AD Identity Governance Program with Id {$Id} and DisplayName {$DisplayName} was found" $results = @{ - Description = $getValue.Description - DisplayName = $getValue.DisplayName - Id = $getValue.Id - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent + Description = $getValue.Description + DisplayName = $getValue.DisplayName + Id = $getValue.Id + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent } return [System.Collections.Hashtable] $results @@ -395,16 +395,16 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceProgram/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceProgram/readme.md index 35a7c419f5..3992d53fc5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceProgram/readme.md +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityGovernanceProgram/readme.md @@ -2,4 +2,4 @@ # AADIdentityGovernanceProgram ## Description -Azure AD Identity Governance Program. +Azure AD Identity Governance Program. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityProtectionPolicySettings/MSFT_AADIdentityProtectionPolicySettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityProtectionPolicySettings/MSFT_AADIdentityProtectionPolicySettings.psm1 index 0f784d8b15..bdc8f788a7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityProtectionPolicySettings/MSFT_AADIdentityProtectionPolicySettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityProtectionPolicySettings/MSFT_AADIdentityProtectionPolicySettings.psm1 @@ -59,7 +59,7 @@ function Get-TargetResource $nullResult = $PSBoundParameters try { - $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identityProtection/policy" + $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/identityProtection/policy' $instance = Invoke-MgGraphRequest -Method Get -Uri $url if ($null -eq $instance) @@ -153,7 +153,7 @@ function Set-TargetResource $updateJSON = ConvertTo-Json $updateParameters Write-Verbose -Message "Updating the AAD Identity Protection Policy settings with values: $updateJSON" - $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identityProtection/policy" + $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/identityProtection/policy' Invoke-MgGraphRequest -Method PATCH -Uri $url -Body $updateJSON } @@ -283,7 +283,7 @@ function Export-TargetResource { $Script:ExportMode = $true - $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identityProtection/policy" + $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/identityProtection/policy' [array] $Script:exportedInstances = Invoke-MgGraphRequest -Method Get -Uri $url $i = 1 diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityProtectionPolicySettings/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityProtectionPolicySettings/readme.md index 40bedfad33..72cfaec1db 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityProtectionPolicySettings/readme.md +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityProtectionPolicySettings/readme.md @@ -3,4 +3,4 @@ ## Description -Use this resource to monitor the identity protection policy settings in AAD. +Use this resource to monitor the identity protection policy settings in AAD. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADLifecycleWorkflowSettings/MSFT_AADLifecycleWorkflowSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADLifecycleWorkflowSettings/MSFT_AADLifecycleWorkflowSettings.psm1 index 1dcb3368d5..e348aa04a3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADLifecycleWorkflowSettings/MSFT_AADLifecycleWorkflowSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADLifecycleWorkflowSettings/MSFT_AADLifecycleWorkflowSettings.psm1 @@ -170,7 +170,7 @@ function Set-TargetResource $updateSettings = @{ WorkflowScheduleIntervalInHours = $WorkflowScheduleIntervalInHours - EmailSettings = @{ + EmailSettings = @{ SenderDomain = $SenderDomain UseCompanyBranding = $UseCompanyBranding } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.psm1 index afd4aabf68..7a1aab4d46 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.psm1 @@ -31,7 +31,7 @@ function Get-TargetResource [Parameter()] [System.String] - [ValidateSet('clientIpAddress','authenticatorAppGps')] + [ValidateSet('clientIpAddress', 'authenticatorAppGps')] $CountryLookupMethod, [Parameter()] @@ -199,7 +199,7 @@ function Set-TargetResource [Parameter()] [System.String] - [ValidateSet('clientIpAddress','authenticatorAppGps')] + [ValidateSet('clientIpAddress', 'authenticatorAppGps')] $CountryLookupMethod = 'clientIpAddress', [Parameter()] @@ -315,7 +315,7 @@ function Set-TargetResource Write-Verbose -Message "Creating New AAD Named Location {$Displayname)} with attributes: $VerboseAttributes" $JSONValue = ConvertTo-Json $desiredValues | Out-String Write-Verbose -Message "JSON: $JSONValue" - $APIUrl = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/identity/conditionalAccess/namedLocations" + $APIUrl = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'v1.0/identity/conditionalAccess/namedLocations' Invoke-MgGraphRequest -Method POST ` -Uri $APIUrl ` -Body $JSONValue | Out-Null @@ -376,7 +376,7 @@ function Test-TargetResource [Parameter()] [System.String] - [ValidateSet('clientIpAddress','authenticatorAppGps')] + [ValidateSet('clientIpAddress', 'authenticatorAppGps')] $CountryLookupMethod, [Parameter()] diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessForwardingPolicy/MSFT_AADNetworkAccessForwardingPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessForwardingPolicy/MSFT_AADNetworkAccessForwardingPolicy.psm1 index 9d9f749d13..4233abf5fa 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessForwardingPolicy/MSFT_AADNetworkAccessForwardingPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessForwardingPolicy/MSFT_AADNetworkAccessForwardingPolicy.psm1 @@ -61,7 +61,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } else { @@ -157,44 +157,53 @@ function Set-TargetResource $setParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters $currentPolicy = Get-MgBetaNetworkAccessForwardingPolicy -Expand * -ErrorAction SilentlyContinue | Where-Object { $_.Name -eq $setParameters.Name } - if ($Name -eq "Custom Bypass") { - foreach ($rule in $currentPolicy.PolicyRules) { + if ($Name -eq 'Custom Bypass') + { + foreach ($rule in $currentPolicy.PolicyRules) + { Remove-MgBetaNetworkAccessForwardingPolicyRule -ForwardingPolicyId $currentPolicy.Id -PolicyRuleId $rule.Id } - foreach ($rule in $setParameters.PolicyRules) { + foreach ($rule in $setParameters.PolicyRules) + { $complexDestinations = @() - foreach ($destination in $rule.Destinations) { + foreach ($destination in $rule.Destinations) + { $complexDestinations += @{ - "@odata.type" = "#microsoft.graph.networkaccess." + $rule.RuleType + '@odata.type' = '#microsoft.graph.networkaccess.' + $rule.RuleType value = $destination } } $params = @{ - "@odata.type" = "#microsoft.graph.networkaccess.internetAccessForwardingRule" - name = $rule.Name - action = $rule.ActionValue - ruleType = $rule.RuleType - ports = ($rule.Ports | ForEach-Object { $_.ToString() }) - protocol = $rule.Protocol - destinations = $complexDestinations + '@odata.type' = '#microsoft.graph.networkaccess.internetAccessForwardingRule' + name = $rule.Name + action = $rule.ActionValue + ruleType = $rule.RuleType + ports = ($rule.Ports | ForEach-Object { $_.ToString() }) + protocol = $rule.Protocol + destinations = $complexDestinations } New-MgBetaNetworkAccessForwardingPolicyRule -ForwardingPolicyId $currentPolicy.Id -BodyParameter $params } - } elseif ($currentPolicy.TrafficForwardingType -eq "m365") { + } + elseif ($currentPolicy.TrafficForwardingType -eq 'm365') + { $rulesParam = @() - foreach ($desiredRule in $setParameters.PolicyRules) { + foreach ($desiredRule in $setParameters.PolicyRules) + { $desiredRuleHashtable = Convert-M365DSCDRGComplexTypeToHashtable $desiredRule $desiredRuleHashtable.Remove('actionValue') $testResult = $false - foreach ($currentRule in $currentPolicy.PolicyRules) { + foreach ($currentRule in $currentPolicy.PolicyRules) + { $currentRuleHashtable = Get-MicrosoftGraphNetworkAccessForwardingPolicyRules -PolicyRules @($currentRule) - $currentRuleHashtable.Remove('ActionValue'); + $currentRuleHashtable.Remove('ActionValue') $testResult = Compare-M365DSCComplexObject ` - -Source ($currentRuleHashtable) ` - -Target ($desiredRuleHashtable) - if ($testResult) { + -Source ($currentRuleHashtable) ` + -Target ($desiredRuleHashtable) + if ($testResult) + { Write-Verbose "Updating: $($currentRule.Name), $($currentRule.Id)" $rulesParam += @{ ruleId = $currentRule.Id @@ -203,7 +212,8 @@ function Set-TargetResource break } } - if($testResult -eq $false){ + if ($testResult -eq $false) + { Write-Verbose "Could not find rule with the given specification: $(Convert-M365DscHashtableToString -Hashtable $desiredRuleHashtable), skipping set for this." } } @@ -213,7 +223,8 @@ function Set-TargetResource Invoke-MgGraphRequest -Uri ($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/networkAccess/forwardingPolicies/$($currentPolicy.ID)/updatePolicyRules") -Method Post -Body $updateParams } - else { + else + { Write-Verbose "Can not modify the list of poilicy rules for the forwarding policy with name: $($setParameters.Name)" } } @@ -292,7 +303,8 @@ function Test-TargetResource { $testTargetResource = $false } - else { + else + { $ValuesToCheck.Remove($key) | Out-Null } } @@ -302,12 +314,12 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys ` - -IncludedDrifts $driftedParams + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys ` + -IncludedDrifts $driftedParams - if(-not $TestResult) + if (-not $TestResult) { $testTargetResource = $false } @@ -417,11 +429,11 @@ function Export-TargetResource -Results $Results ` -Credential $Credential - if ($null -ne $Results.PolicyRules) - { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'PolicyRules' - } + if ($null -ne $Results.PolicyRules) + { + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` + -ParameterName 'PolicyRules' + } $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` @@ -456,17 +468,19 @@ function Get-MicrosoftGraphNetworkAccessForwardingPolicyRules ) $newPolicyRules = @() - foreach ($rule in $PolicyRules) { + foreach ($rule in $PolicyRules) + { $destinations = @() - foreach ($destination in $rule.AdditionalProperties.destinations) { + foreach ($destination in $rule.AdditionalProperties.destinations) + { $destinations += $destination.value } $newPolicyRules += @{ - Name = $rule.Name - ActionValue = $rule.AdditionalProperties.action - RuleType = $rule.AdditionalProperties.ruleType - Ports = $rule.AdditionalProperties.ports - Protocol = $rule.AdditionalProperties.protocol + Name = $rule.Name + ActionValue = $rule.AdditionalProperties.action + RuleType = $rule.AdditionalProperties.ruleType + Ports = $rule.AdditionalProperties.ports + Protocol = $rule.AdditionalProperties.protocol Destinations = $destinations } } @@ -494,8 +508,8 @@ function Get-MicrosoftGraphNetworkAccessForwardingPolicyRulesAsString $StringContent.Append(" ActionValue = '" + $rule.ActionValue + "'`r`n") | Out-Null $StringContent.Append(" RuleType = '" + $rule.RuleType + "'`r`n") | Out-Null $StringContent.Append(" Protocol = '" + $rule.Protocol + "'`r`n") | Out-Null - $StringContent.Append(" Ports = @(" + $($rule.Ports -join ", ") + ")`r`n") | Out-Null - $StringContent.Append(" Destinations = @(" + $(($rule.Destinations | ForEach-Object { "'$_'" }) -join ", ") + ")`r`n") | Out-Null + $StringContent.Append(' Ports = @(' + $($rule.Ports -join ', ') + ")`r`n") | Out-Null + $StringContent.Append(' Destinations = @(' + $(($rule.Destinations | ForEach-Object { "'$_'" }) -join ', ') + ")`r`n") | Out-Null $StringContent.Append(" }`r`n") | Out-Null } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessForwardingProfile/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessForwardingProfile/settings.json index 4a473ad41b..8f523eeac6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessForwardingProfile/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessForwardingProfile/settings.json @@ -1,4 +1,3 @@ - { "resourceName": "AADNetworkAccessForwardingProfile", "description": "This resource configures an Azure AD Network Access Forwarding Profile.", diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessSettingConditionalAccess/MSFT_AADNetworkAccessSettingConditionalAccess.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessSettingConditionalAccess/MSFT_AADNetworkAccessSettingConditionalAccess.psm1 index e95c5f25b9..60f3f7faa9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessSettingConditionalAccess/MSFT_AADNetworkAccessSettingConditionalAccess.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessSettingConditionalAccess/MSFT_AADNetworkAccessSettingConditionalAccess.psm1 @@ -59,17 +59,17 @@ function Get-TargetResource $nullResult = $PSBoundParameters try { - $instance = Get-MgBetaNetworkAccessSettingCOnditionalAccess + $instance = Get-MgBetaNetworkAccessSettingConditionalAccess $results = @{ - IsSingleInstance = 'Yes' - SignalingStatus = $instance.SignalingStatus - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + IsSingleInstance = 'Yes' + SignalingStatus = $instance.SignalingStatus + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } @@ -143,7 +143,7 @@ function Set-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Updating the Conditional Access Settings" + Write-Verbose -Message 'Updating the Conditional Access Settings' Update-MgBetaNetworkAccessSettingConditionalAccess -SignalingStatus $SignalingStatus } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessSettingCrossTenantAccess/MSFT_AADNetworkAccessSettingCrossTenantAccess.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessSettingCrossTenantAccess/MSFT_AADNetworkAccessSettingCrossTenantAccess.psm1 index a86d6e2efc..ac2645f8ee 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessSettingCrossTenantAccess/MSFT_AADNetworkAccessSettingCrossTenantAccess.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNetworkAccessSettingCrossTenantAccess/MSFT_AADNetworkAccessSettingCrossTenantAccess.psm1 @@ -143,7 +143,7 @@ function Set-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Updating the Cross Tenant Access Settings" + Write-Verbose -Message 'Updating the Cross Tenant Access Settings' Update-MgBetaNetworkAccessSettingCrossTenantAccess -NetworkPacketTaggingStatus $NetworkPacketTaggingStatus } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADOnPremisesPublishingProfilesSettings/MSFT_AADOnPremisesPublishingProfilesSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADOnPremisesPublishingProfilesSettings/MSFT_AADOnPremisesPublishingProfilesSettings.psm1 index 8f6b2b07e9..87c5b715b6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADOnPremisesPublishingProfilesSettings/MSFT_AADOnPremisesPublishingProfilesSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADOnPremisesPublishingProfilesSettings/MSFT_AADOnPremisesPublishingProfilesSettings.psm1 @@ -299,16 +299,16 @@ function Export-TargetResource $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results + -Results $Results $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` - -ConnectionMode $ConnectionMode ` - -ModulePath $PSScriptRoot ` - -Results $Results ` - -Credential $Credential + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $Results ` + -Credential $Credential $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` - -FileName $Global:PartialExportFileName + -FileName $Global:PartialExportFileName Write-Host $Global:M365DSCEmojiGreenCheckMark return $dscContent } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/MSFT_AADOrganizationCertificateBasedAuthConfiguration.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/MSFT_AADOrganizationCertificateBasedAuthConfiguration.psm1 index 0d795c2970..f0bb93c5de 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/MSFT_AADOrganizationCertificateBasedAuthConfiguration.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/MSFT_AADOrganizationCertificateBasedAuthConfiguration.psm1 @@ -72,10 +72,10 @@ function Get-TargetResource #region resource generator code # This GUID is ALWAYS fixed as per the documentation. - $CertificateBasedAuthConfigurationId = "29728ade-6ae4-4ee9-9103-412912537da5" + $CertificateBasedAuthConfigurationId = '29728ade-6ae4-4ee9-9103-412912537da5' $getValue = Get-MgBetaOrganizationCertificateBasedAuthConfiguration ` -CertificateBasedAuthConfigurationId $CertificateBasedAuthConfigurationId ` - -OrganizationId $OrganizationId -ErrorAction SilentlyContinue + -OrganizationId $OrganizationId -ErrorAction SilentlyContinue #endregion if ($null -eq $getValue) @@ -96,7 +96,7 @@ function Get-TargetResource $myCertificateAuthorities.Add('CertificateRevocationListUrl', $currentCertificateAuthorities.certificateRevocationListUrl) $myCertificateAuthorities.Add('DeltaCertificateRevocationListUrl', $currentCertificateAuthorities.deltaCertificateRevocationListUrl) $myCertificateAuthorities.Add('IsRootAuthority', $currentCertificateAuthorities.isRootAuthority) - if ($myCertificateAuthorities.values.Where({$null -ne $_}).Count -gt 0) + if ($myCertificateAuthorities.values.Where({ $null -ne $_ }).Count -gt 0) { $complexCertificateAuthorities += $myCertificateAuthorities } @@ -197,10 +197,10 @@ function Set-TargetResource $BoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters # This GUID is ALWAYS fixed as per the documentation. - $CertificateBasedAuthConfigurationId = "29728ade-6ae4-4ee9-9103-412912537da5" + $CertificateBasedAuthConfigurationId = '29728ade-6ae4-4ee9-9103-412912537da5' # Delete the old configuration - Write-Verbose -Message "Removing the current Azure AD Organization Certificate Based Auth Configuration." + Write-Verbose -Message 'Removing the current Azure AD Organization Certificate Based Auth Configuration.' Invoke-MgGraphRequest -Uri ($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/organization/$OrganizationId/certificateBasedAuthConfiguration/$CertificateBasedAuthConfigurationId") -Method DELETE if ($Ensure -eq 'Present') @@ -215,10 +215,10 @@ function Set-TargetResource foreach ($CertificateAuthority in $CertificateAuthorities) { $createCertAuthorities += @{ - certificate = $CertificateAuthority.Certificate - certificateRevocationListUrl = $CertificateAuthority.CertificateRevocationListUrl + certificate = $CertificateAuthority.Certificate + certificateRevocationListUrl = $CertificateAuthority.CertificateRevocationListUrl deltaCertificateRevocationListUrl = $CertificateAuthority.DeltaCertificateRevocationListUrl - isRootAuthority = $CertificateAuthority.IsRootAuthority + isRootAuthority = $CertificateAuthority.IsRootAuthority } } $params = @{ @@ -292,7 +292,7 @@ function Test-TargetResource #endregion # This GUID is ALWAYS fixed as per the documentation. - $CertificateBasedAuthConfigurationId = "29728ade-6ae4-4ee9-9103-412912537da5" + $CertificateBasedAuthConfigurationId = '29728ade-6ae4-4ee9-9103-412912537da5' Write-Verbose -Message "Testing configuration of the Azure AD Organization Certificate Based Auth Configuration with Id {$CertificateBasedAuthConfigurationId}" @@ -402,7 +402,7 @@ function Export-TargetResource try { # This GUID is ALWAYS fixed as per the documentation. - $CertificateBasedAuthConfigurationId = "29728ade-6ae4-4ee9-9103-412912537da5" + $CertificateBasedAuthConfigurationId = '29728ade-6ae4-4ee9-9103-412912537da5' $getValue = Get-MgBetaOrganization $i = 1 @@ -420,15 +420,15 @@ function Export-TargetResource $displayedKey = "CertificateBasedAuthConfigurations for $($getValue.DisplayName)" Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Ensure = 'Present' - OrganizationId = $getValue.Id - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Ensure = 'Present' + OrganizationId = $getValue.Id + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -456,7 +456,7 @@ function Export-TargetResource -Credential $Credential if ($Results.CertificateAuthorities) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "CertificateAuthorities" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'CertificateAuthorities' -IsCIMArray:$True } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/settings.json index df50b61fde..2f7db469f5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/settings.json @@ -1,29 +1,24 @@ { "resourceName": "AADOrganizationCertificateBasedAuthConfiguration", "description": "This resource configures an Azure AD Organization Certificate Based Auth Configuration.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Organization.Read.All" - } - ], - "update": [ - - ] - }, - "application": { - "read": [ - { - "name": "Organization.Read.All" - } - ], - "update": [ - - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Organization.Read.All" + } + ], + "update": [] + }, + "application": { + "read": [ + { + "name": "Organization.Read.All" + } + ], + "update": [] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADPasswordRuleSettings/MSFT_AADPasswordRuleSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADPasswordRuleSettings/MSFT_AADPasswordRuleSettings.psm1 index 4c4d286efe..63db0e8e82 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADPasswordRuleSettings/MSFT_AADPasswordRuleSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADPasswordRuleSettings/MSFT_AADPasswordRuleSettings.psm1 @@ -97,29 +97,29 @@ function Get-TargetResource else { Write-Verbose -Message 'Found existing AzureAD DirectorySetting for Password Rule Settings' - $valueBannedPasswordCheckOnPremisesMode = $Policy.Values | Where-Object -FilterScript {$_.Name -eq 'BannedPasswordCheckOnPremisesMode'} - $valueEnableBannedPasswordCheckOnPremises = $Policy.Values | Where-Object -FilterScript {$_.Name -eq 'EnableBannedPasswordCheckOnPremises'} - $valueEnableBannedPasswordCheck = $Policy.Values | Where-Object -FilterScript {$_.Name -eq 'EnableBannedPasswordCheck'} - $valueLockoutDurationInSeconds = $Policy.Values | Where-Object -FilterScript {$_.Name -eq 'LockoutDurationInSeconds'} - $valueLockoutThreshold = $Policy.Values | Where-Object -FilterScript {$_.Name -eq 'LockoutThreshold'} - $valueBannedPasswordList = $Policy.Values | Where-Object -FilterScript {$_.Name -eq 'BannedPasswordList'} + $valueBannedPasswordCheckOnPremisesMode = $Policy.Values | Where-Object -FilterScript { $_.Name -eq 'BannedPasswordCheckOnPremisesMode' } + $valueEnableBannedPasswordCheckOnPremises = $Policy.Values | Where-Object -FilterScript { $_.Name -eq 'EnableBannedPasswordCheckOnPremises' } + $valueEnableBannedPasswordCheck = $Policy.Values | Where-Object -FilterScript { $_.Name -eq 'EnableBannedPasswordCheck' } + $valueLockoutDurationInSeconds = $Policy.Values | Where-Object -FilterScript { $_.Name -eq 'LockoutDurationInSeconds' } + $valueLockoutThreshold = $Policy.Values | Where-Object -FilterScript { $_.Name -eq 'LockoutThreshold' } + $valueBannedPasswordList = $Policy.Values | Where-Object -FilterScript { $_.Name -eq 'BannedPasswordList' } $result = @{ - IsSingleInstance = 'Yes' + IsSingleInstance = 'Yes' BannedPasswordCheckOnPremisesMode = $valueBannedPasswordCheckOnPremisesMode.Value EnableBannedPasswordCheckOnPremises = [Boolean]::Parse($valueEnableBannedPasswordCheckOnPremises.Value) EnableBannedPasswordCheck = [Boolean]::Parse($valueEnableBannedPasswordCheck.Value) LockoutDurationInSeconds = $valueLockoutDurationInSeconds.Value LockoutThreshold = $valueLockoutThreshold.Value BannedPasswordList = $valueBannedPasswordList.Value -split "`t" # list is tab-delimited - Ensure = 'Present' - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - Credential = $Credential - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Ensure = 'Present' + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + Credential = $Credential + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -241,32 +241,32 @@ function Set-TargetResource { if ($property.Name -eq 'LockoutThreshold') { - $entry = $Policy.Values | Where-Object -FilterScript {$_.Name -eq $property.Name} + $entry = $Policy.Values | Where-Object -FilterScript { $_.Name -eq $property.Name } $entry.Value = $LockoutThreshold } elseif ($property.Name -eq 'LockoutDurationInSeconds') { - $entry = $Policy.Values | Where-Object -FilterScript {$_.Name -eq $property.Name} + $entry = $Policy.Values | Where-Object -FilterScript { $_.Name -eq $property.Name } $entry.Value = $LockoutDurationInSeconds } elseif ($property.Value -eq 'EnableBannedPasswordCheck') { - $entry = $Policy.Values | Where-Object -FilterScript {$_.Name -eq $property.Name} + $entry = $Policy.Values | Where-Object -FilterScript { $_.Name -eq $property.Name } $entry.Value = [System.Boolean]$EnableBannedPasswordCheck } elseif ($property.Value -eq 'BannedPasswordList') { - $entry = $Policy.Values | Where-Object -FilterScript {$_.Name -eq $property.Name} + $entry = $Policy.Values | Where-Object -FilterScript { $_.Name -eq $property.Name } $entry.Value = $BannedPasswordList -join "`t" } elseif ($property.Value -eq 'EnableBannedPasswordCheckOnPremises') { - $entry = $Policy.Values | Where-Object -FilterScript {$_.Name -eq $property.Name} + $entry = $Policy.Values | Where-Object -FilterScript { $_.Name -eq $property.Name } $entry.Value = [System.Boolean]$EnableBannedPasswordCheckOnPremises } elseif ($property.Value -eq 'BannedPasswordCheckOnPremisesMode') { - $entry = $Policy.Values | Where-Object -FilterScript {$_.Name -eq $property.Name} + $entry = $Policy.Values | Where-Object -FilterScript { $_.Name -eq $property.Name } $entry.Value = $BannedPasswordCheckOnPremisesMode } $index++ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRemoteNetwork/MSFT_AADRemoteNetwork.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRemoteNetwork/MSFT_AADRemoteNetwork.psm1 index ee4831624e..d18a49b234 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRemoteNetwork/MSFT_AADRemoteNetwork.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRemoteNetwork/MSFT_AADRemoteNetwork.psm1 @@ -80,7 +80,8 @@ function Get-TargetResource $getValue = $null #region resource generator code - if (-not [System.String]::IsNullOrEmpty($Id)) { + if (-not [System.String]::IsNullOrEmpty($Id)) + { $getValue = Get-MgBetaNetworkAccessConnectivityRemoteNetwork -RemoteNetworkId $Id -ErrorAction SilentlyContinue } @@ -104,7 +105,8 @@ function Get-TargetResource #region resource generator code $forwardingProfilesList = @() - foreach ($forwardingProfile in $getValue.ForwardingProfiles) { + foreach ($forwardingProfile in $getValue.ForwardingProfiles) + { $forwardingProfilesList += $forwardingProfile.Name } @@ -112,18 +114,18 @@ function Get-TargetResource #endregion $results = @{ - Id = $getValue.Id - Name = $getValue.Name - Region = $getValue.Region - ForwardingProfiles = [Array]$forwardingProfilesList - DeviceLinks = [Array]$complexDeviceLinks - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent + Id = $getValue.Id + Name = $getValue.Name + Region = $getValue.Region + ForwardingProfiles = [Array]$forwardingProfilesList + DeviceLinks = [Array]$complexDeviceLinks + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent } return [System.Collections.Hashtable] $results @@ -223,7 +225,8 @@ function Set-TargetResource #creating the forwarding policies list by getting the ids $allForwardingProfiles = Get-MgBetaNetworkAccessForwardingProfile $forwardingProfilesList = @() - foreach ($profileName in $BoundParameters.ForwardingProfiles) { + foreach ($profileName in $BoundParameters.ForwardingProfiles) + { $matchedProfile = $allForwardingProfiles | Where-Object { $_.Name -eq $profileName } $forwardingProfilesList += @{ id = $matchedProfile.Id @@ -234,9 +237,9 @@ function Set-TargetResource { Write-Verbose -Message "Creating an Azure AD Remote Network with Name {$Name}" $params = @{ - name = $BoundParameters.Name - region = $BoundParameters.Region - deviceLinks = [Array]$deviceLinksHashtable + name = $BoundParameters.Name + region = $BoundParameters.Region + deviceLinks = [Array]$deviceLinksHashtable forwardingProfiles = [Array]$forwardingProfilesList } @@ -248,27 +251,30 @@ function Set-TargetResource $currentRemoteNetwork = Get-MgBetaNetworkAccessConnectivityRemoteNetwork -RemoteNetworkId $currentInstance.Id #removing the old device links - foreach ($deviceLinkItem in $currentRemoteNetwork.DeviceLinks) { + foreach ($deviceLinkItem in $currentRemoteNetwork.DeviceLinks) + { Remove-MgBetaNetworkAccessConnectivityRemoteNetworkDeviceLink -RemoteNetworkId $currentInstance.Id -DeviceLinkId $deviceLinkItem.Id } # updating the list of device links - foreach ($deviceLinkItem in $deviceLinksHashtable) { + foreach ($deviceLinkItem in $deviceLinksHashtable) + { Write-Verbose "Device Link Hashtable: $deviceLinksItem" New-MgBetaNetworkAccessConnectivityRemoteNetworkDeviceLink -RemoteNetworkId $currentInstance.Id -BodyParameter $deviceLinkItem } # removing forwarding profiles $params = @{ - "@context" = '#$delta' - value = @(@{}) + '@context' = '#$delta' + value = @(@{}) } Invoke-MgGraphRequest -Uri "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/networkAccess/connectivity/remoteNetworks/$($currentInstance.Id)/forwardingProfiles" -Method Patch -Body $params #adding forwarding profiles if required - if ($forwardingProfilesList.Count -gt 0) { + if ($forwardingProfilesList.Count -gt 0) + { $params = @{ - "@context" = '#$delta' - value = $forwardingProfilesList + '@context' = '#$delta' + value = $forwardingProfilesList } Invoke-MgGraphRequest -Uri "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/networkAccess/connectivity/remoteNetworks/$($currentInstance.Id)/forwardingProfiles" -Method Patch -Body $params } @@ -491,16 +497,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - Name = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + Name = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -520,7 +526,7 @@ function Export-TargetResource if ($Results.DeviceLinks) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "DeviceLinks" + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'DeviceLinks' } $dscContent += $currentDSCBlock @@ -545,7 +551,8 @@ function Export-TargetResource } } -function Get-MicrosoftGraphRemoteNetworkDeviceLinksHashtable { +function Get-MicrosoftGraphRemoteNetworkDeviceLinksHashtable +{ [CmdletBinding()] [OutputType([System.Collections.ArrayList])] param ( @@ -556,64 +563,139 @@ function Get-MicrosoftGraphRemoteNetworkDeviceLinksHashtable { $newDeviceLinks = @() - foreach ($deviceLink in $DeviceLinks) { + foreach ($deviceLink in $DeviceLinks) + { $newDeviceLink = @{} # Add main properties only if they are not null - if ($deviceLink.Name) { $newDeviceLink["Name"] = $deviceLink.Name } - if ($deviceLink.IpAddress) { $newDeviceLink["IPAddress"] = $deviceLink.IpAddress } - if ($deviceLink.BandwidthCapacityInMbps) { $newDeviceLink["BandwidthCapacityInMbps"] = $deviceLink.BandwidthCapacityInMbps } - if ($deviceLink.DeviceVendor) { $newDeviceLink["DeviceVendor"] = $deviceLink.DeviceVendor } + if ($deviceLink.Name) + { + $newDeviceLink['Name'] = $deviceLink.Name + } + if ($deviceLink.IpAddress) + { + $newDeviceLink['IPAddress'] = $deviceLink.IpAddress + } + if ($deviceLink.BandwidthCapacityInMbps) + { + $newDeviceLink['BandwidthCapacityInMbps'] = $deviceLink.BandwidthCapacityInMbps + } + if ($deviceLink.DeviceVendor) + { + $newDeviceLink['DeviceVendor'] = $deviceLink.DeviceVendor + } # BGP Configuration - if ($deviceLink.BgpConfiguration) { + if ($deviceLink.BgpConfiguration) + { $bgpConfig = @{} - if ($deviceLink.BgpConfiguration.Asn) { $bgpConfig["Asn"] = $deviceLink.BgpConfiguration.Asn } - if ($deviceLink.BgpConfiguration.LocalIPAddress) { $bgpConfig["LocalIPAddress"] = $deviceLink.BgpConfiguration.LocalIPAddress } - if ($deviceLink.BgpConfiguration.PeerIPAddress) { $bgpConfig["PeerIPAddress"] = $deviceLink.BgpConfiguration.PeerIPAddress } + if ($deviceLink.BgpConfiguration.Asn) + { + $bgpConfig['Asn'] = $deviceLink.BgpConfiguration.Asn + } + if ($deviceLink.BgpConfiguration.LocalIPAddress) + { + $bgpConfig['LocalIPAddress'] = $deviceLink.BgpConfiguration.LocalIPAddress + } + if ($deviceLink.BgpConfiguration.PeerIPAddress) + { + $bgpConfig['PeerIPAddress'] = $deviceLink.BgpConfiguration.PeerIPAddress + } - if ($bgpConfig.Count -gt 0) { $newDeviceLink["BgpConfiguration"] = $bgpConfig } + if ($bgpConfig.Count -gt 0) + { + $newDeviceLink['BgpConfiguration'] = $bgpConfig + } } # Redundancy Configuration - if ($deviceLink.RedundancyConfiguration) { + if ($deviceLink.RedundancyConfiguration) + { $redundancyConfig = @{} - if ($deviceLink.RedundancyConfiguration.RedundancyTier) { $redundancyConfig["RedundancyTier"] = $deviceLink.RedundancyConfiguration.RedundancyTier } - if ($deviceLink.RedundancyConfiguration.ZoneLocalIPAddress) { $redundancyConfig["ZoneLocalIPAddress"] = $deviceLink.RedundancyConfiguration.ZoneLocalIPAddress } + if ($deviceLink.RedundancyConfiguration.RedundancyTier) + { + $redundancyConfig['RedundancyTier'] = $deviceLink.RedundancyConfiguration.RedundancyTier + } + if ($deviceLink.RedundancyConfiguration.ZoneLocalIPAddress) + { + $redundancyConfig['ZoneLocalIPAddress'] = $deviceLink.RedundancyConfiguration.ZoneLocalIPAddress + } - if ($redundancyConfig.Count -gt 0) { $newDeviceLink["RedundancyConfiguration"] = $redundancyConfig } + if ($redundancyConfig.Count -gt 0) + { + $newDeviceLink['RedundancyConfiguration'] = $redundancyConfig + } } # Tunnel Configuration - if ($deviceLink.TunnelConfiguration) { + if ($deviceLink.TunnelConfiguration) + { $tunnelConfig = @{} - if ($deviceLink.TunnelConfiguration.PreSharedKey) { $tunnelConfig["PreSharedKey"] = $deviceLink.TunnelConfiguration.PreSharedKey } - if ($deviceLink.TunnelConfiguration.ZoneRedundancyPreSharedKey) { $tunnelConfig["ZoneRedundancyPreSharedKey"] = $deviceLink.TunnelConfiguration.ZoneRedundancyPreSharedKey } + if ($deviceLink.TunnelConfiguration.PreSharedKey) + { + $tunnelConfig['PreSharedKey'] = $deviceLink.TunnelConfiguration.PreSharedKey + } + if ($deviceLink.TunnelConfiguration.ZoneRedundancyPreSharedKey) + { + $tunnelConfig['ZoneRedundancyPreSharedKey'] = $deviceLink.TunnelConfiguration.ZoneRedundancyPreSharedKey + } # Additional Properties - if ($deviceLink.TunnelConfiguration.AdditionalProperties) { - if ($deviceLink.TunnelConfiguration.AdditionalProperties.saLifeTimeSeconds) { $tunnelConfig["SaLifeTimeSeconds"] = $deviceLink.TunnelConfiguration.AdditionalProperties.saLifeTimeSeconds } - if ($deviceLink.TunnelConfiguration.AdditionalProperties.ipSecEncryption) { $tunnelConfig["IPSecEncryption"] = $deviceLink.TunnelConfiguration.AdditionalProperties.ipSecEncryption } - if ($deviceLink.TunnelConfiguration.AdditionalProperties.ipSecIntegrity) { $tunnelConfig["IPSecIntegrity"] = $deviceLink.TunnelConfiguration.AdditionalProperties.ipSecIntegrity } - if ($deviceLink.TunnelConfiguration.AdditionalProperties.ikeEncryption) { $tunnelConfig["IKEEncryption"] = $deviceLink.TunnelConfiguration.AdditionalProperties.ikeEncryption } - if ($deviceLink.TunnelConfiguration.AdditionalProperties.ikeIntegrity) { $tunnelConfig["IKEIntegrity"] = $deviceLink.TunnelConfiguration.AdditionalProperties.ikeIntegrity } - if ($deviceLink.TunnelConfiguration.AdditionalProperties.dhGroup) { $tunnelConfig["DHGroup"] = $deviceLink.TunnelConfiguration.AdditionalProperties.dhGroup } - if ($deviceLink.TunnelConfiguration.AdditionalProperties.pfsGroup) { $tunnelConfig["PFSGroup"] = $deviceLink.TunnelConfiguration.AdditionalProperties.pfsGroup } - if ($deviceLink.TunnelConfiguration.AdditionalProperties["@odata.type"]) { $tunnelConfig["ODataType"] = $deviceLink.TunnelConfiguration.AdditionalProperties["@odata.type"] } - } - - if ($tunnelConfig.Count -gt 0) { $newDeviceLink["TunnelConfiguration"] = $tunnelConfig } + if ($deviceLink.TunnelConfiguration.AdditionalProperties) + { + if ($deviceLink.TunnelConfiguration.AdditionalProperties.saLifeTimeSeconds) + { + $tunnelConfig['SaLifeTimeSeconds'] = $deviceLink.TunnelConfiguration.AdditionalProperties.saLifeTimeSeconds + } + if ($deviceLink.TunnelConfiguration.AdditionalProperties.ipSecEncryption) + { + $tunnelConfig['IPSecEncryption'] = $deviceLink.TunnelConfiguration.AdditionalProperties.ipSecEncryption + } + if ($deviceLink.TunnelConfiguration.AdditionalProperties.ipSecIntegrity) + { + $tunnelConfig['IPSecIntegrity'] = $deviceLink.TunnelConfiguration.AdditionalProperties.ipSecIntegrity + } + if ($deviceLink.TunnelConfiguration.AdditionalProperties.ikeEncryption) + { + $tunnelConfig['IKEEncryption'] = $deviceLink.TunnelConfiguration.AdditionalProperties.ikeEncryption + } + if ($deviceLink.TunnelConfiguration.AdditionalProperties.ikeIntegrity) + { + $tunnelConfig['IKEIntegrity'] = $deviceLink.TunnelConfiguration.AdditionalProperties.ikeIntegrity + } + if ($deviceLink.TunnelConfiguration.AdditionalProperties.dhGroup) + { + $tunnelConfig['DHGroup'] = $deviceLink.TunnelConfiguration.AdditionalProperties.dhGroup + } + if ($deviceLink.TunnelConfiguration.AdditionalProperties.pfsGroup) + { + $tunnelConfig['PFSGroup'] = $deviceLink.TunnelConfiguration.AdditionalProperties.pfsGroup + } + if ($deviceLink.TunnelConfiguration.AdditionalProperties['@odata.type']) + { + $tunnelConfig['ODataType'] = $deviceLink.TunnelConfiguration.AdditionalProperties['@odata.type'] + } + } + + if ($tunnelConfig.Count -gt 0) + { + $newDeviceLink['TunnelConfiguration'] = $tunnelConfig + } } # Add the device link to the collection if it has any properties - if ($newDeviceLink.Count -gt 0) { $newDeviceLinks += $newDeviceLink } + if ($newDeviceLink.Count -gt 0) + { + $newDeviceLinks += $newDeviceLink + } } return $newDeviceLinks } -function Get-MicrosoftGraphRemoteNetworkDeviceLinksHashtableAsString { +function Get-MicrosoftGraphRemoteNetworkDeviceLinksHashtableAsString +{ [CmdletBinding()] [OutputType([System.String])] param ( @@ -625,49 +707,119 @@ function Get-MicrosoftGraphRemoteNetworkDeviceLinksHashtableAsString { $StringContent = [System.Text.StringBuilder]::new() $StringContent.Append('@(') | Out-Null - foreach ($deviceLink in $DeviceLinks) { + foreach ($deviceLink in $DeviceLinks) + { $StringContent.Append("`n MSFT_AADRemoteNetworkDeviceLink {`r`n") | Out-Null # Append main properties if not null - if ($deviceLink.Name) { $StringContent.Append(" Name = '" + $deviceLink.Name + "'`r`n") | Out-Null } - if ($deviceLink.IPAddress) { $StringContent.Append(" IPAddress = '" + $deviceLink.IPAddress + "'`r`n") | Out-Null } - if ($deviceLink.BandwidthCapacityInMbps) { $StringContent.Append(" BandwidthCapacityInMbps = '" + $deviceLink.BandwidthCapacityInMbps + "'`r`n") | Out-Null } - if ($deviceLink.DeviceVendor) { $StringContent.Append(" DeviceVendor = '" + $deviceLink.DeviceVendor + "'`r`n") | Out-Null } + if ($deviceLink.Name) + { + $StringContent.Append(" Name = '" + $deviceLink.Name + "'`r`n") | Out-Null + } + if ($deviceLink.IPAddress) + { + $StringContent.Append(" IPAddress = '" + $deviceLink.IPAddress + "'`r`n") | Out-Null + } + if ($deviceLink.BandwidthCapacityInMbps) + { + $StringContent.Append(" BandwidthCapacityInMbps = '" + $deviceLink.BandwidthCapacityInMbps + "'`r`n") | Out-Null + } + if ($deviceLink.DeviceVendor) + { + $StringContent.Append(" DeviceVendor = '" + $deviceLink.DeviceVendor + "'`r`n") | Out-Null + } # BGP Configuration - if ($deviceLink.BgpConfiguration) { + if ($deviceLink.BgpConfiguration) + { $bgpConfigAdded = $false $StringContent.Append(" BgpConfiguration = MSFT_AADRemoteNetworkDeviceLinkbgpConfiguration {`r`n") | Out-Null - if ($deviceLink.BgpConfiguration.Asn) { $StringContent.Append(" Asn = " + $deviceLink.BgpConfiguration.Asn + "`r`n") | Out-Null; $bgpConfigAdded = $true } - if ($deviceLink.BgpConfiguration.LocalIPAddress) { $StringContent.Append(" LocalIPAddress = '" + $deviceLink.BgpConfiguration.LocalIPAddress + "'`r`n") | Out-Null; $bgpConfigAdded = $true } - if ($deviceLink.BgpConfiguration.PeerIPAddress) { $StringContent.Append(" PeerIPAddress = '" + $deviceLink.BgpConfiguration.PeerIPAddress + "'`r`n") | Out-Null; $bgpConfigAdded = $true } - if ($bgpConfigAdded) { $StringContent.Append(" }`r`n") | Out-Null } + if ($deviceLink.BgpConfiguration.Asn) + { + $StringContent.Append(' Asn = ' + $deviceLink.BgpConfiguration.Asn + "`r`n") | Out-Null; $bgpConfigAdded = $true + } + if ($deviceLink.BgpConfiguration.LocalIPAddress) + { + $StringContent.Append(" LocalIPAddress = '" + $deviceLink.BgpConfiguration.LocalIPAddress + "'`r`n") | Out-Null; $bgpConfigAdded = $true + } + if ($deviceLink.BgpConfiguration.PeerIPAddress) + { + $StringContent.Append(" PeerIPAddress = '" + $deviceLink.BgpConfiguration.PeerIPAddress + "'`r`n") | Out-Null; $bgpConfigAdded = $true + } + if ($bgpConfigAdded) + { + $StringContent.Append(" }`r`n") | Out-Null + } } # Redundancy Configuration - if ($deviceLink.RedundancyConfiguration) { + if ($deviceLink.RedundancyConfiguration) + { $redundancyConfigAdded = $false $StringContent.Append(" RedundancyConfiguration = MSFT_AADRemoteNetworkDeviceLinkRedundancyConfiguration {`r`n") | Out-Null - if ($deviceLink.RedundancyConfiguration.RedundancyTier) { $StringContent.Append(" RedundancyTier = '" + $deviceLink.RedundancyConfiguration.RedundancyTier + "'`r`n") | Out-Null; $redundancyConfigAdded = $true } - if ($deviceLink.RedundancyConfiguration.ZoneLocalIPAddress) { $StringContent.Append(" ZoneLocalIPAddress = '" + $deviceLink.RedundancyConfiguration.ZoneLocalIPAddress + "'`r`n") | Out-Null; $redundancyConfigAdded = $true } - if ($redundancyConfigAdded) { $StringContent.Append(" }`r`n") | Out-Null } + if ($deviceLink.RedundancyConfiguration.RedundancyTier) + { + $StringContent.Append(" RedundancyTier = '" + $deviceLink.RedundancyConfiguration.RedundancyTier + "'`r`n") | Out-Null; $redundancyConfigAdded = $true + } + if ($deviceLink.RedundancyConfiguration.ZoneLocalIPAddress) + { + $StringContent.Append(" ZoneLocalIPAddress = '" + $deviceLink.RedundancyConfiguration.ZoneLocalIPAddress + "'`r`n") | Out-Null; $redundancyConfigAdded = $true + } + if ($redundancyConfigAdded) + { + $StringContent.Append(" }`r`n") | Out-Null + } } # Tunnel Configuration - if ($deviceLink.TunnelConfiguration) { + if ($deviceLink.TunnelConfiguration) + { $tunnelConfigAdded = $false $StringContent.Append(" TunnelConfiguration = MSFT_AADRemoteNetworkDeviceLinkTunnelConfiguration {`r`n") | Out-Null - if ($deviceLink.TunnelConfiguration.PreSharedKey) { $StringContent.Append(" PreSharedKey = '" + $deviceLink.TunnelConfiguration.PreSharedKey + "'`r`n") | Out-Null; $tunnelConfigAdded = $true } - if ($deviceLink.TunnelConfiguration.ZoneRedundancyPreSharedKey) { $StringContent.Append(" ZoneRedundancyPreSharedKey = '" + $deviceLink.TunnelConfiguration.ZoneRedundancyPreSharedKey + "'`r`n") | Out-Null; $tunnelConfigAdded = $true } - if ($deviceLink.TunnelConfiguration.SaLifeTimeSeconds) { $StringContent.Append(" SaLifeTimeSeconds = " + $deviceLink.TunnelConfiguration.SaLifeTimeSeconds + "`r`n") | Out-Null; $tunnelConfigAdded = $true } - if ($deviceLink.TunnelConfiguration.IpSecEncryption) { $StringContent.Append(" IPSecEncryption = '" + $deviceLink.TunnelConfiguration.IpSecEncryption + "'`r`n") | Out-Null; $tunnelConfigAdded = $true } - if ($deviceLink.TunnelConfiguration.IpSecIntegrity) { $StringContent.Append(" IPSecIntegrity = '" + $deviceLink.TunnelConfiguration.IpSecIntegrity + "'`r`n") | Out-Null; $tunnelConfigAdded = $true } - if ($deviceLink.TunnelConfiguration.IkeEncryption) { $StringContent.Append(" IKEEncryption = '" + $deviceLink.TunnelConfiguration.IkeEncryption + "'`r`n") | Out-Null; $tunnelConfigAdded = $true } - if ($deviceLink.TunnelConfiguration.IkeIntegrity) { $StringContent.Append(" IKEIntegrity = '" + $deviceLink.TunnelConfiguration.IkeIntegrity + "'`r`n") | Out-Null; $tunnelConfigAdded = $true } - if ($deviceLink.TunnelConfiguration.DhGroup) { $StringContent.Append(" DHGroup = '" + $deviceLink.TunnelConfiguration.DhGroup + "'`r`n") | Out-Null; $tunnelConfigAdded = $true } - if ($deviceLink.TunnelConfiguration.PfsGroup) { $StringContent.Append(" PFSGroup = '" + $deviceLink.TunnelConfiguration.PfsGroup + "'`r`n") | Out-Null; $tunnelConfigAdded = $true } - if ($deviceLink.TunnelConfiguration.ODataType) { $StringContent.Append(" ODataType = '" + $deviceLink.TunnelConfiguration.ODataType + "'`r`n") | Out-Null; $tunnelConfigAdded = $true } - if ($tunnelConfigAdded) { $StringContent.Append(" }`r`n") | Out-Null } + if ($deviceLink.TunnelConfiguration.PreSharedKey) + { + $StringContent.Append(" PreSharedKey = '" + $deviceLink.TunnelConfiguration.PreSharedKey + "'`r`n") | Out-Null; $tunnelConfigAdded = $true + } + if ($deviceLink.TunnelConfiguration.ZoneRedundancyPreSharedKey) + { + $StringContent.Append(" ZoneRedundancyPreSharedKey = '" + $deviceLink.TunnelConfiguration.ZoneRedundancyPreSharedKey + "'`r`n") | Out-Null; $tunnelConfigAdded = $true + } + if ($deviceLink.TunnelConfiguration.SaLifeTimeSeconds) + { + $StringContent.Append(' SaLifeTimeSeconds = ' + $deviceLink.TunnelConfiguration.SaLifeTimeSeconds + "`r`n") | Out-Null; $tunnelConfigAdded = $true + } + if ($deviceLink.TunnelConfiguration.IpSecEncryption) + { + $StringContent.Append(" IPSecEncryption = '" + $deviceLink.TunnelConfiguration.IpSecEncryption + "'`r`n") | Out-Null; $tunnelConfigAdded = $true + } + if ($deviceLink.TunnelConfiguration.IpSecIntegrity) + { + $StringContent.Append(" IPSecIntegrity = '" + $deviceLink.TunnelConfiguration.IpSecIntegrity + "'`r`n") | Out-Null; $tunnelConfigAdded = $true + } + if ($deviceLink.TunnelConfiguration.IkeEncryption) + { + $StringContent.Append(" IKEEncryption = '" + $deviceLink.TunnelConfiguration.IkeEncryption + "'`r`n") | Out-Null; $tunnelConfigAdded = $true + } + if ($deviceLink.TunnelConfiguration.IkeIntegrity) + { + $StringContent.Append(" IKEIntegrity = '" + $deviceLink.TunnelConfiguration.IkeIntegrity + "'`r`n") | Out-Null; $tunnelConfigAdded = $true + } + if ($deviceLink.TunnelConfiguration.DhGroup) + { + $StringContent.Append(" DHGroup = '" + $deviceLink.TunnelConfiguration.DhGroup + "'`r`n") | Out-Null; $tunnelConfigAdded = $true + } + if ($deviceLink.TunnelConfiguration.PfsGroup) + { + $StringContent.Append(" PFSGroup = '" + $deviceLink.TunnelConfiguration.PfsGroup + "'`r`n") | Out-Null; $tunnelConfigAdded = $true + } + if ($deviceLink.TunnelConfiguration.ODataType) + { + $StringContent.Append(" ODataType = '" + $deviceLink.TunnelConfiguration.ODataType + "'`r`n") | Out-Null; $tunnelConfigAdded = $true + } + if ($tunnelConfigAdded) + { + $StringContent.Append(" }`r`n") | Out-Null + } } $StringContent.Append(" }`r`n") | Out-Null diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleAssignmentScheduleRequest/MSFT_AADRoleAssignmentScheduleRequest.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleAssignmentScheduleRequest/MSFT_AADRoleAssignmentScheduleRequest.psm1 index 609c174b67..5704447962 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleAssignmentScheduleRequest/MSFT_AADRoleAssignmentScheduleRequest.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleAssignmentScheduleRequest/MSFT_AADRoleAssignmentScheduleRequest.psm1 @@ -30,7 +30,7 @@ function Get-TargetResource $AppScopeId, [Parameter()] - [ValidateSet("adminAssign", "adminUpdate", "adminRemove", "selfActivate", "selfDeactivate", "adminExtend", "adminRenew", "selfExtend", "selfRenew", "unknownFutureValue")] + [ValidateSet('adminAssign', 'adminUpdate', 'adminRemove', 'selfActivate', 'selfDeactivate', 'adminExtend', 'adminRenew', 'selfExtend', 'selfRenew', 'unknownFutureValue')] [System.String] $Action, @@ -107,7 +107,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $request = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $request = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } else { @@ -117,7 +117,7 @@ function Get-TargetResource } } - Write-Verbose -Message "Getting Role Eligibility by PrincipalId and RoleDefinitionId" + Write-Verbose -Message 'Getting Role Eligibility by PrincipalId and RoleDefinitionId' $PrincipalValue = $null if ($PrincipalType -eq 'User') { @@ -138,7 +138,7 @@ function Get-TargetResource $PrincipalValue = $PrincipalInstance.DisplayName } - Write-Verbose -Message "Found Principal" + Write-Verbose -Message 'Found Principal' $RoleDefinitionId = (Get-MgBetaRoleManagementDirectoryRoleDefinition -Filter "DisplayName eq '$RoleDefinition'").Id Write-Verbose -Message "Retrieved role definition {$RoleDefinition} with ID {$RoleDefinitionId}" @@ -155,7 +155,7 @@ function Get-TargetResource } $schedules = Get-MgBetaRoleManagementDirectoryRoleAssignmentSchedule -Filter "PrincipalId eq '$($request.PrincipalId)'" - $schedule = $schedules | Where-Object -FilterScript {$_.RoleDefinitionId -eq $RoleDefinitionId} + $schedule = $schedules | Where-Object -FilterScript { $_.RoleDefinitionId -eq $RoleDefinitionId } if ($null -eq $schedule) { foreach ($instance in $schedules) @@ -187,12 +187,12 @@ function Get-TargetResource if ($null -ne $schedule.ScheduleInfo.Expiration) { $expirationValue = @{ - duration = $schedule.ScheduleInfo.Expiration.Duration - type = $schedule.ScheduleInfo.Expiration.Type + duration = $schedule.ScheduleInfo.Expiration.Duration + type = $schedule.ScheduleInfo.Expiration.Type } if ($null -ne $schedule.ScheduleInfo.Expiration.EndDateTime) { - $expirationValue.Add('endDateTime', $schedule.ScheduleInfo.Expiration.EndDateTime.ToString("yyyy-MM-ddThh:mm:ssZ")) + $expirationValue.Add('endDateTime', $schedule.ScheduleInfo.Expiration.EndDateTime.ToString('yyyy-MM-ddThh:mm:ssZ')) } $ScheduleInfoValue.Add('expiration', $expirationValue) } @@ -220,7 +220,7 @@ function Get-TargetResource } if ($null -ne $schedule.ScheduleInfo.StartDateTime) { - $ScheduleInfoValue.Add('StartDateTime', $schedule.ScheduleInfo.StartDateTime.ToString("yyyy-MM-ddThh:mm:ssZ")) + $ScheduleInfoValue.Add('StartDateTime', $schedule.ScheduleInfo.StartDateTime.ToString('yyyy-MM-ddThh:mm:ssZ')) } $ticketInfoValue = $null @@ -299,7 +299,7 @@ function Set-TargetResource $AppScopeId, [Parameter()] - [ValidateSet("adminAssign", "adminUpdate", "adminRemove", "selfActivate", "selfDeactivate", "adminExtend", "adminRenew", "selfExtend", "selfRenew", "unknownFutureValue")] + [ValidateSet('adminAssign', 'adminUpdate', 'adminRemove', 'selfActivate', 'selfDeactivate', 'adminExtend', 'adminRenew', 'selfExtend', 'selfRenew', 'unknownFutureValue')] [System.String] $Action, @@ -356,6 +356,7 @@ function Set-TargetResource { $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` -InboundParameters $PSBoundParameters ` + } catch { @@ -409,12 +410,12 @@ function Set-TargetResource { throw "Multiple Principal with ID {$PrincipalId} of type {$PrincipalType} were found. Cannot create schedule." } - $ParametersOps.Add("PrincipalId", $PrincipalIdValue[0]) - $ParametersOps.Remove("Principal") | Out-Null + $ParametersOps.Add('PrincipalId', $PrincipalIdValue[0]) + $ParametersOps.Remove('Principal') | Out-Null $RoleDefinitionIdValue = (Get-MgBetaRoleManagementDirectoryRoleDefinition -Filter "DisplayName eq '$RoleDefinition'").Id - $ParametersOps.Add("RoleDefinitionId", $RoleDefinitionIdValue) - $ParametersOps.Remove("RoleDefinition") | Out-Null + $ParametersOps.Add('RoleDefinitionId', $RoleDefinitionIdValue) + $ParametersOps.Remove('RoleDefinition') | Out-Null if ($null -ne $ScheduleInfo) { @@ -422,7 +423,7 @@ function Set-TargetResource if ($ScheduleInfo.StartDateTime) { - $ScheduleInfoValue.Add("startDateTime", $ScheduleInfo.StartDateTime) + $ScheduleInfoValue.Add('startDateTime', $ScheduleInfo.StartDateTime) } if ($ScheduleInfo.Expiration) @@ -435,7 +436,7 @@ function Set-TargetResource { $expirationValue.Add('duration', $ScheduleInfo.Expiration.duration) } - $ScheduleInfoValue.Add("Expiration", $expirationValue) + $ScheduleInfoValue.Add('Expiration', $expirationValue) } if ($ScheduleInfo.Recurrence) @@ -455,7 +456,7 @@ function Set-TargetResource month = $ScheduleInfo.Recurrence.Pattern.month type = $ScheduleInfo.Recurrence.Pattern.type } - $recurrenceValue.Add("Pattern", $patternValue) + $recurrenceValue.Add('Pattern', $patternValue) } if ($ScheduleInfo.Recurrence.Range) { @@ -467,35 +468,35 @@ function Set-TargetResource startDate = $ScheduleInfo.Recurrence.Range.startDate type = $ScheduleInfo.Recurrence.Range.type } - $recurrenceValue.Add("Range", $rangeValue) + $recurrenceValue.Add('Range', $rangeValue) } if ($Found) { - $ScheduleInfoValue.Add("Recurrence", $recurrenceValue) + $ScheduleInfoValue.Add('Recurrence', $recurrenceValue) } } Write-Verbose -Message "ScheduleInfo: $(Convert-M365DscHashtableToString -Hashtable $ScheduleInfoValue)" $ParametersOps.ScheduleInfo = $ScheduleInfoValue } - $ParametersOps.Remove("PrincipalType") | Out-Null + $ParametersOps.Remove('PrincipalType') | Out-Null if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating a Role Assignment Schedule Request for principal {$Principal} and role {$RoleDefinition}" - $ParametersOps.Remove("Id") | Out-Null + $ParametersOps.Remove('Id') | Out-Null Write-Verbose -Message "Values: $(Convert-M365DscHashtableToString -Hashtable $ParametersOps)" New-MgBetaRoleManagementDirectoryRoleAssignmentScheduleRequest @ParametersOps } elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Role Assignment Schedule Request for principal {$Principal} and role {$RoleDefinition}" - $ParametersOps.Remove("Id") | Out-Null + $ParametersOps.Remove('Id') | Out-Null $ParametersOps.Action = 'AdminUpdate' New-MgBetaRoleManagementDirectoryRoleAssignmentScheduleRequest @ParametersOps } elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Removing the Role Assignment Schedule Request for principal {$Principal} and role {$RoleDefinition}" - $ParametersOps.Remove("Id") | Out-Null + $ParametersOps.Remove('Id') | Out-Null $ParametersOps.Action = 'AdminRemove' New-MgBetaRoleManagementDirectoryRoleAssignmentScheduleRequest @ParametersOps } @@ -533,7 +534,7 @@ function Test-TargetResource $AppScopeId, [Parameter()] - [ValidateSet("adminAssign", "adminUpdate", "adminRemove", "selfActivate", "selfDeactivate", "adminExtend", "adminRenew", "selfExtend", "selfRenew", "unknownFutureValue")] + [ValidateSet('adminAssign', 'adminUpdate', 'adminRemove', 'selfActivate', 'selfDeactivate', 'adminExtend', 'adminRenew', 'selfExtend', 'selfRenew', 'unknownFutureValue')] [System.String] $Action, @@ -603,15 +604,15 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - $ValuesToCheck.Remove("Action") | Out-Null - if($null -ne $CurrentValues.ScheduleInfo -and $null -ne $ValuesToCheck.ScheduleInfo) + $ValuesToCheck.Remove('Action') | Out-Null + if ($null -ne $CurrentValues.ScheduleInfo -and $null -ne $ValuesToCheck.ScheduleInfo) { # Compare ScheduleInfo.Expiration if ($CurrentValues.ScheduleInfo.Expiration.duration -ne $ValuesToCheck.ScheduleInfo.Expiration.duration -or ` - $CurrentValues.ScheduleInfo.Expiration.endDateTime -ne $ValuesToCheck.ScheduleInfo.Expiration.endDateTime -or ` - $CurrentValues.ScheduleInfo.Expiration.type -ne $ValuesToCheck.ScheduleInfo.Expiration.type) + $CurrentValues.ScheduleInfo.Expiration.endDateTime -ne $ValuesToCheck.ScheduleInfo.Expiration.endDateTime -or ` + $CurrentValues.ScheduleInfo.Expiration.type -ne $ValuesToCheck.ScheduleInfo.Expiration.type) { - Write-Verbose -Message "Discrepancy found in ScheduleInfo.Expiration" + Write-Verbose -Message 'Discrepancy found in ScheduleInfo.Expiration' Write-Verbose -Message "Current: $($CurrentValues.ScheduleInfo.Expiration | Out-String)" Write-Verbose -Message "Desired: $($ValuesToCheck.ScheduleInfo.Expiration | Out-String)" return $false @@ -619,14 +620,14 @@ function Test-TargetResource # Compare ScheduleInfo.Recurrence.Pattern if ($CurrentValues.ScheduleInfo.Recurrence.Pattern.dayOfMonth -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.dayOfMonth -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.daysOfWeek -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.daysOfWeek -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.index -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.index -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.interval -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.interval -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.month -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.month -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.type -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.type) + $CurrentValues.ScheduleInfo.Recurrence.Pattern.daysOfWeek -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.daysOfWeek -or ` + $CurrentValues.ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or ` + $CurrentValues.ScheduleInfo.Recurrence.Pattern.index -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.index -or ` + $CurrentValues.ScheduleInfo.Recurrence.Pattern.interval -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.interval -or ` + $CurrentValues.ScheduleInfo.Recurrence.Pattern.month -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.month -or ` + $CurrentValues.ScheduleInfo.Recurrence.Pattern.type -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.type) { - Write-Verbose -Message "Discrepancy found in ScheduleInfo.Recurrence.Pattern" + Write-Verbose -Message 'Discrepancy found in ScheduleInfo.Recurrence.Pattern' Write-Verbose -Message "Current: $($CurrentValues.ScheduleInfo.Recurrence.Pattern | Out-String)" Write-Verbose -Message "Desired: $($ValuesToCheck.ScheduleInfo.Recurrence.Pattern | Out-String)" return $false @@ -634,12 +635,12 @@ function Test-TargetResource # Compare ScheduleInfo.Recurrence.Range if ($CurrentValues.ScheduleInfo.Recurrence.Range.endDate -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.endDate -or ` - $CurrentValues.ScheduleInfo.Recurrence.Range.numberOfOccurrences -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.numberOfOccurrences -or ` - $CurrentValues.ScheduleInfo.Recurrence.Range.recurrenceTimeZone -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or ` - $CurrentValues.ScheduleInfo.Recurrence.Range.startDate -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.startDate -or ` - $CurrentValues.ScheduleInfo.Recurrence.Range.type -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.type) + $CurrentValues.ScheduleInfo.Recurrence.Range.numberOfOccurrences -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.numberOfOccurrences -or ` + $CurrentValues.ScheduleInfo.Recurrence.Range.recurrenceTimeZone -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or ` + $CurrentValues.ScheduleInfo.Recurrence.Range.startDate -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.startDate -or ` + $CurrentValues.ScheduleInfo.Recurrence.Range.type -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.type) { - Write-Verbose -Message "Discrepancy found in ScheduleInfo.Recurrence.Range" + Write-Verbose -Message 'Discrepancy found in ScheduleInfo.Recurrence.Range' Write-Verbose -Message "Current: $($CurrentValues.ScheduleInfo.Recurrence.Range | Out-String)" Write-Verbose -Message "Desired: $($ValuesToCheck.ScheduleInfo.Recurrence.Range | Out-String)" return $false @@ -649,7 +650,7 @@ function Test-TargetResource Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" - $ValuesToCheck.Remove("ScheduleInfo") | Out-Null + $ValuesToCheck.Remove('ScheduleInfo') | Out-Null $testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -717,10 +718,10 @@ function Export-TargetResource $schedules = Get-MgBetaRoleManagementDirectoryRoleAssignmentSchedule -All -ErrorAction Stop [array] $Script:exportedInstances = @() [array] $allRequests = Get-MgBetaRoleManagementDirectoryRoleAssignmentScheduleRequest -All ` - -Filter "Status ne 'Revoked'" -ErrorAction Stop + -Filter "Status ne 'Revoked'" -ErrorAction Stop foreach ($schedule in $schedules) { - [array] $Script:exportedInstances += $allRequests | Where-Object -FilterScript {$_.TargetScheduleId -eq $schedule.Id} + [array] $Script:exportedInstances += $allRequests | Where-Object -FilterScript { $_.TargetScheduleId -eq $schedule.Id } } #endregion @@ -830,8 +831,8 @@ function Export-TargetResource } catch { - if ($_.ErrorDetails.Message -like "*The tenant needs an AAD Premium*" -or ` - $_.ErrorDetails.MEssage -like "*[AadPremiumLicenseRequired]*") + if ($_.ErrorDetails.Message -like '*The tenant needs an AAD Premium*' -or ` + $_.ErrorDetails.MEssage -like '*[AadPremiumLicenseRequired]*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) Tenant does not meet license requirement to extract this component." } @@ -862,7 +863,7 @@ function Get-M365DSCAzureADEligibilityRequestTicketInfoAsString if ($TicketInfo.TicketNumber -or $TicketInfo.TicketSystem) { - $StringContent = "MSFT_AADRoleAssignmentScheduleRequestTicketInfo {`r`n" + $StringContent = "MSFT_AADRoleAssignmentScheduleRequestTicketInfo {`r`n" $StringContent += " ticketNumber = '$($TicketInfo.TicketNumber)'`r`n" $StringContent += " ticketSystem = '$($TicketInfo.TicketSystem)'`r`n" $StringContent += " }`r`n" @@ -885,7 +886,7 @@ function Get-M365DSCAzureADEligibilityRequestScheduleInfoAsString ) $Found = $false - $StringContent = "MSFT_AADRoleAssignmentScheduleRequestSchedule {`r`n" + $StringContent = "MSFT_AADRoleAssignmentScheduleRequestSchedule {`r`n" if ($ScheduleInfo.StartDateTime) { $StringContent += " startDateTime = '$($ScheduleInfo.StartDateTime)'`r`n" @@ -903,26 +904,26 @@ function Get-M365DSCAzureADEligibilityRequestScheduleInfoAsString { $StringContent += " endDateTime = '$($ScheduleInfo.Expiration.EndDateTime.ToString())'`r`n" } - if($ScheduleInfo.Expiration.Type) + if ($ScheduleInfo.Expiration.Type) { $StringContent += " type = '$($ScheduleInfo.Expiration.Type)'`r`n" } $StringContent += " }`r`n" } - if($ScheduleInfo.Recurrence.Pattern.DayOfMonth -or $ScheduleInfo.Recurrence.Pattern.DaysOfWeek -or ` - $ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or $ScheduleInfo.Recurrence.Pattern.Index -or ` - $ScheduleInfo.Recurrence.Pattern.Interval -or $ScheduleInfo.Recurrence.Pattern.Month -or ` - $ScheduleInfo.Recurrence.Pattern.Type -or $ScheduleInfo.Recurrence.Range.EndDate -or $ScheduleInfo.Recurrence.Range.numberOfOccurrences -or ` - $ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or $ScheduleInfo.Recurrence.Range.startDate -or ` - $ScheduleInfo.Recurrence.Range.type) + if ($ScheduleInfo.Recurrence.Pattern.DayOfMonth -or $ScheduleInfo.Recurrence.Pattern.DaysOfWeek -or ` + $ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or $ScheduleInfo.Recurrence.Pattern.Index -or ` + $ScheduleInfo.Recurrence.Pattern.Interval -or $ScheduleInfo.Recurrence.Pattern.Month -or ` + $ScheduleInfo.Recurrence.Pattern.Type -or $ScheduleInfo.Recurrence.Range.EndDate -or $ScheduleInfo.Recurrence.Range.numberOfOccurrences -or ` + $ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or $ScheduleInfo.Recurrence.Range.startDate -or ` + $ScheduleInfo.Recurrence.Range.type) { $StringContent += " recurrence = MSFT_AADRoleAssignmentScheduleRequestScheduleRecurrence`r`n" $StringContent += " {`r`n" if ($ScheduleInfo.Recurrence.Pattern.DayOfMonth -or $ScheduleInfo.Recurrence.Pattern.DaysOfWeek -or ` - $ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or $ScheduleInfo.Recurrence.Pattern.Index -or ` - $ScheduleInfo.Recurrence.Pattern.Interval -or $ScheduleInfo.Recurrence.Pattern.Month -or ` - $ScheduleInfo.Recurrence.Pattern.Type) + $ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or $ScheduleInfo.Recurrence.Pattern.Index -or ` + $ScheduleInfo.Recurrence.Pattern.Interval -or $ScheduleInfo.Recurrence.Pattern.Month -or ` + $ScheduleInfo.Recurrence.Pattern.Type) { $Found = $true $StringContent += " pattern = MSFT_AADRoleAssignmentScheduleRequestScheduleRecurrencePattern`r`n" @@ -958,8 +959,8 @@ function Get-M365DSCAzureADEligibilityRequestScheduleInfoAsString $StringContent += " }`r`n" } if ($ScheduleInfo.Recurrence.Range.EndDate -or $ScheduleInfo.Recurrence.Range.numberOfOccurrences -or ` - $ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or $ScheduleInfo.Recurrence.Range.startDate -or ` - $ScheduleInfo.Recurrence.Range.type) + $ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or $ScheduleInfo.Recurrence.Range.startDate -or ` + $ScheduleInfo.Recurrence.Range.type) { $Found = $true $StringContent += " range = MSFT_AADRoleAssignmentScheduleRequestScheduleRange`r`n" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleDefinition/MSFT_AADRoleDefinition.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleDefinition/MSFT_AADRoleDefinition.psm1 index c4ba83eb52..772a68b2ca 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleDefinition/MSFT_AADRoleDefinition.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleDefinition/MSFT_AADRoleDefinition.psm1 @@ -96,7 +96,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $AADRoleDefinition = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $AADRoleDefinition = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } else { @@ -112,7 +112,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $AADRoleDefinition = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $AADRoleDefinition = $Script:exportedInstances | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 index 6ebb336f0d..511422e668 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 @@ -30,7 +30,7 @@ $AppScopeId, [Parameter()] - [ValidateSet("adminAssign", "adminUpdate", "adminRemove", "selfActivate", "selfDeactivate", "adminExtend", "adminRenew", "selfExtend", "selfRenew", "unknownFutureValue")] + [ValidateSet('adminAssign', 'adminUpdate', 'adminRemove', 'selfActivate', 'selfDeactivate', 'adminExtend', 'adminRenew', 'selfExtend', 'selfRenew', 'unknownFutureValue')] [System.String] $Action, @@ -107,7 +107,7 @@ { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $request = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $request = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } else { @@ -117,7 +117,7 @@ } } - Write-Verbose -Message "Getting Role Eligibility by PrincipalId and RoleDefinitionId" + Write-Verbose -Message 'Getting Role Eligibility by PrincipalId and RoleDefinitionId' $PrincipalValue = $null if ($PrincipalType -eq 'User') { @@ -138,7 +138,7 @@ $PrincipalValue = $PrincipalInstance.DisplayName } - Write-Verbose -Message "Found Principal" + Write-Verbose -Message 'Found Principal' $RoleDefinitionId = (Get-MgBetaRoleManagementDirectoryRoleDefinition -Filter "DisplayName eq '$RoleDefinition'").Id Write-Verbose -Message "Retrieved role definition {$RoleDefinition} with ID {$RoleDefinitionId}" @@ -155,7 +155,7 @@ } $schedules = Get-MgBetaRoleManagementDirectoryRoleEligibilitySchedule -Filter "PrincipalId eq '$($request.PrincipalId)'" - $schedule = $schedules | Where-Object -FilterScript {$_.RoleDefinitionId -eq $RoleDefinitionId} + $schedule = $schedules | Where-Object -FilterScript { $_.RoleDefinitionId -eq $RoleDefinitionId } if ($null -eq $schedule) { foreach ($instance in $schedules) @@ -187,12 +187,12 @@ if ($null -ne $schedule.ScheduleInfo.Expiration) { $expirationValue = @{ - duration = $schedule.ScheduleInfo.Expiration.Duration - type = $schedule.ScheduleInfo.Expiration.Type + duration = $schedule.ScheduleInfo.Expiration.Duration + type = $schedule.ScheduleInfo.Expiration.Type } if ($null -ne $schedule.ScheduleInfo.Expiration.EndDateTime) { - $expirationValue.Add('endDateTime', $schedule.ScheduleInfo.Expiration.EndDateTime.ToString("yyyy-MM-ddThh:mm:ssZ")) + $expirationValue.Add('endDateTime', $schedule.ScheduleInfo.Expiration.EndDateTime.ToString('yyyy-MM-ddThh:mm:ssZ')) } $ScheduleInfoValue.Add('expiration', $expirationValue) } @@ -220,7 +220,7 @@ } if ($null -ne $schedule.ScheduleInfo.StartDateTime) { - $ScheduleInfoValue.Add('StartDateTime', $schedule.ScheduleInfo.StartDateTime.ToString("yyyy-MM-ddThh:mm:ssZ")) + $ScheduleInfoValue.Add('StartDateTime', $schedule.ScheduleInfo.StartDateTime.ToString('yyyy-MM-ddThh:mm:ssZ')) } $ticketInfoValue = $null @@ -299,7 +299,7 @@ function Set-TargetResource $AppScopeId, [Parameter()] - [ValidateSet("adminAssign", "adminUpdate", "adminRemove", "selfActivate", "selfDeactivate", "adminExtend", "adminRenew", "selfExtend", "selfRenew", "unknownFutureValue")] + [ValidateSet('adminAssign', 'adminUpdate', 'adminRemove', 'selfActivate', 'selfDeactivate', 'adminExtend', 'adminRenew', 'selfExtend', 'selfRenew', 'unknownFutureValue')] [System.String] $Action, @@ -356,6 +356,7 @@ function Set-TargetResource { $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` -InboundParameters $PSBoundParameters ` + } catch { @@ -409,12 +410,12 @@ function Set-TargetResource { throw "Multiple Principal with ID {$PrincipalId} of type {$PrincipalType} were found. Cannot create schedule." } - $ParametersOps.Add("PrincipalId", $PrincipalIdValue[0]) - $ParametersOps.Remove("Principal") | Out-Null + $ParametersOps.Add('PrincipalId', $PrincipalIdValue[0]) + $ParametersOps.Remove('Principal') | Out-Null $RoleDefinitionIdValue = (Get-MgBetaRoleManagementDirectoryRoleDefinition -Filter "DisplayName eq '$RoleDefinition'").Id - $ParametersOps.Add("RoleDefinitionId", $RoleDefinitionIdValue) - $ParametersOps.Remove("RoleDefinition") | Out-Null + $ParametersOps.Add('RoleDefinitionId', $RoleDefinitionIdValue) + $ParametersOps.Remove('RoleDefinition') | Out-Null if ($null -ne $ScheduleInfo) { @@ -422,7 +423,7 @@ function Set-TargetResource if ($ScheduleInfo.StartDateTime) { - $ScheduleInfoValue.Add("startDateTime", $ScheduleInfo.StartDateTime) + $ScheduleInfoValue.Add('startDateTime', $ScheduleInfo.StartDateTime) } if ($ScheduleInfo.Expiration) @@ -435,7 +436,7 @@ function Set-TargetResource { $expirationValue.Add('duration', $ScheduleInfo.Expiration.duration) } - $ScheduleInfoValue.Add("Expiration", $expirationValue) + $ScheduleInfoValue.Add('Expiration', $expirationValue) } if ($ScheduleInfo.Recurrence) @@ -455,7 +456,7 @@ function Set-TargetResource month = $ScheduleInfo.Recurrence.Pattern.month type = $ScheduleInfo.Recurrence.Pattern.type } - $recurrenceValue.Add("Pattern", $patternValue) + $recurrenceValue.Add('Pattern', $patternValue) } if ($ScheduleInfo.Recurrence.Range) { @@ -467,35 +468,35 @@ function Set-TargetResource startDate = $ScheduleInfo.Recurrence.Range.startDate type = $ScheduleInfo.Recurrence.Range.type } - $recurrenceValue.Add("Range", $rangeValue) + $recurrenceValue.Add('Range', $rangeValue) } if ($Found) { - $ScheduleInfoValue.Add("Recurrence", $recurrenceValue) + $ScheduleInfoValue.Add('Recurrence', $recurrenceValue) } } Write-Verbose -Message "ScheduleInfo: $(Convert-M365DscHashtableToString -Hashtable $ScheduleInfoValue)" $ParametersOps.ScheduleInfo = $ScheduleInfoValue } - $ParametersOps.Remove("PrincipalType") | Out-Null + $ParametersOps.Remove('PrincipalType') | Out-Null if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating a Role Assignment Schedule Request for principal {$Principal} and role {$RoleDefinition}" - $ParametersOps.Remove("Id") | Out-Null + $ParametersOps.Remove('Id') | Out-Null Write-Verbose -Message "Values: $(Convert-M365DscHashtableToString -Hashtable $ParametersOps)" New-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest @ParametersOps } elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Role Assignment Schedule Request for principal {$Principal} and role {$RoleDefinition}" - $ParametersOps.Remove("Id") | Out-Null + $ParametersOps.Remove('Id') | Out-Null $ParametersOps.Action = 'AdminUpdate' New-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest @ParametersOps } elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Removing the Role Assignment Schedule Request for principal {$Principal} and role {$RoleDefinition}" - $ParametersOps.Remove("Id") | Out-Null + $ParametersOps.Remove('Id') | Out-Null $ParametersOps.Action = 'AdminRemove' New-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest @ParametersOps } @@ -533,7 +534,7 @@ function Test-TargetResource $AppScopeId, [Parameter()] - [ValidateSet("adminAssign", "adminUpdate", "adminRemove", "selfActivate", "selfDeactivate", "adminExtend", "adminRenew", "selfExtend", "selfRenew", "unknownFutureValue")] + [ValidateSet('adminAssign', 'adminUpdate', 'adminRemove', 'selfActivate', 'selfDeactivate', 'adminExtend', 'adminRenew', 'selfExtend', 'selfRenew', 'unknownFutureValue')] [System.String] $Action, @@ -603,15 +604,15 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - $ValuesToCheck.Remove("Action") | Out-Null - if($null -ne $CurrentValues.ScheduleInfo -and $null -ne $ValuesToCheck.ScheduleInfo) + $ValuesToCheck.Remove('Action') | Out-Null + if ($null -ne $CurrentValues.ScheduleInfo -and $null -ne $ValuesToCheck.ScheduleInfo) { # Compare ScheduleInfo.Expiration if ($CurrentValues.ScheduleInfo.Expiration.duration -ne $ValuesToCheck.ScheduleInfo.Expiration.duration -or ` - $CurrentValues.ScheduleInfo.Expiration.endDateTime -ne $ValuesToCheck.ScheduleInfo.Expiration.endDateTime -or ` - $CurrentValues.ScheduleInfo.Expiration.type -ne $ValuesToCheck.ScheduleInfo.Expiration.type) + $CurrentValues.ScheduleInfo.Expiration.endDateTime -ne $ValuesToCheck.ScheduleInfo.Expiration.endDateTime -or ` + $CurrentValues.ScheduleInfo.Expiration.type -ne $ValuesToCheck.ScheduleInfo.Expiration.type) { - Write-Verbose -Message "Discrepancy found in ScheduleInfo.Expiration" + Write-Verbose -Message 'Discrepancy found in ScheduleInfo.Expiration' Write-Verbose -Message "Current: $($CurrentValues.ScheduleInfo.Expiration | Out-String)" Write-Verbose -Message "Desired: $($ValuesToCheck.ScheduleInfo.Expiration | Out-String)" return $false @@ -619,14 +620,14 @@ function Test-TargetResource # Compare ScheduleInfo.Recurrence.Pattern if ($CurrentValues.ScheduleInfo.Recurrence.Pattern.dayOfMonth -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.dayOfMonth -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.daysOfWeek -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.daysOfWeek -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.index -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.index -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.interval -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.interval -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.month -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.month -or ` - $CurrentValues.ScheduleInfo.Recurrence.Pattern.type -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.type) + $CurrentValues.ScheduleInfo.Recurrence.Pattern.daysOfWeek -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.daysOfWeek -or ` + $CurrentValues.ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or ` + $CurrentValues.ScheduleInfo.Recurrence.Pattern.index -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.index -or ` + $CurrentValues.ScheduleInfo.Recurrence.Pattern.interval -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.interval -or ` + $CurrentValues.ScheduleInfo.Recurrence.Pattern.month -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.month -or ` + $CurrentValues.ScheduleInfo.Recurrence.Pattern.type -ne $ValuesToCheck.ScheduleInfo.Recurrence.Pattern.type) { - Write-Verbose -Message "Discrepancy found in ScheduleInfo.Recurrence.Pattern" + Write-Verbose -Message 'Discrepancy found in ScheduleInfo.Recurrence.Pattern' Write-Verbose -Message "Current: $($CurrentValues.ScheduleInfo.Recurrence.Pattern | Out-String)" Write-Verbose -Message "Desired: $($ValuesToCheck.ScheduleInfo.Recurrence.Pattern | Out-String)" return $false @@ -634,12 +635,12 @@ function Test-TargetResource # Compare ScheduleInfo.Recurrence.Range if ($CurrentValues.ScheduleInfo.Recurrence.Range.endDate -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.endDate -or ` - $CurrentValues.ScheduleInfo.Recurrence.Range.numberOfOccurrences -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.numberOfOccurrences -or ` - $CurrentValues.ScheduleInfo.Recurrence.Range.recurrenceTimeZone -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or ` - $CurrentValues.ScheduleInfo.Recurrence.Range.startDate -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.startDate -or ` - $CurrentValues.ScheduleInfo.Recurrence.Range.type -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.type) + $CurrentValues.ScheduleInfo.Recurrence.Range.numberOfOccurrences -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.numberOfOccurrences -or ` + $CurrentValues.ScheduleInfo.Recurrence.Range.recurrenceTimeZone -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or ` + $CurrentValues.ScheduleInfo.Recurrence.Range.startDate -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.startDate -or ` + $CurrentValues.ScheduleInfo.Recurrence.Range.type -ne $ValuesToCheck.ScheduleInfo.Recurrence.Range.type) { - Write-Verbose -Message "Discrepancy found in ScheduleInfo.Recurrence.Range" + Write-Verbose -Message 'Discrepancy found in ScheduleInfo.Recurrence.Range' Write-Verbose -Message "Current: $($CurrentValues.ScheduleInfo.Recurrence.Range | Out-String)" Write-Verbose -Message "Desired: $($ValuesToCheck.ScheduleInfo.Recurrence.Range | Out-String)" return $false @@ -649,7 +650,7 @@ function Test-TargetResource Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" - $ValuesToCheck.Remove("ScheduleInfo") | Out-Null + $ValuesToCheck.Remove('ScheduleInfo') | Out-Null $testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -717,10 +718,10 @@ function Export-TargetResource $schedules = Get-MgBetaRoleManagementDirectoryRoleEligibilitySchedule -All -ErrorAction Stop [array] $Script:exportedInstances = @() [array] $allRequests = Get-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest -All ` - -Filter "Status ne 'Revoked'" -ErrorAction Stop + -Filter "Status ne 'Revoked'" -ErrorAction Stop foreach ($schedule in $schedules) { - [array] $Script:exportedInstances += $allRequests | Where-Object -FilterScript {$_.TargetScheduleId -eq $schedule.Id} + [array] $Script:exportedInstances += $allRequests | Where-Object -FilterScript { $_.TargetScheduleId -eq $schedule.Id } } #endregion @@ -830,8 +831,8 @@ function Export-TargetResource } catch { - if ($_.ErrorDetails.Message -like "*The tenant needs an AAD Premium*" -or ` - $_.ErrorDetails.MEssage -like "*[AadPremiumLicenseRequired]*") + if ($_.ErrorDetails.Message -like '*The tenant needs an AAD Premium*' -or ` + $_.ErrorDetails.MEssage -like '*[AadPremiumLicenseRequired]*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) Tenant does not meet license requirement to extract this component." } @@ -862,7 +863,7 @@ function Get-M365DSCAzureADEligibilityRequestTicketInfoAsString if ($TicketInfo.TicketNumber -or $TicketInfo.TicketSystem) { - $StringContent = "MSFT_AADRoleEligibilityScheduleRequestTicketInfo {`r`n" + $StringContent = "MSFT_AADRoleEligibilityScheduleRequestTicketInfo {`r`n" $StringContent += " ticketNumber = '$($TicketInfo.TicketNumber)'`r`n" $StringContent += " ticketSystem = '$($TicketInfo.TicketSystem)'`r`n" $StringContent += " }`r`n" @@ -885,7 +886,7 @@ function Get-M365DSCAzureADEligibilityRequestScheduleInfoAsString ) $Found = $false - $StringContent = "MSFT_AADRoleEligibilityScheduleRequestSchedule {`r`n" + $StringContent = "MSFT_AADRoleEligibilityScheduleRequestSchedule {`r`n" if ($ScheduleInfo.StartDateTime) { $StringContent += " startDateTime = '$($ScheduleInfo.StartDateTime)'`r`n" @@ -903,26 +904,26 @@ function Get-M365DSCAzureADEligibilityRequestScheduleInfoAsString { $StringContent += " endDateTime = '$($ScheduleInfo.Expiration.EndDateTime.ToString())'`r`n" } - if($ScheduleInfo.Expiration.Type) + if ($ScheduleInfo.Expiration.Type) { $StringContent += " type = '$($ScheduleInfo.Expiration.Type)'`r`n" } $StringContent += " }`r`n" } - if($ScheduleInfo.Recurrence.Pattern.DayOfMonth -or $ScheduleInfo.Recurrence.Pattern.DaysOfWeek -or ` - $ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or $ScheduleInfo.Recurrence.Pattern.Index -or ` - $ScheduleInfo.Recurrence.Pattern.Interval -or $ScheduleInfo.Recurrence.Pattern.Month -or ` - $ScheduleInfo.Recurrence.Pattern.Type -or $ScheduleInfo.Recurrence.Range.EndDate -or $ScheduleInfo.Recurrence.Range.numberOfOccurrences -or ` - $ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or $ScheduleInfo.Recurrence.Range.startDate -or ` - $ScheduleInfo.Recurrence.Range.type) + if ($ScheduleInfo.Recurrence.Pattern.DayOfMonth -or $ScheduleInfo.Recurrence.Pattern.DaysOfWeek -or ` + $ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or $ScheduleInfo.Recurrence.Pattern.Index -or ` + $ScheduleInfo.Recurrence.Pattern.Interval -or $ScheduleInfo.Recurrence.Pattern.Month -or ` + $ScheduleInfo.Recurrence.Pattern.Type -or $ScheduleInfo.Recurrence.Range.EndDate -or $ScheduleInfo.Recurrence.Range.numberOfOccurrences -or ` + $ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or $ScheduleInfo.Recurrence.Range.startDate -or ` + $ScheduleInfo.Recurrence.Range.type) { $StringContent += " recurrence = MSFT_AADRoleEligibilityScheduleRequestScheduleRecurrence`r`n" $StringContent += " {`r`n" if ($ScheduleInfo.Recurrence.Pattern.DayOfMonth -or $ScheduleInfo.Recurrence.Pattern.DaysOfWeek -or ` - $ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or $ScheduleInfo.Recurrence.Pattern.Index -or ` - $ScheduleInfo.Recurrence.Pattern.Interval -or $ScheduleInfo.Recurrence.Pattern.Month -or ` - $ScheduleInfo.Recurrence.Pattern.Type) + $ScheduleInfo.Recurrence.Pattern.firstDayOfWeek -or $ScheduleInfo.Recurrence.Pattern.Index -or ` + $ScheduleInfo.Recurrence.Pattern.Interval -or $ScheduleInfo.Recurrence.Pattern.Month -or ` + $ScheduleInfo.Recurrence.Pattern.Type) { $Found = $true $StringContent += " pattern = MSFT_AADRoleEligibilityScheduleRequestScheduleRecurrencePattern`r`n" @@ -958,8 +959,8 @@ function Get-M365DSCAzureADEligibilityRequestScheduleInfoAsString $StringContent += " }`r`n" } if ($ScheduleInfo.Recurrence.Range.EndDate -or $ScheduleInfo.Recurrence.Range.numberOfOccurrences -or ` - $ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or $ScheduleInfo.Recurrence.Range.startDate -or ` - $ScheduleInfo.Recurrence.Range.type) + $ScheduleInfo.Recurrence.Range.recurrenceTimeZone -or $ScheduleInfo.Recurrence.Range.startDate -or ` + $ScheduleInfo.Recurrence.Range.type) { $Found = $true $StringContent += " range = MSFT_AADRoleEligibilityScheduleRequestScheduleRange`r`n" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/MSFT_AADRoleManagementPolicyRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/MSFT_AADRoleManagementPolicyRule.psm1 index 7273bdc894..a8eedd64a4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/MSFT_AADRoleManagementPolicyRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/MSFT_AADRoleManagementPolicyRule.psm1 @@ -90,14 +90,14 @@ function Get-TargetResource $getValue = $null $role = Get-MgBetaRoleManagementDirectoryRoleDefinition -All -Filter "DisplayName eq '$($roleDisplayName)'" - if($null -eq $role) + if ($null -eq $role) { Write-Verbose -Message "Could not find an Azure AD Role Management Definition with DisplayName {$roleDisplayName}" return $nullResult } $assignment = Get-MgBetaPolicyRoleManagementPolicyAssignment -Filter "RoleDefinitionId eq '$($role.Id)' and scopeId eq '/' and scopeType eq 'DirectoryRole'" - if($null -eq $assignment) + if ($null -eq $assignment) { Write-Verbose -Message "Could not find an Azure AD Role Management Policy Assignment with RoleDefinitionId {$role.Id}" return $nullResult @@ -107,7 +107,7 @@ function Get-TargetResource $getValue = Get-MgBetaPolicyRoleManagementPolicyRule ` -UnifiedRoleManagementPolicyId $policyId ` - -UnifiedRoleManagementPolicyRuleId $id -ErrorAction SilentlyContinue + -UnifiedRoleManagementPolicyRuleId $id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -116,24 +116,24 @@ function Get-TargetResource } Write-Verbose -Message "An Azure AD Role Management Policy Rule with Id {$id} and PolicyId {$policyId} was found" - $rule = Get-M365DSCRoleManagementPolicyRuleObject -Rule $getValue + $rule = Get-M365DSCRoleManagementPolicyRuleObject -Rule $getValue $results = @{ - id = $id - policyId = $policyId - roleDisplayName = $roleDisplayName - ruleType = $rule.ruleType - expirationRule = $rule.expirationRule - notificationRule = $rule.notificationRule - enablementRule = $rule.enablementRule - approvalRule = $rule.approvalRule + id = $id + policyId = $policyId + roleDisplayName = $roleDisplayName + ruleType = $rule.ruleType + expirationRule = $rule.expirationRule + notificationRule = $rule.notificationRule + enablementRule = $rule.enablementRule + approvalRule = $rule.approvalRule authenticationContextRule = $rule.authenticationContextRule - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent } return [System.Collections.Hashtable] $results @@ -239,63 +239,63 @@ function Set-TargetResource Write-Verbose -Message "Updating the Azure AD Role Management Policy Rule with Id {$($currentInstance.Id)}" $body = @{ - '@odata.type' = $ruleType + '@odata.type' = $ruleType } - if($ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyExpirationRule') + if ($ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyExpirationRule') { $expirationRuleHashmap = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $expirationRule # add all the properties to the body - foreach($key in $expirationRuleHashmap.Keys) + foreach ($key in $expirationRuleHashmap.Keys) { $body.Add($key, $expirationRuleHashmap.$key) } } - if($ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyNotificationRule') + if ($ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyNotificationRule') { $notificationRuleHashmap = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $notificationRule # add all the properties to the body - foreach($key in $notificationRuleHashmap.Keys) + foreach ($key in $notificationRuleHashmap.Keys) { $body.Add($key, $notificationRuleHashmap.$key) } } - if($ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyEnablementRule') + if ($ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyEnablementRule') { $enablementRuleHashmap = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $enablementRule # add all the properties to the body - foreach($key in $enablementRuleHashmap.Keys) + foreach ($key in $enablementRuleHashmap.Keys) { $body.Add($key, $enablementRuleHashmap.$key) } } - if($ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyApprovalRule') + if ($ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyApprovalRule') { $approvalRuleHashmap = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $approvalRule # add all the properties to the body - foreach($key in $approvalRuleHashmap.Keys) + foreach ($key in $approvalRuleHashmap.Keys) { $body.Add($key, $approvalRuleHashmap.$key) } } - if($ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule') + if ($ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule') { $authenticationContextRuleHashmap = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $authenticationContextRule # add all the properties to the body - foreach($key in $authenticationContextRuleHashmap.Keys) + foreach ($key in $authenticationContextRuleHashmap.Keys) { $body.Add($key, $authenticationContextRuleHashmap.$key) } } Update-MgBetaPolicyRoleManagementPolicyRule ` - -UnifiedRoleManagementPolicyId $currentInstance.policyId ` - -UnifiedRoleManagementPolicyRuleId $currentInstance.Id ` - -BodyParameter $body + -UnifiedRoleManagementPolicyId $currentInstance.policyId ` + -UnifiedRoleManagementPolicyRuleId $currentInstance.Id ` + -BodyParameter $body #endregion } @@ -487,7 +487,7 @@ function Export-TargetResource Write-Host "`r`n" -NoNewline try { - [array] $roles = Get-MgBetaRoleManagementDirectoryRoleDefinition -All + [array] $roles = Get-MgBetaRoleManagementDirectoryRoleDefinition -All $j = 1 foreach ($role in $roles) @@ -497,9 +497,9 @@ function Export-TargetResource $rules = Get-MgBetaPolicyRoleManagementPolicyRule ` -UnifiedRoleManagementPolicyId $policyId - Write-Host " |---[$j/$($roles.Count)] $($role.displayName)" + Write-Host " |---[$j/$($roles.Count)] $($role.displayName)" $i = 1 - foreach($rule in $rules) + foreach ($rule in $rules) { Write-Host " |---[$i/$($rules.Count)] $($role.displayName)_$($rule.id)" -NoNewline $Params = @{ @@ -517,21 +517,21 @@ function Export-TargetResource $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results + -Results $Results if ($null -ne $Results.expirationRule) { $complexMapping = @( @{ - Name = 'expirationRule' + Name = 'expirationRule' CimInstanceName = 'AADRoleManagementPolicyExpirationRule' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.expirationRule` - -CIMInstanceName 'AADRoleManagementPolicyExpirationRule' ` - -ComplexTypeMapping $complexMapping + -ComplexObject $Results.expirationRule` + -CIMInstanceName 'AADRoleManagementPolicyExpirationRule' ` + -ComplexTypeMapping $complexMapping if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { @@ -547,15 +547,15 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'notificationRule' + Name = 'notificationRule' CimInstanceName = 'AADRoleManagementPolicyNotificationRule' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.notificationRule` - -CIMInstanceName 'AADRoleManagementPolicyNotificationRule' ` - -ComplexTypeMapping $complexMapping + -ComplexObject $Results.notificationRule` + -CIMInstanceName 'AADRoleManagementPolicyNotificationRule' ` + -ComplexTypeMapping $complexMapping if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { @@ -572,15 +572,15 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'enablementRule' + Name = 'enablementRule' CimInstanceName = 'AADRoleManagementPolicyEnablementRule' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.enablementRule` - -CIMInstanceName 'AADRoleManagementPolicyEnablementRule' ` - -ComplexTypeMapping $complexMapping + -ComplexObject $Results.enablementRule` + -CIMInstanceName 'AADRoleManagementPolicyEnablementRule' ` + -ComplexTypeMapping $complexMapping if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { @@ -596,15 +596,15 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'authenticationContextRule' + Name = 'authenticationContextRule' CimInstanceName = 'AADRoleManagementPolicyAuthenticationContextRule' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.authenticationContextRule` - -CIMInstanceName 'AADRoleManagementPolicyAuthenticationContextRule' ` - -ComplexTypeMapping $complexMapping + -ComplexObject $Results.authenticationContextRule` + -CIMInstanceName 'AADRoleManagementPolicyAuthenticationContextRule' ` + -ComplexTypeMapping $complexMapping if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { @@ -620,35 +620,35 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'approvalRule' + Name = 'approvalRule' CimInstanceName = 'AADRoleManagementPolicyApprovalRule' - IsRequired = $False + IsRequired = $False } @{ - Name = 'setting' + Name = 'setting' CimInstanceName = 'AADRoleManagementPolicyApprovalSettings' - IsRequired = $False + IsRequired = $False } @{ - Name = 'approvalStages' + Name = 'approvalStages' CimInstanceName = 'AADRoleManagementPolicyApprovalStage' - IsRequired = $False + IsRequired = $False } @{ - Name = 'escalationApprovers' + Name = 'escalationApprovers' CimInstanceName = 'AADRoleManagementPolicySubjectSet' - IsRequired = $False + IsRequired = $False } @{ - Name = 'primaryApprovers' + Name = 'primaryApprovers' CimInstanceName = 'AADRoleManagementPolicySubjectSet' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.approvalRule` - -CIMInstanceName 'AADRoleManagementPolicyApprovalRule' ` - -ComplexTypeMapping $complexMapping + -ComplexObject $Results.approvalRule` + -CIMInstanceName 'AADRoleManagementPolicyApprovalRule' ` + -ComplexTypeMapping $complexMapping if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { @@ -661,40 +661,40 @@ function Export-TargetResource } $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` - -ConnectionMode $ConnectionMode ` - -ModulePath $PSScriptRoot ` - -Results $Results ` - -Credential $Credential + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $Results ` + -Credential $Credential if ($Results.expirationRule) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "expirationRule" -IsCIMArray:$false + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'expirationRule' -IsCIMArray:$false } if ($Results.notificationRule) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "notificationRule" -IsCIMArray:$false + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'notificationRule' -IsCIMArray:$false } if ($Results.enablementRule) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "enablementRule" -IsCIMArray:$false + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'enablementRule' -IsCIMArray:$false } if ($Results.approvalRule) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "approvalRule" -IsCIMArray:$false + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'approvalRule' -IsCIMArray:$false } if ($Results.authenticationContextRule) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "authenticationContextRule" -IsCIMArray:$false + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'authenticationContextRule' -IsCIMArray:$false } $dscContent.Append($currentDSCBlock) | Out-Null Save-M365DSCPartialExport -Content $currentDSCBlock ` - -FileName $Global:PartialExportFileName + -FileName $Global:PartialExportFileName Write-Host $Global:M365DSCEmojiGreenCheckMark $i++ } @@ -731,34 +731,34 @@ function Get-M365DSCRoleManagementPolicyRuleObject return $null } - $odataType = "@odata.type" + $odataType = '@odata.type' $values = @{ - id = $Rule.id - ruleType = $Rule.AdditionalProperties.$odataType + id = $Rule.id + ruleType = $Rule.AdditionalProperties.$odataType } - if($values.ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyExpirationRule') + if ($values.ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyExpirationRule') { $expirationRule = @{ isExpirationRequired = $Rule.AdditionalProperties.isExpirationRequired - maximumDuration = $Rule.AdditionalProperties.maximumDuration + maximumDuration = $Rule.AdditionalProperties.maximumDuration } $values.Add('expirationRule', $expirationRule) } - if($values.ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyNotificationRule') + if ($values.ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyNotificationRule') { $notificationRule = @{ - notificationType = $Rule.AdditionalProperties.notificationType - recipientType = $Rule.AdditionalProperties.recipientType - notificationLevel = $Rule.AdditionalProperties.notificationLevel + notificationType = $Rule.AdditionalProperties.notificationType + recipientType = $Rule.AdditionalProperties.recipientType + notificationLevel = $Rule.AdditionalProperties.notificationLevel isDefaultRecipientsEnabled = $Rule.AdditionalProperties.isDefaultRecipientsEnabled - notificationRecipients = [array]$Rule.AdditionalProperties.notificationRecipients + notificationRecipients = [array]$Rule.AdditionalProperties.notificationRecipients } $values.Add('notificationRule', $notificationRule) } - if($values.ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyEnablementRule') + if ($values.ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyEnablementRule') { $enablementRule = @{ enabledRules = [array]$Rule.AdditionalProperties.enabledRules @@ -766,13 +766,13 @@ function Get-M365DSCRoleManagementPolicyRuleObject $values.Add('enablementRule', $enablementRule) } - if($values.ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyApprovalRule') + if ($values.ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyApprovalRule') { $approvalStages = @() - foreach($stage in $Rule.AdditionalProperties.setting.approvalStages) + foreach ($stage in $Rule.AdditionalProperties.setting.approvalStages) { $primaryApprovers = @() - foreach($approver in $stage.primaryApprovers) + foreach ($approver in $stage.primaryApprovers) { $primaryApprover = @{ odataType = $approver.$odataType @@ -781,7 +781,7 @@ function Get-M365DSCRoleManagementPolicyRuleObject } $escalationApprovers = @() - foreach($approver in $stage.escalationApprovers) + foreach ($approver in $stage.escalationApprovers) { $escalationApprover = @{ odataType = $approver.$odataType @@ -790,22 +790,22 @@ function Get-M365DSCRoleManagementPolicyRuleObject } $approvalStage = @{ - approvalStageTimeOutInDays = $stage.approvalStageTimeOutInDays - escalationTimeInMinutes = $stage.escalationTimeInMinutes + approvalStageTimeOutInDays = $stage.approvalStageTimeOutInDays + escalationTimeInMinutes = $stage.escalationTimeInMinutes isApproverJustificationRequired = $stage.isApproverJustificationRequired - isEscalationEnabled = $stage.isEscalationEnabled - escalationApprovers = [array]$escalationApprovers - primaryApprovers = [array]$primaryApprovers + isEscalationEnabled = $stage.isEscalationEnabled + escalationApprovers = [array]$escalationApprovers + primaryApprovers = [array]$primaryApprovers } $approvalStages += $approvalStage } $setting = @{ - approvalMode = $Rule.AdditionalProperties.setting.approvalMode; - isApprovalRequired = $Rule.AdditionalProperties.setting.isApprovalRequired - isApprovalRequiredForExtension = $Rule.AdditionalProperties.setting.isApprovalRequiredForExtension + approvalMode = $Rule.AdditionalProperties.setting.approvalMode + isApprovalRequired = $Rule.AdditionalProperties.setting.isApprovalRequired + isApprovalRequiredForExtension = $Rule.AdditionalProperties.setting.isApprovalRequiredForExtension isRequestorJustificationRequired = $Rule.AdditionalProperties.setting.isRequestorJustificationRequired - approvalStages = [array]$approvalStages + approvalStages = [array]$approvalStages } $approvalRule = @{ setting = $setting @@ -813,10 +813,10 @@ function Get-M365DSCRoleManagementPolicyRuleObject $values.Add('approvalRule', $approvalRule) } - if($values.ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule') + if ($values.ruleType -eq '#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule') { $authenticationContextRule = @{ - isEnabled = $Rule.AdditionalProperties.isEnabled + isEnabled = $Rule.AdditionalProperties.isEnabled claimValue = $Rule.AdditionalProperties.claimValue } $values.Add('authenticationContextRule', $authenticationContextRule) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/MSFT_AADRoleManagementPolicyRule.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/MSFT_AADRoleManagementPolicyRule.schema.mof index 26d8fff818..09b5121d61 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/MSFT_AADRoleManagementPolicyRule.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/MSFT_AADRoleManagementPolicyRule.schema.mof @@ -23,7 +23,7 @@ class MSFT_AADRoleManagementPolicyEnablementRule }; [ClassVersion("1.0.0.0")] -class MSFT_AADRoleManagementPolicySubjectSet +class MSFT_AADRoleManagementPolicySubjectSet { [Write, Description("The type of the subject set.")] String odataType; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/settings.json index c9d3df95e9..0df5763863 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleManagementPolicyRule/settings.json @@ -1,51 +1,50 @@ { "resourceName": "AADRoleManagementPolicyRule", "description": "This resource configures an Azure AD Role Management Policy Rule.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "RoleManagementPolicy.Read.Directory" - }, - { - "name": "RoleManagement.Read.Directory" - }, - { - "name": "RoleManagement.Read.All" - } - ], - "update": [ - { - "name": "RoleManagementPolicy.ReadWrite.Directory" - }, - { - "name": "RoleManagement.ReadWrite.Directory" - } - ] - }, - "application": { - "read": [ - { - "name": "RoleManagementPolicy.Read.Directory" - }, - { - "name": "RoleManagement.Read.Directory" - }, - { - "name": "RoleManagement.Read.All" - } - ], - "update": [ - { - "name": "RoleManagementPolicy.ReadWrite.Directory" - }, - { - "name": "RoleManagement.ReadWrite.Directory" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "RoleManagementPolicy.Read.Directory" + }, + { + "name": "RoleManagement.Read.Directory" + }, + { + "name": "RoleManagement.Read.All" + } + ], + "update": [ + { + "name": "RoleManagementPolicy.ReadWrite.Directory" + }, + { + "name": "RoleManagement.ReadWrite.Directory" + } + ] + }, + "application": { + "read": [ + { + "name": "RoleManagementPolicy.Read.Directory" + }, + { + "name": "RoleManagement.Read.Directory" + }, + { + "name": "RoleManagement.Read.All" + } + ], + "update": [ + { + "name": "RoleManagementPolicy.ReadWrite.Directory" + }, + { + "name": "RoleManagement.ReadWrite.Directory" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 index 43cd0c3f04..2af52a4d70 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 @@ -1459,7 +1459,7 @@ function Export-TargetResource } catch { - if ($_.ErrorDetails.Message -like "*The tenant needs to have Microsoft Entra*") + if ($_.ErrorDetails.Message -like '*The tenant needs to have Microsoft Entra*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) AAD Premium License is required to get the role." return '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADServicePrincipal/MSFT_AADServicePrincipal.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADServicePrincipal/MSFT_AADServicePrincipal.psm1 index cb79bf3233..dea562de05 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADServicePrincipal/MSFT_AADServicePrincipal.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADServicePrincipal/MSFT_AADServicePrincipal.psm1 @@ -156,7 +156,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $AADServicePrincipal = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $AADServicePrincipal = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } else { @@ -175,7 +175,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $AADServicePrincipal = $Script:exportedInstances | Where-Object -FilterScript {$_.AppId -eq $AppId} + $AADServicePrincipal = $Script:exportedInstances | Where-Object -FilterScript { $_.AppId -eq $AppId } } else { @@ -186,13 +186,13 @@ function Get-TargetResource if ($appInstance) { $AADServicePrincipal = Get-MgServicePrincipal -Filter "AppID eq '$($appInstance.AppId)'" ` - -Expand 'AppRoleAssignedTo' + -Expand 'AppRoleAssignedTo' } } else { $AADServicePrincipal = Get-MgServicePrincipal -Filter "AppID eq '$($AppId)'" ` - -Expand 'AppRoleAssignedTo' + -Expand 'AppRoleAssignedTo' } } } @@ -239,7 +239,8 @@ function Get-TargetResource [Array]$complexDelegatedPermissionClassifications = @() $Uri = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/servicePrincipals/$($AADServicePrincipal.Id)/delegatedPermissionClassifications" $permissionClassifications = Invoke-MgGraphRequest -Uri $Uri -Method Get - foreach ($permissionClassification in $permissionClassifications.Value){ + foreach ($permissionClassification in $permissionClassifications.Value) + { $hashtable = @{ classification = $permissionClassification.Classification permissionName = $permissionClassification.permissionName @@ -251,7 +252,7 @@ function Get-TargetResource foreach ($currentkeyCredentials in $AADServicePrincipal.keyCredentials) { $mykeyCredentials = @{} - if($null -ne $currentkeyCredentials.customKeyIdentifier) + if ($null -ne $currentkeyCredentials.customKeyIdentifier) { $mykeyCredentials.Add('CustomKeyIdentifier', [convert]::ToBase64String($currentkeyCredentials.customKeyIdentifier)) } @@ -263,7 +264,7 @@ function Get-TargetResource $mykeyCredentials.Add('KeyId', $currentkeyCredentials.keyId) - if($null -ne $currentkeyCredentials.Key) + if ($null -ne $currentkeyCredentials.Key) { $mykeyCredentials.Add('Key', [convert]::ToBase64String($currentkeyCredentials.key)) } @@ -274,7 +275,7 @@ function Get-TargetResource } $mykeyCredentials.Add('Type', $currentkeyCredentials.type) $mykeyCredentials.Add('Usage', $currentkeyCredentials.usage) - if ($mykeyCredentials.values.Where({$null -ne $_}).Count -gt 0) + if ($mykeyCredentials.values.Where({ $null -ne $_ }).Count -gt 0) { $complexKeyCredentials += $mykeyCredentials } @@ -295,14 +296,15 @@ function Get-TargetResource { $mypasswordCredentials.Add('StartDateTime', ([DateTimeOffset]$currentpasswordCredentials.startDateTime).ToString('o')) } - if ($mypasswordCredentials.values.Where({$null -ne $_}).Count -gt 0) + if ($mypasswordCredentials.values.Where({ $null -ne $_ }).Count -gt 0) { $complexPasswordCredentials += $mypasswordCredentials } } $complexCustomSecurityAttributes = [Array](Get-CustomSecurityAttributes -ServicePrincipalId $AADServicePrincipal.Id) - if ($null -eq $complexCustomSecurityAttributes) { + if ($null -eq $complexCustomSecurityAttributes) + { $complexCustomSecurityAttributes = @() } @@ -517,9 +519,12 @@ function Set-TargetResource $currentParameters.Remove('Owners') | Out-Null # update the custom security attributes to be cmdlet comsumable - if ($null -ne $currentParameters.CustomSecurityAttributes -and $currentParameters.CustomSecurityAttributes -gt 0) { + if ($null -ne $currentParameters.CustomSecurityAttributes -and $currentParameters.CustomSecurityAttributes -gt 0) + { $currentParameters.CustomSecurityAttributes = Get-M365DSCAADServicePrincipalCustomSecurityAttributesAsCmdletHashtable -CustomSecurityAttributes $currentParameters.CustomSecurityAttributes - } else { + } + else + { $currentParameters.Remove('CustomSecurityAttributes') } @@ -555,8 +560,10 @@ function Set-TargetResource } # Adding delegated permissions classifications - if($null -ne $DelegatedPermissionClassifications){ - foreach ($permissionClassification in $DelegatedPermissionClassifications){ + if ($null -ne $DelegatedPermissionClassifications) + { + foreach ($permissionClassification in $DelegatedPermissionClassifications) + { $params = @{ classification = $permissionClassification.Classification permissionName = $permissionClassification.permissionName @@ -588,7 +595,8 @@ function Set-TargetResource } #removing the current custom security attributes - if ($currentAADServicePrincipal.CustomSecurityAttributes.Count -gt 0) { + if ($currentAADServicePrincipal.CustomSecurityAttributes.Count -gt 0) + { $currentAADServicePrincipal.CustomSecurityAttributes = Get-M365DSCAADServicePrincipalCustomSecurityAttributesAsCmdletHashtable -CustomSecurityAttributes $currentAADServicePrincipal.CustomSecurityAttributes -GetForDelete $true $CSAParams = @{ customSecurityAttributes = $currentAADServicePrincipal.CustomSecurityAttributes @@ -600,7 +608,7 @@ function Set-TargetResource if ($IdentifierUris) { - Write-Verbose -Message "Updating the Application ID Uri on the application instance." + Write-Verbose -Message 'Updating the Application ID Uri on the application instance.' $appInstance = Get-MgApplication -Filter "AppId eq '$AppId'" Update-MgApplication -ApplicationId $appInstance.Id -IdentifierUris $IdentifierUris } @@ -610,8 +618,8 @@ function Set-TargetResource [Array]$desiredPrincipals = $AppRoleAssignedTo.Identity [Array]$differences = Compare-Object -ReferenceObject $currentPrincipals -DifferenceObject $desiredPrincipals - [Array]$membersToAdd = $differences | Where-Object -FilterScript {$_.SideIndicator -eq '=>'} - [Array]$membersToRemove = $differences | Where-Object -FilterScript {$_.SideIndicator -eq '<='} + [Array]$membersToAdd = $differences | Where-Object -FilterScript { $_.SideIndicator -eq '=>' } + [Array]$membersToRemove = $differences | Where-Object -FilterScript { $_.SideIndicator -eq '<=' } if ($differences.Count -gt 0) { @@ -627,7 +635,7 @@ function Set-TargetResource } foreach ($member in $membersToAdd) { - $assignment = $AppRoleAssignedToValues | Where-Object -FilterScript {$_.Identity -eq $member.InputObject} + $assignment = $AppRoleAssignedToValues | Where-Object -FilterScript { $_.Identity -eq $member.InputObject } if ($assignment.PrincipalType -eq 'User') { Write-Verbose -Message "Retrieving user {$($assignment.Identity)}" @@ -644,7 +652,7 @@ function Set-TargetResource $bodyParam = @{ principalId = $PrincipalIdValue resourceId = $currentAADServicePrincipal.ObjectID - appRoleId = "00000000-0000-0000-0000-000000000000" + appRoleId = '00000000-0000-0000-0000-000000000000' } Write-Verbose -Message "Adding member {$($member.InputObject.ToString())}" New-MgServicePrincipalAppRoleAssignedTo -ServicePrincipalId $currentAADServicePrincipal.ObjectID ` @@ -664,7 +672,7 @@ function Set-TargetResource } foreach ($member in $membersToRemove) { - $assignment = $AppRoleAssignedToValues | Where-Object -FilterScript {$_.Identity -eq $member.InputObject} + $assignment = $AppRoleAssignedToValues | Where-Object -FilterScript { $_.Identity -eq $member.InputObject } if ($assignment.PrincipalType -eq 'User') { Write-Verbose -Message "Retrieving user {$($assignment.Identity)}" @@ -680,7 +688,7 @@ function Set-TargetResource Write-Verbose -Message "PrincipalID Value = '$PrincipalIdValue'" Write-Verbose -Message "ServicePrincipalId = '$($currentAADServicePrincipal.ObjectID)'" $allAssignments = Get-MgServicePrincipalAppRoleAssignedTo -ServicePrincipalId $currentAADServicePrincipal.ObjectID - $assignmentToRemove = $allAssignments | Where-Object -FilterScript {$_.PrincipalId -eq $PrincipalIdValue} + $assignmentToRemove = $allAssignments | Where-Object -FilterScript { $_.PrincipalId -eq $PrincipalIdValue } Write-Verbose -Message "Removing member {$($member.InputObject.ToString())}" Remove-MgServicePrincipalAppRoleAssignedTo -ServicePrincipalId $currentAADServicePrincipal.ObjectID ` -AppRoleAssignmentId $assignmentToRemove.Id | Out-Null @@ -689,7 +697,7 @@ function Set-TargetResource } } - Write-Verbose -Message "Checking if owners need to be updated..." + Write-Verbose -Message 'Checking if owners need to be updated...' if ($null -ne $Owners) { @@ -705,29 +713,31 @@ function Set-TargetResource } Write-Verbose -Message "Adding owner {$($userInfo.Id)}" New-MgServicePrincipalOwnerByRef -ServicePrincipalId $currentAADServicePrincipal.ObjectId ` - -BodyParameter $body | Out-Null + -BodyParameter $body | Out-Null } else { Write-Verbose -Message "Removing owner {$($userInfo.Id)}" Remove-MgServicePrincipalOwnerByRef -ServicePrincipalId $currentAADServicePrincipal.ObjectId ` - -DirectoryObjectId $userInfo.Id | Out-Null + -DirectoryObjectId $userInfo.Id | Out-Null } } - Write-Verbose -Message "Checking if DelegatedPermissionClassifications need to be updated..." + Write-Verbose -Message 'Checking if DelegatedPermissionClassifications need to be updated...' if ($null -ne $DelegatedPermissionClassifications) { # removing old perm classifications $Uri = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/servicePrincipals(appId='$($currentParameters.AppId)')/delegatedPermissionClassifications" $permissionClassificationList = Invoke-MgGraphRequest -Uri $Uri -Method Get - foreach($permissionClassification in $permissionClassificationList.Value){ + foreach ($permissionClassification in $permissionClassificationList.Value) + { Invoke-MgGraphRequest -Uri "$($Uri)/$($permissionClassification.Id)" -Method Delete } # adding new perm classifications - foreach ($permissionClassification in $DelegatedPermissionClassifications){ + foreach ($permissionClassification in $DelegatedPermissionClassifications) + { $params = @{ classification = $permissionClassification.Classification permissionName = $permissionClassification.permissionName @@ -910,7 +920,8 @@ function Test-TargetResource { $testTargetResource = $false } - else { + else + { $ValuesToCheck.Remove($key) | Out-Null } } @@ -920,12 +931,12 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys ` - -IncludedDrifts $driftedParams + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys ` + -IncludedDrifts $driftedParams - if(-not $TestResult) + if (-not $TestResult) { $testTargetResource = $false } @@ -996,9 +1007,9 @@ function Export-TargetResource Write-Host "`r`n" -NoNewline $Script:ExportMode = $true [array] $Script:exportedInstances = Get-MgServicePrincipal -All:$true ` - -Filter $Filter ` - -Expand 'AppRoleAssignedTo' ` - -ErrorAction Stop + -Filter $Filter ` + -Expand 'AppRoleAssignedTo' ` + -ErrorAction Stop foreach ($AADServicePrincipal in $Script:exportedInstances) { if ($null -ne $Global:M365DSCExportResourceInstancesCount) @@ -1034,8 +1045,8 @@ function Export-TargetResource if ($null -ne $Results.KeyCredentials) { $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.KeyCredentials ` - -CIMInstanceName 'MicrosoftGraphkeyCredential' + -ComplexObject $Results.KeyCredentials ` + -CIMInstanceName 'MicrosoftGraphkeyCredential' if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { $Results.KeyCredentials = $complexTypeStringResult @@ -1048,8 +1059,8 @@ function Export-TargetResource if ($null -ne $Results.PasswordCredentials) { $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.PasswordCredentials ` - -CIMInstanceName 'MicrosoftGraphpasswordCredential' + -ComplexObject $Results.PasswordCredentials ` + -CIMInstanceName 'MicrosoftGraphpasswordCredential' if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { $Results.PasswordCredentials = $complexTypeStringResult @@ -1081,13 +1092,13 @@ function Export-TargetResource if ($null -ne $Results.KeyCredentials) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName "KeyCredentials" -IsCIMArray:$True + -ParameterName 'KeyCredentials' -IsCIMArray:$True } if ($null -ne $Results.PasswordCredentials) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName "PasswordCredentials" -IsCIMArray:$True + -ParameterName 'PasswordCredentials' -IsCIMArray:$True } if ($null -ne $Results.CustomSecurityAttributes) @@ -1136,38 +1147,46 @@ function Get-M365DSCAADServicePrincipalCustomSecurityAttributesAsCmdletHashtable # logic to update the custom security attributes to be cmdlet comsumable $updatedCustomSecurityAttributes = @{} - foreach ($attributeSet in $CustomSecurityAttributes) { + foreach ($attributeSet in $CustomSecurityAttributes) + { $attributeSetKey = $attributeSet.AttributeSetName $valuesHashtable = @{} $valuesHashtable.Add('@odata.type', '#Microsoft.DirectoryServices.CustomSecurityAttributeValue') - foreach ($attribute in $attributeSet.AttributeValues) { + foreach ($attribute in $attributeSet.AttributeValues) + { $attributeKey = $attribute.AttributeName # supply attributeName = $null in the body, if you want to delete this attribute - if ($GetForDelete -eq $true) { + if ($GetForDelete -eq $true) + { $valuesHashtable.Add($attributeKey, $null) continue } $odataKey = $attributeKey + '@odata.type' - if ($null -ne $attribute.StringArrayValue) { - $valuesHashtable.Add($odataKey, "#Collection(String)") + if ($null -ne $attribute.StringArrayValue) + { + $valuesHashtable.Add($odataKey, '#Collection(String)') $attributeValue = $attribute.StringArrayValue } - elseif ($null -ne $attribute.IntArrayValue) { - $valuesHashtable.Add($odataKey, "#Collection(Int32)") + elseif ($null -ne $attribute.IntArrayValue) + { + $valuesHashtable.Add($odataKey, '#Collection(Int32)') $attributeValue = $attribute.IntArrayValue } - elseif ($null -ne $attribute.StringValue) { - $valuesHashtable.Add($odataKey, "#String") + elseif ($null -ne $attribute.StringValue) + { + $valuesHashtable.Add($odataKey, '#String') $attributeValue = $attribute.StringValue } - elseif ($null -ne $attribute.IntValue) { - $valuesHashtable.Add($odataKey, "#Int32") + elseif ($null -ne $attribute.IntValue) + { + $valuesHashtable.Add($odataKey, '#Int32') $attributeValue = $attribute.IntValue } - elseif ($null -ne $attribute.BoolValue) { + elseif ($null -ne $attribute.BoolValue) + { $attributeValue = $attribute.BoolValue } @@ -1179,36 +1198,43 @@ function Get-M365DSCAADServicePrincipalCustomSecurityAttributesAsCmdletHashtable } # Function to create MSFT_AttributeValue -function Create-AttributeValue { +function Create-AttributeValue +{ param ( [string]$AttributeName, [object]$Value ) $attributeValue = @{ - AttributeName = $AttributeName + AttributeName = $AttributeName StringArrayValue = $null - IntArrayValue = $null - StringValue = $null - IntValue = $null - BoolValue = $null + IntArrayValue = $null + StringValue = $null + IntValue = $null + BoolValue = $null } # Handle different types of values - if ($Value -is [string]) { + if ($Value -is [string]) + { $attributeValue.StringValue = $Value } - elseif ($Value -is [System.Int32] -or $Value -is [System.Int64]) { + elseif ($Value -is [System.Int32] -or $Value -is [System.Int64]) + { $attributeValue.IntValue = $Value } - elseif ($Value -is [bool]) { + elseif ($Value -is [bool]) + { $attributeValue.BoolValue = $Value } - elseif ($Value -is [array]) { - if ($Value[0] -is [string]) { + elseif ($Value -is [array]) + { + if ($Value[0] -is [string]) + { $attributeValue.StringArrayValue = $Value } - elseif ($Value[0] -is [System.Int32] -or $Value[0] -is [System.Int64]) { + elseif ($Value[0] -is [System.Int32] -or $Value[0] -is [System.Int64]) + { $attributeValue.IntArrayValue = $Value } } @@ -1217,7 +1243,8 @@ function Create-AttributeValue { } -function Get-CustomSecurityAttributes { +function Get-CustomSecurityAttributes +{ [OutputType([System.Array])] param ( [String]$ServicePrincipalId @@ -1227,15 +1254,18 @@ function Get-CustomSecurityAttributes { $customSecurityAttributes = $customSecurityAttributes.customSecurityAttributes $newCustomSecurityAttributes = @() - foreach ($key in $customSecurityAttributes.Keys) { + foreach ($key in $customSecurityAttributes.Keys) + { $attributeSet = @{ AttributeSetName = $key AttributeValues = @() } - foreach ($attribute in $customSecurityAttributes[$key].Keys) { + foreach ($attribute in $customSecurityAttributes[$key].Keys) + { # Skip properties that end with '@odata.type' - if ($attribute -like "*@odata.type") { + if ($attribute -like '*@odata.type') + { continue } @@ -1276,23 +1306,28 @@ function Get-M365DSCAADServicePrincipalCustomSecurityAttributesAsString { $StringContent += " MSFT_AADServicePrincipalAttributeValue {`r`n" $StringContent += " AttributeName = '" + $attributeValue.AttributeName + "'`r`n" - if ($null -ne $attributeValue.BoolValue){ - $StringContent += " BoolValue = $" + $attributeValue.BoolValue + "`r`n" + if ($null -ne $attributeValue.BoolValue) + { + $StringContent += ' BoolValue = $' + $attributeValue.BoolValue + "`r`n" } - elseif ($null -ne $attributeValue.StringValue){ + elseif ($null -ne $attributeValue.StringValue) + { $StringContent += " StringValue = '" + $attributeValue.StringValue + "'`r`n" } - elseif ($null -ne $attributeValue.IntValue){ - $StringContent += " IntValue = " + $attributeValue.IntValue + "`r`n" + elseif ($null -ne $attributeValue.IntValue) + { + $StringContent += ' IntValue = ' + $attributeValue.IntValue + "`r`n" } - elseif ($null -ne $attributeValue.StringArrayValue){ - $StringContent += " StringArrayValue = @(" - $StringContent += ($attributeValue.StringArrayValue | ForEach-Object { "'$_'" }) -join "," + elseif ($null -ne $attributeValue.StringArrayValue) + { + $StringContent += ' StringArrayValue = @(' + $StringContent += ($attributeValue.StringArrayValue | ForEach-Object { "'$_'" }) -join ',' $StringContent += ")`r`n" } - elseif ($null -ne $attributeValue.IntArrayValue){ - $StringContent += " IntArrayValue = @(" - $StringContent += $attributeValue.IntArrayValue -join "," + elseif ($null -ne $attributeValue.IntArrayValue) + { + $StringContent += ' IntArrayValue = @(' + $StringContent += $attributeValue.IntArrayValue -join ',' $StringContent += ")`r`n" } $StringContent += " }`r`n" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADSocialIdentityProvider/MSFT_AADSocialIdentityProvider.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADSocialIdentityProvider/MSFT_AADSocialIdentityProvider.psm1 index 31ed6bb584..8dd43b269f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADSocialIdentityProvider/MSFT_AADSocialIdentityProvider.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADSocialIdentityProvider/MSFT_AADSocialIdentityProvider.psm1 @@ -17,7 +17,7 @@ function Get-TargetResource $DisplayName, [Parameter()] - [ValidateSet("AADSignup", "EmailOTP", "Microsoft", "MicrosoftAccount", "Google", "Amazon", "LinkedIn", "Facebook", "GitHub", "Twitter", "Weibo", "QQ", "WeChat")] + [ValidateSet('AADSignup', 'EmailOTP', 'Microsoft', 'MicrosoftAccount', 'Google', 'Amazon', 'LinkedIn', 'Facebook', 'GitHub', 'Twitter', 'Weibo', 'QQ', 'WeChat')] [System.String] $IdentityProviderType, @@ -76,7 +76,7 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' $getValue = Get-MgBetaIdentityProvider -Filter "Id eq '$ClientId'" ` - -ErrorAction SilentlyContinue | Where-Object -FilterScript {$_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.socialIdentityProvider'} + -ErrorAction SilentlyContinue | Where-Object -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.socialIdentityProvider' } if ($null -eq $getValue) { @@ -137,7 +137,7 @@ function Set-TargetResource $DisplayName, [Parameter()] - [ValidateSet("AADSignup", "EmailOTP", "Microsoft", "MicrosoftAccount", "Google", "Amazon", "LinkedIn", "Facebook", "GitHub", "Twitter", "Weibo", "QQ", "WeChat")] + [ValidateSet('AADSignup', 'EmailOTP', 'Microsoft', 'MicrosoftAccount', 'Google', 'Amazon', 'LinkedIn', 'Facebook', 'GitHub', 'Twitter', 'Weibo', 'QQ', 'WeChat')] [System.String] $IdentityProviderType, @@ -191,20 +191,20 @@ function Set-TargetResource $BoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters $AdditionalProperties = @{ - '@odata.type' = "microsoft.graph.socialIdentityProvider" + '@odata.type' = 'microsoft.graph.socialIdentityProvider' identityProviderType = $IdentityProviderType } - $BoundParameters.Add("AdditionalProperties", $AdditionalProperties) - $BoundParameters.Remove("IdentityProviderType") | Out-Null + $BoundParameters.Add('AdditionalProperties', $AdditionalProperties) + $BoundParameters.Remove('IdentityProviderType') | Out-Null if ($ClientId) { $BoundParameters.AdditionalProperties.Add('ClientId', $ClientId) - $BoundParameters.Remove("ClientId") | Out-Null + $BoundParameters.Remove('ClientId') | Out-Null } if ($ClientSecret) { $BoundParameters.AdditionalProperties.Add('ClientSecret', $ClientSecret) - $BoundParameters.Remove("ClientSecret") | Out-Null + $BoundParameters.Remove('ClientSecret') | Out-Null } if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { @@ -244,7 +244,7 @@ function Test-TargetResource $DisplayName, [Parameter()] - [ValidateSet("AADSignup", "EmailOTP", "Microsoft", "MicrosoftAccount", "Google", "Amazon", "LinkedIn", "Facebook", "GitHub", "Twitter", "Weibo", "QQ", "WeChat")] + [ValidateSet('AADSignup', 'EmailOTP', 'Microsoft', 'MicrosoftAccount', 'Google', 'Amazon', 'LinkedIn', 'Facebook', 'GitHub', 'Twitter', 'Weibo', 'QQ', 'WeChat')] [System.String] $IdentityProviderType, @@ -364,7 +364,7 @@ function Export-TargetResource try { - [array]$getValue = Get-MgBetaIdentityProvider -All -ErrorAction Stop | Where-Object -FilterScript {$_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.socialIdentityProvider'} + [array]$getValue = Get-MgBetaIdentityProvider -All -ErrorAction Stop | Where-Object -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.socialIdentityProvider' } $i = 1 $dscContent = '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADTenantDetails/MSFT_AADTenantDetails.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADTenantDetails/MSFT_AADTenantDetails.psm1 index ecf50fe040..72a39a5eec 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADTenantDetails/MSFT_AADTenantDetails.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADTenantDetails/MSFT_AADTenantDetails.psm1 @@ -216,7 +216,7 @@ function Set-TargetResource $currentParameters.Add('OrganizationId', $(Get-MgBetaOrganization).Id) try { - Write-Verbose -Message "Calling Update-MGBetaOrganization with parameters:" + Write-Verbose -Message 'Calling Update-MGBetaOrganization with parameters:' Write-Verbose -Message "$(Convert-M365DscHashtableToString -Hashtable $currentParameters)" Update-MgBetaOrganization @currentParameters } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADUser/MSFT_AADUser.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADUser/MSFT_AADUser.psm1 index d4131dd18c..288e5aea9c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADUser/MSFT_AADUser.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADUser/MSFT_AADUser.psm1 @@ -935,104 +935,104 @@ function Export-TargetResource ErrorAction = 'Stop' } $queryTypes = @{ - 'eq' = @('assignedPlans/any(a:a/capabilityStatus)', - 'assignedPlans/any(a:a/service)', - 'assignedPlans/any(a:a/servicePlanId)', - 'authorizationInfo/certificateUserIds/any(p:p)', - 'businessPhones/any(p:p)', - 'companyName', - 'createdObjects/any(c:c/id)', - 'employeeHireDate', - 'employeeOrgData/costCenter', - 'employeeOrgData/division', - 'employeeType', - 'faxNumber', - 'mobilePhone', - 'officeLocation', - 'onPremisesExtensionAttributes/extensionAttribute1', - 'onPremisesExtensionAttributes/extensionAttribute10', - 'onPremisesExtensionAttributes/extensionAttribute11', - 'onPremisesExtensionAttributes/extensionAttribute12', - 'onPremisesExtensionAttributes/extensionAttribute13', - 'onPremisesExtensionAttributes/extensionAttribute14', - 'onPremisesExtensionAttributes/extensionAttribute15', - 'onPremisesExtensionAttributes/extensionAttribute2', - 'onPremisesExtensionAttributes/extensionAttribute3', - 'onPremisesExtensionAttributes/extensionAttribute4', - 'onPremisesExtensionAttributes/extensionAttribute5', - 'onPremisesExtensionAttributes/extensionAttribute6', - 'onPremisesExtensionAttributes/extensionAttribute7', - 'onPremisesExtensionAttributes/extensionAttribute8', - 'onPremisesExtensionAttributes/extensionAttribute9', - 'onPremisesSamAccountName', - 'passwordProfile/forceChangePasswordNextSignIn', - 'passwordProfile/forceChangePasswordNextSignInWithMfa', - 'postalCode', - 'preferredLanguage', - 'provisionedPlans/any(p:p/provisioningStatus)', - 'provisionedPlans/any(p:p/service)', - 'showInAddressList', - 'streetAddress') - - 'startsWith' = @( - 'assignedPlans/any(a:a/service)', - 'businessPhones/any(p:p)', - 'companyName', - 'faxNumber', - 'mobilePhone', - 'officeLocation', - 'onPremisesSamAccountName', - 'postalCode', - 'preferredLanguage', - 'provisionedPlans/any(p:p/service)', - 'streetAddress' - ) - 'ge' = @('employeeHireDate') - 'le' = @('employeeHireDate') - 'eq Null' = @( - 'city', - 'companyName', - 'country', - 'createdDateTime', - 'department', - 'displayName', - 'employeeId', - 'faxNumber', - 'givenName', - 'jobTitle', - 'mail', - 'mailNickname', - 'mobilePhone', - 'officeLocation', - 'onPremisesExtensionAttributes/extensionAttribute1', - 'onPremisesExtensionAttributes/extensionAttribute10', - 'onPremisesExtensionAttributes/extensionAttribute11', - 'onPremisesExtensionAttributes/extensionAttribute12', - 'onPremisesExtensionAttributes/extensionAttribute13', - 'onPremisesExtensionAttributes/extensionAttribute14', - 'onPremisesExtensionAttributes/extensionAttribute15', - 'onPremisesExtensionAttributes/extensionAttribute2', - 'onPremisesExtensionAttributes/extensionAttribute3', - 'onPremisesExtensionAttributes/extensionAttribute4', - 'onPremisesExtensionAttributes/extensionAttribute5', - 'onPremisesExtensionAttributes/extensionAttribute6', - 'onPremisesExtensionAttributes/extensionAttribute7', - 'onPremisesExtensionAttributes/extensionAttribute8', - 'onPremisesExtensionAttributes/extensionAttribute9', - 'onPremisesSecurityIdentifier', - 'onPremisesSyncEnabled', - 'passwordPolicies', - 'passwordProfile/forceChangePasswordNextSignIn', - 'passwordProfile/forceChangePasswordNextSignInWithMfa', - 'postalCode', - 'preferredLanguage', - 'state', - 'streetAddress', - 'surname', - 'usageLocation', - 'userType' - ) - } + 'eq' = @('assignedPlans/any(a:a/capabilityStatus)', + 'assignedPlans/any(a:a/service)', + 'assignedPlans/any(a:a/servicePlanId)', + 'authorizationInfo/certificateUserIds/any(p:p)', + 'businessPhones/any(p:p)', + 'companyName', + 'createdObjects/any(c:c/id)', + 'employeeHireDate', + 'employeeOrgData/costCenter', + 'employeeOrgData/division', + 'employeeType', + 'faxNumber', + 'mobilePhone', + 'officeLocation', + 'onPremisesExtensionAttributes/extensionAttribute1', + 'onPremisesExtensionAttributes/extensionAttribute10', + 'onPremisesExtensionAttributes/extensionAttribute11', + 'onPremisesExtensionAttributes/extensionAttribute12', + 'onPremisesExtensionAttributes/extensionAttribute13', + 'onPremisesExtensionAttributes/extensionAttribute14', + 'onPremisesExtensionAttributes/extensionAttribute15', + 'onPremisesExtensionAttributes/extensionAttribute2', + 'onPremisesExtensionAttributes/extensionAttribute3', + 'onPremisesExtensionAttributes/extensionAttribute4', + 'onPremisesExtensionAttributes/extensionAttribute5', + 'onPremisesExtensionAttributes/extensionAttribute6', + 'onPremisesExtensionAttributes/extensionAttribute7', + 'onPremisesExtensionAttributes/extensionAttribute8', + 'onPremisesExtensionAttributes/extensionAttribute9', + 'onPremisesSamAccountName', + 'passwordProfile/forceChangePasswordNextSignIn', + 'passwordProfile/forceChangePasswordNextSignInWithMfa', + 'postalCode', + 'preferredLanguage', + 'provisionedPlans/any(p:p/provisioningStatus)', + 'provisionedPlans/any(p:p/service)', + 'showInAddressList', + 'streetAddress') + + 'startsWith' = @( + 'assignedPlans/any(a:a/service)', + 'businessPhones/any(p:p)', + 'companyName', + 'faxNumber', + 'mobilePhone', + 'officeLocation', + 'onPremisesSamAccountName', + 'postalCode', + 'preferredLanguage', + 'provisionedPlans/any(p:p/service)', + 'streetAddress' + ) + 'ge' = @('employeeHireDate') + 'le' = @('employeeHireDate') + 'eq Null' = @( + 'city', + 'companyName', + 'country', + 'createdDateTime', + 'department', + 'displayName', + 'employeeId', + 'faxNumber', + 'givenName', + 'jobTitle', + 'mail', + 'mailNickname', + 'mobilePhone', + 'officeLocation', + 'onPremisesExtensionAttributes/extensionAttribute1', + 'onPremisesExtensionAttributes/extensionAttribute10', + 'onPremisesExtensionAttributes/extensionAttribute11', + 'onPremisesExtensionAttributes/extensionAttribute12', + 'onPremisesExtensionAttributes/extensionAttribute13', + 'onPremisesExtensionAttributes/extensionAttribute14', + 'onPremisesExtensionAttributes/extensionAttribute15', + 'onPremisesExtensionAttributes/extensionAttribute2', + 'onPremisesExtensionAttributes/extensionAttribute3', + 'onPremisesExtensionAttributes/extensionAttribute4', + 'onPremisesExtensionAttributes/extensionAttribute5', + 'onPremisesExtensionAttributes/extensionAttribute6', + 'onPremisesExtensionAttributes/extensionAttribute7', + 'onPremisesExtensionAttributes/extensionAttribute8', + 'onPremisesExtensionAttributes/extensionAttribute9', + 'onPremisesSecurityIdentifier', + 'onPremisesSyncEnabled', + 'passwordPolicies', + 'passwordProfile/forceChangePasswordNextSignIn', + 'passwordProfile/forceChangePasswordNextSignInWithMfa', + 'postalCode', + 'preferredLanguage', + 'state', + 'streetAddress', + 'surname', + 'usageLocation', + 'userType' + ) + } # Initialize a flag to indicate whether the filter conditions match the attribute support $allConditionsMatched = $true @@ -1041,12 +1041,16 @@ function Export-TargetResource # Assuming the provided PowerShell script is part of a larger context and the variable $Filter is defined elsewhere # Check if $Filter is not null - if ($Filter) { + if ($Filter) + { # Check each condition in the filter against the support list - foreach ($condition in $Filter.Split(' ')) { - if ($condition -match '(\w+)/(\w+):(\w+)') { + foreach ($condition in $Filter.Split(' ')) + { + if ($condition -match '(\w+)/(\w+):(\w+)') + { $attribute, $operation, $value = $matches[1], $matches[2], $matches[3] - if (-not $queryTypes.ContainsKey($operation) -or -not $queryTypes[$operation].Contains($attribute)) { + if (-not $queryTypes.ContainsKey($operation) -or -not $queryTypes[$operation].Contains($attribute)) + { $allConditionsMatched = $false break } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADUser/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADUser/settings.json index 193babc59d..d337017e0b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADUser/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADUser/settings.json @@ -52,7 +52,6 @@ { "name": "GroupMember.ReadWrite.All" } - ] }, "application": { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADUserFlowAttribute/MSFT_AADUserFlowAttribute.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADUserFlowAttribute/MSFT_AADUserFlowAttribute.psm1 index fe59ebd78f..bfdb34ae58 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADUserFlowAttribute/MSFT_AADUserFlowAttribute.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADUserFlowAttribute/MSFT_AADUserFlowAttribute.psm1 @@ -105,18 +105,18 @@ function Get-TargetResource { Write-Verbose -Message "Found configuration of user flow attribute $($DisplayName)" $result = @{ - Id = $UserFlowAttribute.Id - DisplayName = $UserFlowAttribute.DisplayName - Description = $UserFlowAttribute.Description - DataType = $UserFlowAttribute.DataType - Ensure = 'Present' - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret - Credential = $Credential - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Id = $UserFlowAttribute.Id + DisplayName = $UserFlowAttribute.DisplayName + Description = $UserFlowAttribute.Description + DataType = $UserFlowAttribute.DataType + Ensure = 'Present' + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + Credential = $Credential + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" return $result diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.psm1 index e986ac2baf..841db686a5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.psm1 @@ -58,7 +58,7 @@ function Get-TargetResource ) $ConnectionMode = New-M365DSCConnection -Workload 'AdminAPI' ` - -InboundParameters $PSBoundParameters + -InboundParameters $PSBoundParameters #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -67,8 +67,8 @@ function Get-TargetResource $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') $CommandName = $MyInvocation.MyCommand $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` - -CommandName $CommandName ` - -Parameters $PSBoundParameters + -CommandName $CommandName ` + -Parameters $PSBoundParameters Add-M365DSCTelemetryEvent -Data $data #endregion @@ -82,7 +82,7 @@ function Get-TargetResource } else { - $uri = "https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities" + $uri = 'https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities' $response = Invoke-M365DSCVerifiedIdWebRequest -Uri $uri -Method 'GET' $instances = $response.value } @@ -91,25 +91,25 @@ function Get-TargetResource return $nullResult } - $instance = Get-M365DSCVerifiedIdAuthorityObject -Authority ($instances | Where-Object -FilterScript {$_.didModel.linkedDomainUrls[0] -eq $LinkedDomainUrl}) + $instance = Get-M365DSCVerifiedIdAuthorityObject -Authority ($instances | Where-Object -FilterScript { $_.didModel.linkedDomainUrls[0] -eq $LinkedDomainUrl }) if ($null -eq $instance) { return $nullResult } $results = @{ - Id = $instance.Id - Name = $instance.Name - LinkedDomainUrl = $instance.LinkedDomainUrl - DidMethod = $instance.DidMethod - KeyVaultMetadata = $instance.KeyVaultMetadata - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret - AccessTokens = $AccessTokens + Id = $instance.Id + Name = $instance.Name + LinkedDomainUrl = $instance.LinkedDomainUrl + DidMethod = $instance.DidMethod + KeyVaultMetadata = $instance.KeyVaultMetadata + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results @@ -117,10 +117,10 @@ function Get-TargetResource catch { New-M365DSCLogEntry -Message 'Error retrieving data:' ` - -Exception $_ ` - -Source $($MyInvocation.MyCommand.Source) ` - -TenantId $TenantId ` - -Credential $Credential + -Exception $_ ` + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential return $nullResult } @@ -204,33 +204,33 @@ function Set-TargetResource Write-Verbose -Message "Retrieved current instance: $($currentInstance.Name) with Id $($currentInstance.Id)" $BoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters - $uri = "https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities/" + $currentInstance.Id + $uri = 'https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities/' + $currentInstance.Id if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an VerifiedId Authority with Name {$Name} and Id $($currentInstance.Id)" $body = @{ - name = $Name - linkedDomainUrl = $LinkedDomainUrl - didMethod = $DidMethod - keyVaultMetadata = @{ + name = $Name + linkedDomainUrl = $LinkedDomainUrl + didMethod = $DidMethod + keyVaultMetadata = @{ subscriptionId = $KeyVaultMetadata.SubscriptionId - resourceGroup = $KeyVaultMetadata.ResourceGroup - resourceName = $KeyVaultMetadata.ResourceName - resourceUrl = $KeyVaultMetadata.ResourceUrl + resourceGroup = $KeyVaultMetadata.ResourceGroup + resourceName = $KeyVaultMetadata.ResourceName + resourceUrl = $KeyVaultMetadata.ResourceUrl } } Write-Verbose -Message "Creating VerifiedId Authority with body $($body | ConvertTo-Json -Depth 5)" - $uri = "https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities" + $uri = 'https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities' Invoke-M365DSCVerifiedIdWebRequest -Uri $uri -Method 'POST' -Body $body } elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating an VerifiedId Authority with Name {$Name} and Id $($currentInstance.Id)" - Write-Warning -Message "You can only update Name of the VerifiedId Authority, if you want to update other properties, please delete and recreate the VerifiedId Authority." + Write-Warning -Message 'You can only update Name of the VerifiedId Authority, if you want to update other properties, please delete and recreate the VerifiedId Authority.' $body = @{ name = $Name } @@ -240,7 +240,7 @@ function Set-TargetResource { Write-Verbose -Message "Removing VerifiedId Authority with Name {$Name} and Id $($currentInstance.Id)" - $uri = "https://verifiedid.did.msidentity.com/beta/verifiableCredentials/authorities/" + $currentInstance.Id + $uri = 'https://verifiedid.did.msidentity.com/beta/verifiableCredentials/authorities/' + $currentInstance.Id Invoke-M365DSCVerifiedIdWebRequest -Uri $uri -Method 'DELETE' } } @@ -340,7 +340,8 @@ function Test-TargetResource Write-Verbose "TestResult returned False for $source" $testTargetResource = $false } - else { + else + { $ValuesToCheck.Remove($key) | Out-Null } } @@ -350,12 +351,12 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys ` - -IncludedDrifts $driftedParams + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys ` + -IncludedDrifts $driftedParams - if(-not $TestResult) + if (-not $TestResult) { $testTargetResource = $false } @@ -424,7 +425,7 @@ function Export-TargetResource try { $Script:ExportMode = $true - $uri = "https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities" + $uri = 'https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities' $response = Invoke-M365DSCVerifiedIdWebRequest -Uri $uri -Method 'GET' [array] $Script:exportedInstances = $response.value @@ -450,21 +451,21 @@ function Export-TargetResource if ($Results.Ensure -eq 'Present') { $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results + -Results $Results if ($null -ne $Results.KeyVaultMetadata) { $complexMapping = @( @{ - Name = 'KeyVaultMetadata' + Name = 'KeyVaultMetadata' CimInstanceName = 'AADVerifiedIdAuthorityKeyVaultMetadata' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.KeyVaultMetadata ` - -CIMInstanceName 'AADVerifiedIdAuthorityKeyVaultMetadata' ` - -ComplexTypeMapping $complexMapping + -ComplexObject $Results.KeyVaultMetadata ` + -CIMInstanceName 'AADVerifiedIdAuthorityKeyVaultMetadata' ` + -ComplexTypeMapping $complexMapping if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { @@ -478,19 +479,19 @@ function Export-TargetResource $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` - -ConnectionMode $ConnectionMode ` - -ModulePath $PSScriptRoot ` - -Results $Results ` - -Credential $Credential + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $Results ` + -Credential $Credential if ($Results.KeyVaultMetadata) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "KeyVaultMetadata" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'KeyVaultMetadata' -IsCIMArray:$False } $dscContent.Append($currentDSCBlock) | Out-Null Save-M365DSCPartialExport -Content $currentDSCBlock ` - -FileName $Global:PartialExportFileName + -FileName $Global:PartialExportFileName Write-Host $Global:M365DSCEmojiGreenCheckMark $i++ } @@ -527,20 +528,20 @@ function Get-M365DSCVerifiedIdAuthorityObject } Write-Verbose -Message "Retrieving values for authority {$($Authority.didModel.linkedDomainUrls[0])}" - $did = ($Authority.didModel.did -split ":")[1] + $did = ($Authority.didModel.did -split ':')[1] $values = @{ - Id = $Authority.Id - Name = $Authority.Name - LinkedDomainUrl = $Authority.didModel.linkedDomainUrls[0] - DidMethod = $did + Id = $Authority.Id + Name = $Authority.Name + LinkedDomainUrl = $Authority.didModel.linkedDomainUrls[0] + DidMethod = $did } if ($null -ne $Authority.KeyVaultMetadata) { $KeyVaultMetadata = @{ SubscriptionId = $Authority.KeyVaultMetadata.SubscriptionId - ResourceGroup = $Authority.KeyVaultMetadata.ResourceGroup - ResourceName = $Authority.KeyVaultMetadata.ResourceName - ResourceUrl = $Authority.KeyVaultMetadata.ResourceUrl + ResourceGroup = $Authority.KeyVaultMetadata.ResourceGroup + ResourceName = $Authority.KeyVaultMetadata.ResourceName + ResourceUrl = $Authority.KeyVaultMetadata.ResourceUrl } $values.Add('KeyVaultMetadata', $KeyVaultMetadata) @@ -567,20 +568,21 @@ function Invoke-M365DSCVerifiedIdWebRequest ) $headers = @{ - Authorization = $Global:MSCloudLoginConnectionProfile.AdminAPI.AccessToken - "Content-Type" = "application/json" + Authorization = $Global:MSCloudLoginConnectionProfile.AdminAPI.AccessToken + 'Content-Type' = 'application/json' } - if($Method -eq 'PATCH' -or $Method -eq 'POST') + if ($Method -eq 'PATCH' -or $Method -eq 'POST') { - $BodyJson = $body | ConvertTo-Json + $BodyJson = $body | ConvertTo-Json $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers -Body $BodyJson } - else { - $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers + else + { + $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers } - if($Method -eq 'DELETE') + if ($Method -eq 'DELETE') { return $null } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.schema.mof index f22542ecdd..bafc19c954 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.schema.mof @@ -1,5 +1,5 @@ [ClassVersion("1.0.0")] -class MSFT_AADVerifiedIdAuthorityKeyVaultMetadata +class MSFT_AADVerifiedIdAuthorityKeyVaultMetadata { [Write, Description("Subscription ID of the Key Vault.")] String SubscriptionId; [Write, Description("Resource group of the Key Vault.")] String ResourceGroup; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/settings.json index cf3ac1ac16..4688a09823 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/settings.json @@ -1,17 +1,16 @@ { "resourceName": "AADVerifiedIdAuthority", "description": "This resource configures an Azure AD Verified Identity Authority.", - "permissions": { - "graph": { - "delegated": { - "read": [], - "update": [] - }, - "application": { - "read": [], - "update": [] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [], + "update": [] + }, + "application": { + "read": [], + "update": [] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthorityContract/MSFT_AADVerifiedIdAuthorityContract.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthorityContract/MSFT_AADVerifiedIdAuthorityContract.psm1 index 1282f29af5..798db5e0fb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthorityContract/MSFT_AADVerifiedIdAuthorityContract.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthorityContract/MSFT_AADVerifiedIdAuthorityContract.psm1 @@ -63,7 +63,7 @@ function Get-TargetResource ) $ConnectionMode = New-M365DSCConnection -Workload 'AdminAPI' ` - -InboundParameters $PSBoundParameters + -InboundParameters $PSBoundParameters #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -72,8 +72,8 @@ function Get-TargetResource $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') $CommandName = $MyInvocation.MyCommand $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` - -CommandName $CommandName ` - -Parameters $PSBoundParameters + -CommandName $CommandName ` + -Parameters $PSBoundParameters Add-M365DSCTelemetryEvent -Data $data #endregion @@ -87,14 +87,14 @@ function Get-TargetResource } else { - $uri = "https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities" + $uri = 'https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities' $response = Invoke-M365DSCVerifiedIdWebRequest -Uri $uri -Method 'GET' $authorities = $response.value if ($null -eq $authorities) { return $nullResult } - $authority = Get-M365DSCVerifiedIdAuthorityObject -Authority ($authorities | Where-Object -FilterScript {$_.didModel.linkedDomainUrls[0] -eq $linkedDomainUrl}) + $authority = Get-M365DSCVerifiedIdAuthorityObject -Authority ($authorities | Where-Object -FilterScript { $_.didModel.linkedDomainUrls[0] -eq $linkedDomainUrl }) if ($null -eq $authority) { @@ -110,26 +110,26 @@ function Get-TargetResource return $nullResult } - $contract = Get-M365DSCVerifiedIdAuthorityContractObject -Contract ($contracts | Where-Object -FilterScript {$_.name -eq $name}) + $contract = Get-M365DSCVerifiedIdAuthorityContractObject -Contract ($contracts | Where-Object -FilterScript { $_.name -eq $name }) if ($null -eq $contract) { return $nullResult } $results = @{ - id = $contract.id - name = $contract.name - linkedDomainUrl = $linkedDomainUrl - authorityId = $authority.Id - displays = $contract.displays - rules = $contract.rules - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret - AccessTokens = $AccessTokens + id = $contract.id + name = $contract.name + linkedDomainUrl = $linkedDomainUrl + authorityId = $authority.Id + displays = $contract.displays + rules = $contract.rules + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results @@ -137,10 +137,10 @@ function Get-TargetResource catch { New-M365DSCLogEntry -Message 'Error retrieving data:' ` - -Exception $_ ` - -Source $($MyInvocation.MyCommand.Source) ` - -TenantId $TenantId ` - -Credential $Credential + -Exception $_ ` + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential return $nullResult } @@ -231,11 +231,11 @@ function Set-TargetResource $rulesHashmap = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $rules $displaysHashmap = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $displays - if($rulesHashmap.attestations.idTokens -ne $null) + if ($rulesHashmap.attestations.idTokens -ne $null) { - foreach($idToken in $rulesHashmap.attestations.idTokens) + foreach ($idToken in $rulesHashmap.attestations.idTokens) { - if($idToken.scopeValue -ne $null) + if ($idToken.scopeValue -ne $null) { $idToken.Add('scope', $idToken.scopeValue) $idToken.Remove('scopeValue') | Out-Null @@ -245,16 +245,16 @@ function Set-TargetResource } $body = @{ - name = $Name - rules = $rulesHashmap + name = $Name + rules = $rulesHashmap displays = $displaysHashmap } if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { - $uri = "https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities" + $uri = 'https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities' $response = Invoke-M365DSCVerifiedIdWebRequest -Uri $uri -Method 'GET' $authorities = $response.value - $authority = Get-M365DSCVerifiedIdAuthorityObject -Authority ($authorities | Where-Object -FilterScript {$_.didModel.linkedDomainUrls[0] -eq $linkedDomainUrl}) + $authority = Get-M365DSCVerifiedIdAuthorityObject -Authority ($authorities | Where-Object -FilterScript { $_.didModel.linkedDomainUrls[0] -eq $linkedDomainUrl }) Write-Verbose -Message "Creating an VerifiedId Authority Contract with Name {$name} for Authority Id $($authority.Id)" @@ -270,7 +270,7 @@ function Set-TargetResource } elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { - Write-Warning -Message "Removal of Contracts is not supported" + Write-Warning -Message 'Removal of Contracts is not supported' } } @@ -374,7 +374,8 @@ function Test-TargetResource Write-Verbose "TestResult returned False for $source" $testTargetResource = $false } - else { + else + { $ValuesToCheck.Remove($key) | Out-Null } } @@ -384,12 +385,12 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys ` - -IncludedDrifts $driftedParams + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys ` + -IncludedDrifts $driftedParams - if(-not $TestResult) + if (-not $TestResult) { $testTargetResource = $false } @@ -458,7 +459,7 @@ function Export-TargetResource try { $Script:ExportMode = $true - $uri = "https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities" + $uri = 'https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities' $response = Invoke-M365DSCVerifiedIdWebRequest -Uri $uri -Method 'GET' [array] $authorities = $response.value @@ -471,7 +472,7 @@ function Export-TargetResource $response = Invoke-M365DSCVerifiedIdWebRequest -Uri $uri -Method 'GET' $contracts = $response.value - foreach($contract in $contracts) + foreach ($contract in $contracts) { $Script:exportedInstances += $contract @@ -498,41 +499,41 @@ function Export-TargetResource if ($Results.Ensure -eq 'Present') { $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results + -Results $Results if ($null -ne $Results.displays) { $complexMapping = @( @{ - Name = 'displays' + Name = 'displays' CimInstanceName = 'AADVerifiedIdAuthorityContractDisplayModel' - IsRequired = $False + IsRequired = $False } @{ - Name = 'logo' + Name = 'logo' CimInstanceName = 'AADVerifiedIdAuthorityContractDisplayCredentialLogo' - IsRequired = $False + IsRequired = $False } @{ - Name = 'card' + Name = 'card' CimInstanceName = 'AADVerifiedIdAuthorityContractDisplayCard' - IsRequired = $False + IsRequired = $False } @{ - Name = 'consent' + Name = 'consent' CimInstanceName = 'AADVerifiedIdAuthorityContractDisplayConsent' - IsRequired = $False + IsRequired = $False } @{ - Name = 'claims' + Name = 'claims' CimInstanceName = 'AADVerifiedIdAuthorityContractDisplayClaims' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.displays ` - -CIMInstanceName 'AADVerifiedIdAuthorityContractDisplayModel' ` - -ComplexTypeMapping $complexMapping + -ComplexObject $Results.displays ` + -CIMInstanceName 'AADVerifiedIdAuthorityContractDisplayModel' ` + -ComplexTypeMapping $complexMapping if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { @@ -549,60 +550,60 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'rules' + Name = 'rules' CimInstanceName = 'AADVerifiedIdAuthorityContractRulesModel' - IsRequired = $False + IsRequired = $False } @{ - Name = 'attestations' + Name = 'attestations' CimInstanceName = 'AADVerifiedIdAuthorityContractAttestations' - IsRequired = $False + IsRequired = $False } @{ - Name = 'vc' + Name = 'vc' CimInstanceName = 'AADVerifiedIdAuthorityContractVcType' - IsRequired = $False + IsRequired = $False } @{ - Name = 'customStatusEndpoint' + Name = 'customStatusEndpoint' CimInstanceName = 'AADVerifiedIdAuthorityContractCustomStatusEndpoint' - IsRequired = $False + IsRequired = $False } @{ - Name = 'idTokenHints' + Name = 'idTokenHints' CimInstanceName = 'AADVerifiedIdAuthorityContractAttestationValues' - IsRequired = $False + IsRequired = $False } @{ - Name = 'idTokens' + Name = 'idTokens' CimInstanceName = 'AADVerifiedIdAuthorityContractAttestationValues' - IsRequired = $False + IsRequired = $False } @{ - Name = 'presentations' + Name = 'presentations' CimInstanceName = 'AADVerifiedIdAuthorityContractAttestationValues' - IsRequired = $False + IsRequired = $False } @{ - Name = 'selfIssued' + Name = 'selfIssued' CimInstanceName = 'AADVerifiedIdAuthorityContractAttestationValues' - IsRequired = $False + IsRequired = $False } @{ - Name = 'accessTokens' + Name = 'accessTokens' CimInstanceName = 'AADVerifiedIdAuthorityContractAttestationValues' - IsRequired = $False + IsRequired = $False } @{ - Name = 'mapping' + Name = 'mapping' CimInstanceName = 'AADVerifiedIdAuthorityContractClaimMapping' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` - -ComplexObject $Results.rules` - -CIMInstanceName 'AADVerifiedIdAuthorityContractRulesModel' ` - -ComplexTypeMapping $complexMapping + -ComplexObject $Results.rules` + -CIMInstanceName 'AADVerifiedIdAuthorityContractRulesModel' ` + -ComplexTypeMapping $complexMapping if (-not [String]::IsNullOrWhiteSpace($complexTypeStringResult)) { @@ -616,24 +617,24 @@ function Export-TargetResource $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` - -ConnectionMode $ConnectionMode ` - -ModulePath $PSScriptRoot ` - -Results $Results ` - -Credential $Credential + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $Results ` + -Credential $Credential if ($Results.displays) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "displays" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'displays' -IsCIMArray:$true } if ($Results.rules) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "rules" -IsCIMArray:$false + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'rules' -IsCIMArray:$false } $dscContent.Append($currentDSCBlock) | Out-Null Save-M365DSCPartialExport -Content $currentDSCBlock ` - -FileName $Global:PartialExportFileName + -FileName $Global:PartialExportFileName Write-Host $Global:M365DSCEmojiGreenCheckMark $i++ } @@ -672,8 +673,8 @@ function Get-M365DSCVerifiedIdAuthorityContractObject Write-Verbose -Message "Retrieving values for contract {$($Contract.name)}" $values = @{ - id = $Contract.id - name = $Contract.name + id = $Contract.id + name = $Contract.name } if ($null -ne $Contract.displays) { @@ -686,27 +687,27 @@ function Get-M365DSCVerifiedIdAuthorityContractObject $claims += @{ claim = $claim.claim label = $claim.label - type = $claim.type + type = $claim.type } } $displays += @{ - locale = $display.locale - card = @{ - title = $display.card.title - issuedBy = $display.card.issuedBy + locale = $display.locale + card = @{ + title = $display.card.title + issuedBy = $display.card.issuedBy backgroundColor = $display.card.backgroundColor - textColor = $display.card.textColor - logo = @{ - uri = $display.card.logo.uri + textColor = $display.card.textColor + logo = @{ + uri = $display.card.logo.uri description = $display.card.logo.description } - description = $display.card.description + description = $display.card.description } consent = @{ - title = $display.consent.title + title = $display.consent.title instructions = $display.consent.instructions } - claims = $claims + claims = $claims } } @@ -718,78 +719,78 @@ function Get-M365DSCVerifiedIdAuthorityContractObject { $rules = @{} $attestations = @{} - if($null -ne $Contract.rules.attestations.idTokenHints) + if ($null -ne $Contract.rules.attestations.idTokenHints) { $idTokenHints = @() - foreach($idTokenHint in $Contract.rules.attestations.idTokenHints) + foreach ($idTokenHint in $Contract.rules.attestations.idTokenHints) { $mapping = @() - foreach($map in $idTokenHint.mapping) + foreach ($map in $idTokenHint.mapping) { $mapping += @{ outputClaim = $map.outputClaim - inputClaim = $map.inputClaim - required = $map.required - indexed = $map.indexed - type = $map.type + inputClaim = $map.inputClaim + required = $map.required + indexed = $map.indexed + type = $map.type } } $idTokenHints += @{ - required = $idTokenHint.required - mapping = $mapping + required = $idTokenHint.required + mapping = $mapping trustedIssuers = $idTokenHint.trustedIssuers } } $attestations.Add('idTokenHints', $idTokenHints) } - if($null -ne $Contract.rules.attestations.idTokens) + if ($null -ne $Contract.rules.attestations.idTokens) { $idTokens = @() - foreach($idToken in $Contract.rules.attestations.idTokens) + foreach ($idToken in $Contract.rules.attestations.idTokens) { $mapping = @() - foreach($map in $idToken.mapping) + foreach ($map in $idToken.mapping) { $mapping += @{ outputClaim = $map.outputClaim - inputClaim = $map.inputClaim - required = $map.required - indexed = $map.indexed - type = $map.type + inputClaim = $map.inputClaim + required = $map.required + indexed = $map.indexed + type = $map.type } } $idTokens += @{ - required = $idToken.required - mapping = $mapping + required = $idToken.required + mapping = $mapping configuration = $idToken.configuration - clientId = $idToken.clientId - redirectUri = $idToken.redirectUri - scopeValue = $idToken.scope + clientId = $idToken.clientId + redirectUri = $idToken.redirectUri + scopeValue = $idToken.scope } } $attestations.Add('idTokens', $idTokens) } - if($null -ne $Contract.rules.attestations.presentations) + if ($null -ne $Contract.rules.attestations.presentations) { $presentations = @() - foreach($presentation in $Contract.rules.attestations.presentations) + foreach ($presentation in $Contract.rules.attestations.presentations) { $mapping = @() - foreach($map in $presentation.mapping) + foreach ($map in $presentation.mapping) { $mapping += @{ outputClaim = $map.outputClaim - inputClaim = $map.inputClaim - required = $map.required - indexed = $map.indexed - type = $map.type + inputClaim = $map.inputClaim + required = $map.required + indexed = $map.indexed + type = $map.type } } $presentations += @{ - required = $presentation.required - mapping = $mapping + required = $presentation.required + mapping = $mapping trustedIssuers = $presentation.trustedIssuers credentialType = $presentation.credentialType } @@ -797,49 +798,49 @@ function Get-M365DSCVerifiedIdAuthorityContractObject $attestations.Add('presentations', $presentations) } - if($null -ne $Contract.rules.attestations.selfIssued) + if ($null -ne $Contract.rules.attestations.selfIssued) { $mySelfIssueds = @() - foreach($mySelfIssued in $Contract.rules.attestations.selfIssued) + foreach ($mySelfIssued in $Contract.rules.attestations.selfIssued) { $mapping = @() - foreach($map in $mySelfIssued.mapping) + foreach ($map in $mySelfIssued.mapping) { $mapping += @{ outputClaim = $map.outputClaim - inputClaim = $map.inputClaim - required = $map.required - indexed = $map.indexed - type = $map.type + inputClaim = $map.inputClaim + required = $map.required + indexed = $map.indexed + type = $map.type } } $mySelfIssueds += @{ required = $mySelfIssued.required - mapping = $mapping + mapping = $mapping } } $attestations.Add('selfIssued', $mySelfIssueds) } - if($null -ne $Contract.rules.attestations.accessTokens) + if ($null -ne $Contract.rules.attestations.accessTokens) { $accessTokens = @() - foreach($accessToken in $Contract.rules.attestations.accessTokens) + foreach ($accessToken in $Contract.rules.attestations.accessTokens) { $mapping = @() - foreach($map in $accessToken.mapping) + foreach ($map in $accessToken.mapping) { $mapping += @{ outputClaim = $map.outputClaim - inputClaim = $map.inputClaim - required = $map.required - indexed = $map.indexed - type = $map.type + inputClaim = $map.inputClaim + required = $map.required + indexed = $map.indexed + type = $map.type } } $accessTokens += @{ required = $accessToken.required - mapping = $mapping + mapping = $mapping } } $attestations.Add('accessTokens', $accessTokens) @@ -848,8 +849,8 @@ function Get-M365DSCVerifiedIdAuthorityContractObject $rules.Add('attestations', $attestations) $rules.Add('vc', @{ - type = $Contract.rules.vc.type - }) + type = $Contract.rules.vc.type + }) $rules.Add('validityInterval', $Contract.rules.validityInterval) $values.Add('rules', $rules) @@ -874,20 +875,20 @@ function Get-M365DSCVerifiedIdAuthorityObject } Write-Verbose -Message "Retrieving values for authority {$($Authority.didModel.linkedDomainUrls[0])}" - $did = ($Authority.didModel.did -split ":")[1] + $did = ($Authority.didModel.did -split ':')[1] $values = @{ - Id = $Authority.Id - Name = $Authority.Name - LinkedDomainUrl = $Authority.didModel.linkedDomainUrls[0] - DidMethod = $did + Id = $Authority.Id + Name = $Authority.Name + LinkedDomainUrl = $Authority.didModel.linkedDomainUrls[0] + DidMethod = $did } if ($null -ne $Authority.KeyVaultMetadata) { $KeyVaultMetadata = @{ SubscriptionId = $Authority.KeyVaultMetadata.SubscriptionId - ResourceGroup = $Authority.KeyVaultMetadata.ResourceGroup - ResourceName = $Authority.KeyVaultMetadata.ResourceName - ResourceUrl = $Authority.KeyVaultMetadata.ResourceUrl + ResourceGroup = $Authority.KeyVaultMetadata.ResourceGroup + ResourceName = $Authority.KeyVaultMetadata.ResourceName + ResourceUrl = $Authority.KeyVaultMetadata.ResourceUrl } $values.Add('KeyVaultMetadata', $KeyVaultMetadata) @@ -914,20 +915,21 @@ function Invoke-M365DSCVerifiedIdWebRequest ) $headers = @{ - Authorization = $Global:MSCloudLoginConnectionProfile.AdminAPI.AccessToken - "Content-Type" = "application/json" + Authorization = $Global:MSCloudLoginConnectionProfile.AdminAPI.AccessToken + 'Content-Type' = 'application/json' } - if($Method -eq 'PATCH' -or $Method -eq 'POST') + if ($Method -eq 'PATCH' -or $Method -eq 'POST') { $BodyJson = $body | ConvertTo-Json -Depth 10 $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers -Body $BodyJson } - else { - $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers + else + { + $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers } - if($Method -eq 'DELETE') + if ($Method -eq 'DELETE') { return $null } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_ADOOrganizationOwner/MSFT_ADOOrganizationOwner.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_ADOOrganizationOwner/MSFT_ADOOrganizationOwner.psm1 index db746c4549..2302879004 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_ADOOrganizationOwner/MSFT_ADOOrganizationOwner.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_ADOOrganizationOwner/MSFT_ADOOrganizationOwner.psm1 @@ -61,7 +61,7 @@ function Get-TargetResource $uri = "https://vsaex.dev.azure.com/$OrganizationName/_apis/userentitlements?api-version=7.2-preview.4" $allUsers = Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri - $ownerInfo = $allUsers.Items | Where-Object -FilterScript {$_.id -eq $organizationInfo.owner} + $ownerInfo = $allUsers.Items | Where-Object -FilterScript { $_.id -eq $organizationInfo.owner } $results = @{ OrganizationName = $OrganizationName @@ -140,17 +140,17 @@ function Set-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Retrieving all users." + Write-Verbose -Message 'Retrieving all users.' $uri = "https://vsaex.dev.azure.com/$OrganizationName/_apis/userentitlements?api-version=7.2-preview.4" $allUsers = Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri - $ownerInfo = $allUsers.items | Where-Object -FilterScript {$_.user.principalName -eq $Owner} + $ownerInfo = $allUsers.items | Where-Object -FilterScript { $_.user.principalName -eq $Owner } if ($null -ne $ownerInfo) { Write-Verbose -Message "Updating owner for organization {$OrganizationName} to {$($ownerInfo.id)}" $body = "[{`"from`":`"`",`"op`":2,`"path`":`"/Owner`",`"value`":`"$($ownerInfo.id)`"}]" - $uri ='https://vssps.dev.azure.com/O365DSC-Dev/_apis/Organization/Collections/Me?api-version=7.1-preview.1' + $uri = 'https://vssps.dev.azure.com/O365DSC-Dev/_apis/Organization/Collections/Me?api-version=7.1-preview.1' Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method PATCH -Body $body } else diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_ADOPermissionGroup/MSFT_ADOPermissionGroup.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_ADOPermissionGroup/MSFT_ADOPermissionGroup.psm1 index ea47dd6dec..b09d2f4cca 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_ADOPermissionGroup/MSFT_ADOPermissionGroup.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_ADOPermissionGroup/MSFT_ADOPermissionGroup.psm1 @@ -90,12 +90,12 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($Descriptor)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.descriptor -eq $Descriptor} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.descriptor -eq $Descriptor } } if ($null -eq $instance) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.principalName -eq $PrincipalName} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.principalName -eq $PrincipalName } } } else @@ -104,11 +104,11 @@ function Get-TargetResource $allInstances = (Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri).value if (-not [System.String]::IsNullOrEmpty($Descriptor)) { - $instance = $allInstances | Where-Object -FilterScript {$_.descriptor -eq $Descriptor} + $instance = $allInstances | Where-Object -FilterScript { $_.descriptor -eq $Descriptor } } if ($null -eq $instance) { - $instance = $allInstances | Where-Object -FilterScript {$_.principalName -eq $PrincipalName} + $instance = $allInstances | Where-Object -FilterScript { $_.principalName -eq $PrincipalName } } } if ($null -eq $instance) @@ -262,7 +262,7 @@ function Set-TargetResource elseif ($Level -eq 'Project') { $projectName = $PrincipalName.Split(']')[0] - $projectName = $projectName.Substring(1, $projectName.Length -1) + $projectName = $projectName.Substring(1, $projectName.Length - 1) $uri = "https://dev.azure.com/$($OrganizationName)/_apis/projects/$($ProjectName)?api-version=7.1" $response = Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri $projectId = $response.id @@ -276,13 +276,13 @@ function Set-TargetResource $newGroup = Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method POST -Body $body -ContentType 'application/json' } - Write-Host "NEWGROUP::: $($newGroup | fl * | Out-String)" + Write-Host "NEWGROUP::: $($newGroup | Format-List * | Out-String)" foreach ($member in $Members) { Write-Verbose -Message "Adding Member {$member} to group ${$PrincipalName}" Set-M365DSCADOPermissionGroupMember -OrganizationName $OrganizationName ` - -GroupId $newGroup.originId ` - -PrincipalName $member + -GroupId $newGroup.originId ` + -PrincipalName $member } } # UPDATE @@ -302,17 +302,17 @@ function Set-TargetResource { Write-Verbose -Message "Adding Member {$($diff.InputObject)} to group ${$PrincipalName}" Set-M365DSCADOPermissionGroupMember -OrganizationName $OrganizationName ` - -GroupId $currentInstance.Id ` - -PrincipalName $diff.InputObject ` - -Method 'PUT' + -GroupId $currentInstance.Id ` + -PrincipalName $diff.InputObject ` + -Method 'PUT' } else { Write-Verbose -Message "Removing Member {$($diff.InputObject)} to group ${$PrincipalName}" Set-M365DSCADOPermissionGroupMember -OrganizationName $OrganizationName ` - -GroupId $currentInstance.Id ` - -PrincipalName $diff.InputObject ` - -Method 'DELETE' + -GroupId $currentInstance.Id ` + -PrincipalName $diff.InputObject ` + -Method 'DELETE' } } } @@ -527,7 +527,7 @@ function Export-TargetResource AccessTokens = $AccessTokens } - if (-not $config.principalName.StartsWith("[TEAM FOUNDATION]")) + if (-not $config.principalName.StartsWith('[TEAM FOUNDATION]')) { $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` @@ -587,7 +587,7 @@ function Set-M365DSCADOPermissionGroupMember $uri = "https://vsaex.dev.azure.com/$($OrganizationName)/_apis/userentitlements?api-version=7.2-preview.4" $Script:allUsers = Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri } - $user = $Script:allUsers.items | Where-Object -FilterScript {$_.user.principalName -eq $PrincipalName} + $user = $Script:allUsers.items | Where-Object -FilterScript { $_.user.principalName -eq $PrincipalName } $UserId = $user.id $uri = "https://vsaex.dev.azure.com/$($OrganizationName)/_apis/GroupEntitlements/$($GroupId)/members/$($UserId)?api-version=5.0-preview.1" Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method $Method | Out-Null diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_ADOPermissionGroupSettings/MSFT_ADOPermissionGroupSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_ADOPermissionGroupSettings/MSFT_ADOPermissionGroupSettings.psm1 index c405642904..1c1a414033 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_ADOPermissionGroupSettings/MSFT_ADOPermissionGroupSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_ADOPermissionGroupSettings/MSFT_ADOPermissionGroupSettings.psm1 @@ -71,12 +71,12 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($Descriptor)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.descriptor -eq $Descriptor} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.descriptor -eq $Descriptor } } if ($null -eq $instance) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.principalName -eq $PrincipalName} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.principalName -eq $PrincipalName } } } else @@ -85,11 +85,11 @@ function Get-TargetResource $allInstances = (Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri).value if (-not [System.String]::IsNullOrEmpty($Descriptor)) { - $instance = $allInstances | Where-Object -FilterScript {$_.descriptor -eq $Descriptor} + $instance = $allInstances | Where-Object -FilterScript { $_.descriptor -eq $Descriptor } } if ($null -eq $instance) { - $instance = $allInstances | Where-Object -FilterScript {$_.principalName -eq $PrincipalName} + $instance = $allInstances | Where-Object -FilterScript { $_.principalName -eq $PrincipalName } } } if ($null -eq $instance) @@ -216,21 +216,21 @@ function Set-TargetResource { $allowPermissionValue = 0 $denyPermissionValue = 0 - $allowPermissionsEntries = $AllowPermissions | Where-Object -FilterScript {$_.NamespaceId -eq $namespace.namespaceId} + $allowPermissionsEntries = $AllowPermissions | Where-Object -FilterScript { $_.NamespaceId -eq $namespace.namespaceId } foreach ($entry in $allowPermissionsEntries) { $allowPermissionValue += [Uint32]::Parse($entry.Bit) } - $denyPermissionsEntries = $DenyPermissions | Where-Object -FilterScript {$_.NamespaceId -eq $namespace.namespaceId} + $denyPermissionsEntries = $DenyPermissions | Where-Object -FilterScript { $_.NamespaceId -eq $namespace.namespaceId } foreach ($entry in $denyPermissionsEntries) { $denyPermissionValue += [Uint32]::Parse($entry.Bit) } $updateParams = @{ - merge = $false - token = $namespace.token + merge = $false + token = $namespace.token accessControlEntries = @( @{ descriptor = $descriptor @@ -244,9 +244,9 @@ function Set-TargetResource $body = ConvertTo-Json $updateParams -Depth 10 -Compress Write-Verbose -Message "Updating with payload:`r`n$body" Invoke-M365DSCAzureDevOPSWebRequest -Method POST ` - -Uri $uri ` - -Body $body ` - -ContentType 'application/json' + -Uri $uri ` + -Body $body ` + -ContentType 'application/json' } } @@ -320,10 +320,10 @@ function Test-TargetResource $testResult = $true foreach ($permission in $AllowPermissions) { - $instance = $CurrentValues.AllowPermissions | Where-Object -FilterScript {$_.Token -eq $permission.Token -and ` - $_.DisplayName -eq $permission.DisplayName -and ` - $_.Bit -eq $permission.Bit -and ` - $_.NamespaceId -eq $permission.NamespaceId} + $instance = $CurrentValues.AllowPermissions | Where-Object -FilterScript { $_.Token -eq $permission.Token -and ` + $_.DisplayName -eq $permission.DisplayName -and ` + $_.Bit -eq $permission.Bit -and ` + $_.NamespaceId -eq $permission.NamespaceId } if ($null -eq $instance) { $testResult = $false @@ -333,10 +333,10 @@ function Test-TargetResource foreach ($permission in $DenyPermissions) { - $instance = $CurrentValues.DenyPermissions | Where-Object -FilterScript {$_.Token -eq $permission.Token -and ` - $_.DisplayName -eq $permission.DisplayName -and ` - $_.Bit -eq $permission.Bit -and ` - $_.NamespaceId -eq $permission.NamespaceId} + $instance = $CurrentValues.DenyPermissions | Where-Object -FilterScript { $_.Token -eq $permission.Token -and ` + $_.DisplayName -eq $permission.DisplayName -and ` + $_.Bit -eq $permission.Bit -and ` + $_.NamespaceId -eq $permission.NamespaceId } if ($null -eq $instance) { $testResult = $false @@ -466,7 +466,7 @@ function Export-TargetResource AccessTokens = $AccessTokens } - if (-not $config.principalName.StartsWith("[TEAM FOUNDATION]")) + if (-not $config.principalName.StartsWith('[TEAM FOUNDATION]')) { $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` @@ -545,7 +545,7 @@ function Get-M365DSCADOGroupPermission { $uri = "https://vssps.dev.azure.com/$($OrganizationName)/_apis/graph/groups?api-version=7.1-preview.1" $groupInfo = Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri - $mygroup = $groupInfo.value | Where-Object -FilterScript {$_.principalName -eq $GroupName} + $mygroup = $groupInfo.value | Where-Object -FilterScript { $_.principalName -eq $GroupName } $uri = "https://vssps.dev.azure.com/$($OrganizationName)/_apis/identities?subjectDescriptors=$($mygroup.descriptor)&api-version=7.2-preview.1" $info = Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri @@ -590,11 +590,11 @@ function Get-M365DSCADOGroupPermission $bitMaskPositionsFound += $value } - } while($position -ge 0 -and ($position+1) -le $allowBinary.Length) + } while ($position -ge 0 -and ($position + 1) -le $allowBinary.Length) foreach ($bitmask in $bitMaskPositionsFound) { - $associatedAction = $namespace.actions | Where-Object -FilterScript {[Convert]::ToString($_.bit,2) -eq $bitmask} + $associatedAction = $namespace.actions | Where-Object -FilterScript { [Convert]::ToString($_.bit, 2) -eq $bitmask } if (-not [System.String]::IsNullOrEmpty($associatedAction.displayName)) { $entry = @{ @@ -624,11 +624,11 @@ function Get-M365DSCADOGroupPermission $bitMaskPositionsFound += $value } - } while($position -ge 0 -and ($position+1) -le $denyBinary.Length) + } while ($position -ge 0 -and ($position + 1) -le $denyBinary.Length) foreach ($bitmask in $bitMaskPositionsFound) { - $associatedAction = $namespace.actions | Where-Object -FilterScript {[Convert]::ToString($_.bit,2) -eq $bitmask} + $associatedAction = $namespace.actions | Where-Object -FilterScript { [Convert]::ToString($_.bit, 2) -eq $bitmask } if (-not [System.String]::IsNullOrEmpty($associatedAction.displayName)) { $entry = @{ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_ADOSecurityPolicy/MSFT_ADOSecurityPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_ADOSecurityPolicy/MSFT_ADOSecurityPolicy.psm1 index 675182e6c3..37c748f884 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_ADOSecurityPolicy/MSFT_ADOSecurityPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_ADOSecurityPolicy/MSFT_ADOSecurityPolicy.psm1 @@ -87,31 +87,31 @@ function Get-TargetResource try { $uri = "https://dev.azure.com/$($OrganizationName)/_apis/OrganizationPolicy/Policies/Policy.DisallowAadGuestUserAccess?defaultValue" - $DisallowAadGuestUserAccessValue = (Invoke-M365DSCAzureDevOPSWebRequest -uri $uri).Value + $DisallowAadGuestUserAccessValue = (Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri).Value $uri = "https://dev.azure.com/$($OrganizationName)/_apis/OrganizationPolicy/Policies/Policy.DisallowOAuthAuthentication?defaultValue" - $DisallowOAuthAuthenticationValue = (Invoke-M365DSCAzureDevOPSWebRequest -uri $uri).Value + $DisallowOAuthAuthenticationValue = (Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri).Value $uri = "https://dev.azure.com/$($OrganizationName)/_apis/OrganizationPolicy/Policies/Policy.DisallowSecureShell?defaultValue" - $DisallowSecureShellValue = (Invoke-M365DSCAzureDevOPSWebRequest -uri $uri).Value + $DisallowSecureShellValue = (Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri).Value $uri = "https://dev.azure.com/$($OrganizationName)/_apis/OrganizationPolicy/Policies/Policy.LogAuditEvents?defaultValue" - $LogAuditEventsValue = (Invoke-M365DSCAzureDevOPSWebRequest -uri $uri).Value + $LogAuditEventsValue = (Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri).Value $uri = "https://dev.azure.com/$($OrganizationName)/_apis/OrganizationPolicy/Policies/Policy.AllowAnonymousAccess?defaultValue" - $AllowAnonymousAccessValue = (Invoke-M365DSCAzureDevOPSWebRequest -uri $uri).Value + $AllowAnonymousAccessValue = (Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri).Value $uri = "https://dev.azure.com/$($OrganizationName)/_apis/OrganizationPolicy/Policies/Policy.ArtifactsExternalPackageProtectionToken?defaultValue" - $ArtifactsExternalPackageProtectionTokenValue = (Invoke-M365DSCAzureDevOPSWebRequest -uri $uri).Value + $ArtifactsExternalPackageProtectionTokenValue = (Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri).Value $uri = "https://dev.azure.com/$($OrganizationName)/_apis/OrganizationPolicy/Policies/Policy.EnforceAADConditionalAccess?defaultValue" - $EnforceAADConditionalAccessValue = (Invoke-M365DSCAzureDevOPSWebRequest -uri $uri).Value + $EnforceAADConditionalAccessValue = (Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri).Value $uri = "https://dev.azure.com/$($OrganizationName)/_apis/OrganizationPolicy/Policies/Policy.AllowTeamAdminsInvitationsAccessToken?defaultValue" - $AllowTeamAdminsInvitationsAccessTokenValue = (Invoke-M365DSCAzureDevOPSWebRequest -uri $uri).Value + $AllowTeamAdminsInvitationsAccessTokenValue = (Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri).Value $uri = "https://dev.azure.com/$($OrganizationName)/_apis/OrganizationPolicy/Policies/Policy.AllowRequestAccessToken?defaultValue" - $AllowRequestAccessTokenValue = (Invoke-M365DSCAzureDevOPSWebRequest -uri $uri).Value + $AllowRequestAccessTokenValue = (Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri).Value $results = @{ OrganizationName = $OrganizationName @@ -238,7 +238,7 @@ function Set-TargetResource $body = "[{`"from`":`"`",`"op`":2,`"path`":`"/Value`",`"value`":`"$($DisallowAadGuestUserAccess.ToString().ToLower())`"}]" Write-Verbose -Message "Updating DisallowAadGuestUserAccess policy with values: $($body)" - Invoke-M365DSCAzureDevOPSWebRequest -uri $uri -Method 'PATCH' -Body $body + Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method 'PATCH' -Body $body } if ($PSBoundParameters.ContainsKey('DisallowOAuthAuthentication')) @@ -247,7 +247,7 @@ function Set-TargetResource $body = "[{`"from`":`"`",`"op`":2,`"path`":`"/Value`",`"value`":`"$($DisallowOAuthAuthentication.ToString().ToLower())`"}]" Write-Verbose -Message "Updating DisallowOAuthAuthentication policy with values: $($body)" - Invoke-M365DSCAzureDevOPSWebRequest -uri $uri -Method 'PATCH' -Body $body + Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method 'PATCH' -Body $body } if ($PSBoundParameters.ContainsKey('DisallowSecureShell')) @@ -256,7 +256,7 @@ function Set-TargetResource $body = "[{`"from`":`"`",`"op`":2,`"path`":`"/Value`",`"value`":`"$($DisallowSecureShell.ToString().ToLower())`"}]" Write-Verbose -Message "Updating DisallowSecureShell policy with values: $($body)" - Invoke-M365DSCAzureDevOPSWebRequest -uri $uri -Method 'PATCH' -Body $body + Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method 'PATCH' -Body $body } if ($PSBoundParameters.ContainsKey('LogAuditEvents')) @@ -265,7 +265,7 @@ function Set-TargetResource $body = "[{`"from`":`"`",`"op`":2,`"path`":`"/Value`",`"value`":`"$($LogAuditEvents.ToString().ToLower())`"}]" Write-Verbose -Message "Updating LogAuditEvents policy with values: $($body)" - Invoke-M365DSCAzureDevOPSWebRequest -uri $uri -Method 'PATCH' -Body $body + Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method 'PATCH' -Body $body } if ($PSBoundParameters.ContainsKey('AllowAnonymousAccess')) @@ -274,7 +274,7 @@ function Set-TargetResource $body = "[{`"from`":`"`",`"op`":2,`"path`":`"/Value`",`"value`":`"$($AllowAnonymousAccess.ToString().ToLower())`"}]" Write-Verbose -Message "Updating AllowAnonymousAccess policy with values: $($body)" - Invoke-M365DSCAzureDevOPSWebRequest -uri $uri -Method 'PATCH' -Body $body + Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method 'PATCH' -Body $body } if ($PSBoundParameters.ContainsKey('ArtifactsExternalPackageProtectionToken')) @@ -283,7 +283,7 @@ function Set-TargetResource $body = "[{`"from`":`"`",`"op`":2,`"path`":`"/Value`",`"value`":`"$($ArtifactsExternalPackageProtectionToken.ToString().ToLower())`"}]" Write-Verbose -Message "Updating ArtifactsExternalPackageProtectionToken policy with values: $($body)" - Invoke-M365DSCAzureDevOPSWebRequest -uri $uri -Method 'PATCH' -Body $body + Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method 'PATCH' -Body $body } if ($PSBoundParameters.ContainsKey('EnforceAADConditionalAccess')) @@ -292,7 +292,7 @@ function Set-TargetResource $body = "[{`"from`":`"`",`"op`":2,`"path`":`"/Value`",`"value`":`"$($EnforceAADConditionalAccess.ToString().ToLower())`"}]" Write-Verbose -Message "Updating EnforceAADConditionalAccess policy with values: $($body)" - Invoke-M365DSCAzureDevOPSWebRequest -uri $uri -Method 'PATCH' -Body $body + Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method 'PATCH' -Body $body } if ($PSBoundParameters.ContainsKey('AllowTeamAdminsInvitationsAccessToken')) @@ -301,7 +301,7 @@ function Set-TargetResource $body = "[{`"from`":`"`",`"op`":2,`"path`":`"/Value`",`"value`":`"$($AllowTeamAdminsInvitationsAccessToken.ToString().ToLower())`"}]" Write-Verbose -Message "Updating AllowTeamAdminsInvitationsAccessToken policy with values: $($body)" - Invoke-M365DSCAzureDevOPSWebRequest -uri $uri -Method 'PATCH' -Body $body + Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method 'PATCH' -Body $body } if ($PSBoundParameters.ContainsKey('AllowRequestAccessToken')) @@ -310,7 +310,7 @@ function Set-TargetResource $body = "[{`"from`":`"`",`"op`":2,`"path`":`"/Value`",`"value`":`"$($AllowRequestAccessToken.ToString().ToLower())`"}]" Write-Verbose -Message "Updating AllowRequestAccessToken policy with values: $($body)" - Invoke-M365DSCAzureDevOPSWebRequest -uri $uri -Method 'PATCH' -Body $body + Invoke-M365DSCAzureDevOPSWebRequest -Uri $uri -Method 'PATCH' -Body $body } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountPolicy/MSFT_AzureBillingAccountPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountPolicy/MSFT_AzureBillingAccountPolicy.psm1 index 8b9275b11f..7453c2986d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountPolicy/MSFT_AzureBillingAccountPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountPolicy/MSFT_AzureBillingAccountPolicy.psm1 @@ -207,15 +207,15 @@ function Set-TargetResource authenticationType = $EnterpriseAgreementPolicies.authenticationType departmentAdminViewCharges = $EnterpriseAgreementPolicies.departmentAdminViewCharges } - marketplacePurchases = $MarketplacePurchases - reservationPurchases = $ReservationPurchases - savingsPlanPurchases = $SavingsPlanPurchases + marketplacePurchases = $MarketplacePurchases + reservationPurchases = $ReservationPurchases + savingsPlanPurchases = $SavingsPlanPurchases } } $payload = ConvertTo-Json $instanceParams -Depth 5 -Compress Write-Verbose -Message "Updating billing account policy for {$BillingAccount} with payload:`r`n$($payload)" $uri = "https://management.azure.com/providers/Microsoft.Billing/billingAccounts/$($BillingAccount)/policies/default?api-version=2024-04-01" - $response = Invoke-AzRest -Uri $uri -Method "PUT" -Payload $payload + $response = Invoke-AzRest -Uri $uri -Method 'PUT' -Payload $payload if (-not [System.String]::IsNullOrEmpty($response.Error)) { throw "Error: $($response.Error)" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountScheduledAction/MSFT_AzureBillingAccountScheduledAction.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountScheduledAction/MSFT_AzureBillingAccountScheduledAction.psm1 index 5eff8056b5..2fb447d83a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountScheduledAction/MSFT_AzureBillingAccountScheduledAction.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountScheduledAction/MSFT_AzureBillingAccountScheduledAction.psm1 @@ -85,7 +85,7 @@ function Get-TargetResource $response = Invoke-AzRest -Uri $uri -Method GET $actions = (ConvertFrom-Json ($response.Content)).value - $instance = $actions | Where-Object -FilterScript {$_.properties.displayName -eq $DisplayName} + $instance = $actions | Where-Object -FilterScript { $_.properties.displayName -eq $DisplayName } if ($null -eq $instance) { @@ -225,8 +225,8 @@ function Set-TargetResource $currentInstance = Get-TargetResource @PSBoundParameters $instanceParams = @{ - kind = "Email" - properties = @{ + kind = 'Email' + properties = @{ displayName = $DisplayName notificationEmail = $NotificationEmail notification = @{ @@ -234,7 +234,7 @@ function Set-TargetResource subject = $Notification.subject message = $Notification.message } - schedule = @{ + schedule = @{ frequency = $Schedule.frequency weeksOfMonth = $Schedule.weeksOfMonth daysOfWeek = $Schedule.daysOfWeek @@ -242,8 +242,8 @@ function Set-TargetResource endDate = $Schedule.endDate dayOfMonth = $Schedule.dayOfMonth } - viewId = $View - status = $Status + viewId = $View + status = $Status } } $payload = ConvertTo-Json $instanceParams -Depth 10 -Compress diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountsAssociatedTenant/MSFT_AzureBillingAccountsAssociatedTenant.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountsAssociatedTenant/MSFT_AzureBillingAccountsAssociatedTenant.psm1 index c769d49b29..1b5dbcd84f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountsAssociatedTenant/MSFT_AzureBillingAccountsAssociatedTenant.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountsAssociatedTenant/MSFT_AzureBillingAccountsAssociatedTenant.psm1 @@ -74,12 +74,12 @@ function Get-TargetResource try { $accounts = Get-M365DSCAzureBillingAccount - $currentAccount = $accounts.value | Where-Object -FilterScript {$_.properties.displayName -eq $BillingAccount} + $currentAccount = $accounts.value | Where-Object -FilterScript { $_.properties.displayName -eq $BillingAccount } if ($null -ne $currentAccount) { $instances = Get-M365DSCAzureBillingAccountsAssociatedTenant -BillingAccountId $currentAccount.Name -ErrorAction Stop - $instance = $instances.value | Where-Object -FilterScript {$_.properties.displayName -eq $DisplayName} + $instance = $instances.value | Where-Object -FilterScript { $_.properties.displayName -eq $DisplayName } } if ($null -eq $instance) { @@ -184,7 +184,7 @@ function Set-TargetResource $currentInstance = Get-TargetResource @PSBoundParameters $billingAccounts = Get-M365DSCAzureBillingAccount - $account = $billingAccounts.value | Where-Object -FilterScript {$_.properties.displayName -eq $BillingAccount} + $account = $billingAccounts.value | Where-Object -FilterScript { $_.properties.displayName -eq $BillingAccount } $instanceParams = @{ properties = @{ @@ -198,24 +198,24 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Adding associated tenant {$AssociatedTenantId}" - New-M365DSCAzureBillingAccountsAssociatedTenant -BillingAccountId $account.Name ` - -AssociatedTenantId $AssociatedTenantId ` - -Body $instanceParams + New-M365DSCAzureBillingAccountsAssociatedTenant -BillingAccountId $account.Name ` + -AssociatedTenantId $AssociatedTenantId ` + -Body $instanceParams } # UPDATE elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating associated tenant {$AssociatedTenantId}" - New-M365DSCAzureBillingAccountsAssociatedTenant -BillingAccountId $account.Name ` - -AssociatedTenantId $AssociatedTenantId ` - -Body $instanceParams + New-M365DSCAzureBillingAccountsAssociatedTenant -BillingAccountId $account.Name ` + -AssociatedTenantId $AssociatedTenantId ` + -Body $instanceParams } # REMOVE elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Removing associated tenant {$AssociatedTenantId}" Remove-M365DSCAzureBillingAccountsAssociatedTenant -BillingAccountId $account.Name ` - -AssociatedTenantId $AssociatedTenantId + -AssociatedTenantId $AssociatedTenantId } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountsRoleAssignment/MSFT_AzureBillingAccountsRoleAssignment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountsRoleAssignment/MSFT_AzureBillingAccountsRoleAssignment.psm1 index e94068b043..8abaac7b00 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountsRoleAssignment/MSFT_AzureBillingAccountsRoleAssignment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureBillingAccountsRoleAssignment/MSFT_AzureBillingAccountsRoleAssignment.psm1 @@ -77,21 +77,21 @@ function Get-TargetResource try { $accounts = Get-M365DSCAzureBillingAccount - $currentAccount = $accounts.value | Where-Object -FilterScript {$_.properties.displayName -eq $BillingAccount} + $currentAccount = $accounts.value | Where-Object -FilterScript { $_.properties.displayName -eq $BillingAccount } if ($null -ne $currentAccount) { $instances = Get-M365DSCAzureBillingAccountsRoleAssignment -BillingAccountId $currentAccount.Name -ErrorAction Stop $PrincipalIdValue = Get-M365DSCPrincipalIdFromName -PrincipalName $PrincipalName ` - -PrincipalType $PrincipalType - $instance = $instances.value | Where-Object -FilterScript {$_.properties.principalId -eq $PrincipalIdValue} + -PrincipalType $PrincipalType + $instance = $instances.value | Where-Object -FilterScript { $_.properties.principalId -eq $PrincipalIdValue } if ($null -ne $instance) { $roleDefinitionId = $instance.properties.roleDefinitionId.Split('/') - $roleDefinitionId = $roleDefinitionId[$roleDefinitionId.Length -1] + $roleDefinitionId = $roleDefinitionId[$roleDefinitionId.Length - 1] $RoleDefinitionValue = Get-M365DSCAzureBillingAccountsRoleDefinition -BillingAccountId $currentAccount.Name ` - -RoleDefinitionId $roleDefinitionId + -RoleDefinitionId $roleDefinitionId } } if ($null -eq $instance) @@ -199,11 +199,11 @@ function Set-TargetResource $currentInstance = Get-TargetResource @PSBoundParameters $billingAccounts = Get-M365DSCAzureBillingAccount - $account = $billingAccounts.value | Where-Object -FilterScript {$_.properties.displayName -eq $BillingAccount} + $account = $billingAccounts.value | Where-Object -FilterScript { $_.properties.displayName -eq $BillingAccount } $PrincipalIdValue = Get-M365DSCPrincipalIdFromName -PrincipalName $PrincipalName ` - -PrincipalType $PrincipalType + -PrincipalType $PrincipalType $RoleDefinitionValues = Get-M365DSCAzureBillingAccountsRoleDefinition -BillingAccountId $account.Name - $roleDefinitionInstance = $RoleDefinitionValues.value | Where-Object -FilterScript {$_.properties.roleName -eq $currentInstance.RoleDefinition} + $roleDefinitionInstance = $RoleDefinitionValues.value | Where-Object -FilterScript { $_.properties.roleName -eq $currentInstance.RoleDefinition } $instanceParams = @{ principalId = $PrincipalIdValue principalTenantId = $currentInstance.PrincipalTenantId @@ -214,25 +214,25 @@ function Set-TargetResource { Write-Verbose -Message "Adding new role assignment for user {$PrincipalName} for role {$RoleDefinition}" New-M365DSCAzureBillingAccountsRoleAssignment -BillingAccountId $account.Name ` - -Body $instanceParams + -Body $instanceParams } # UPDATE elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating role assignment for user {$PrincipalName} for role {$RoleDefinition}" New-M365DSCAzureBillingAccountsRoleAssignment -BillingAccountId $account.Name ` - -Body $instanceParams + -Body $instanceParams } # REMOVE elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { $instances = Get-M365DSCAzureBillingAccountsRoleAssignment -BillingAccountId $account.Name -ErrorAction Stop - $instance = $instances.value | Where-Object -FilterScript {$_.properties.principalId -eq $PrincipalIdValue} + $instance = $instances.value | Where-Object -FilterScript { $_.properties.principalId -eq $PrincipalIdValue } $AssignmentId = $instance.Id.Split('/') - $AssignmentId = $AssignmentId[$roleDefinitionId.Length -1] + $AssignmentId = $AssignmentId[$roleDefinitionId.Length - 1] Write-Verbose -Message "Removing role assignment for user {$PrincipalName} for role {$RoleDefinition}" Remove-M365DSCAzureBillingAccountsRoleAssignment -BillingAccountId $account.Name ` - -AssignmentId $AssignmentId + -AssignmentId $AssignmentId } } @@ -406,9 +406,9 @@ function Export-TargetResource } $PrincipalNameValue = Get-M365DSCPrincipalNameFromId -PrincipalId $assignment.properties.principalId ` - -PrincipalType $assignment.properties.principalType + -PrincipalType $assignment.properties.principalType $roleDefinitionId = $assignment.properties.roleDefinitionId.Split('/') - $roleDefinitionId = $roleDefinitionId[$roleDefinitionId.Length -1] + $roleDefinitionId = $roleDefinitionId[$roleDefinitionId.Length - 1] Write-Host " |---[$j/$($assignments.value.Length)] $($assignment.properties.principalId)" -NoNewline $params = @{ @@ -416,7 +416,7 @@ function Export-TargetResource PrincipalName = $PrincipalNameValue PrincipalType = $assignment.properties.principalType PrincipalTenantId = $assignment.properties.principalTenantId - RoleDefinition = "AnyRole" + RoleDefinition = 'AnyRole' Credential = $Credential ApplicationId = $ApplicationId TenantId = $TenantId diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureDiagnosticSettings/MSFT_AzureDiagnosticSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureDiagnosticSettings/MSFT_AzureDiagnosticSettings.psm1 index 80feadcbc8..c2397e5464 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureDiagnosticSettings/MSFT_AzureDiagnosticSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureDiagnosticSettings/MSFT_AzureDiagnosticSettings.psm1 @@ -83,14 +83,14 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.name -eq $Name} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.name -eq $Name } } else { $response = Invoke-AzRest -Uri 'https://management.azure.com/providers/microsoft.aadiam/diagnosticsettings?api-version=2017-04-01-preview' ` - -Method Get + -Method Get $instances = (ConvertFrom-Json $response.Content).value - $instance = $instances | Where-Object -FilterScript {$_.name -eq $Name} + $instance = $instances | Where-Object -FilterScript { $_.name -eq $Name } } if ($null -eq $instance) { @@ -215,9 +215,9 @@ function Set-TargetResource $currentInstance = Get-TargetResource @PSBoundParameters $instanceParams = @{ - name = $Name + name = $Name properties = @{ - logs = @() + logs = @() } } @@ -263,15 +263,15 @@ function Set-TargetResource Write-Verbose -Message "Updating diagnostic setting {$Name}" } $response = Invoke-AzRest -Uri "https://management.azure.com/providers/microsoft.aadiam/diagnosticsettings/$($Name)?api-version=2017-04-01-preview" ` - -Method PUT ` - -Payload $payload + -Method PUT ` + -Payload $payload } # REMOVE elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Removing diagnostic setting {$Name}" $response = Invoke-AzRest -Uri "https://management.azure.com/providers/microsoft.aadiam/diagnosticsettings/$($Name)?api-version=2017-04-01-preview" ` - -Method DELETE + -Method DELETE } } @@ -447,7 +447,7 @@ function Export-TargetResource { $Script:ExportMode = $true $response = Invoke-AzRest -Uri 'https://management.azure.com/providers/microsoft.aadiam/diagnosticsettings?api-version=2017-04-01-preview' ` - -Method Get + -Method Get [array] $Script:exportedInstances = (ConvertFrom-Json $response.Content).value $i = 1 $dscContent = '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureDiagnosticSettingsCustomSecurityAttribute/MSFT_AzureDiagnosticSettingsCustomSecurityAttribute.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureDiagnosticSettingsCustomSecurityAttribute/MSFT_AzureDiagnosticSettingsCustomSecurityAttribute.psm1 index 6c98d19639..188bb86c70 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureDiagnosticSettingsCustomSecurityAttribute/MSFT_AzureDiagnosticSettingsCustomSecurityAttribute.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureDiagnosticSettingsCustomSecurityAttribute/MSFT_AzureDiagnosticSettingsCustomSecurityAttribute.psm1 @@ -83,14 +83,14 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.name -eq $Name} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.name -eq $Name } } else { $response = Invoke-AzRest -Uri 'https://management.azure.com/providers/microsoft.AadCustomSecurityAttributesDiagnosticSettings/diagnosticsettings?api-version=2017-04-01-preview' ` - -Method Get + -Method Get $instances = (ConvertFrom-Json $response.Content).value - $instance = $instances | Where-Object -FilterScript {$_.name -eq $Name} + $instance = $instances | Where-Object -FilterScript { $_.name -eq $Name } } if ($null -eq $instance) { @@ -215,9 +215,9 @@ function Set-TargetResource $currentInstance = Get-TargetResource @PSBoundParameters $instanceParams = @{ - name = $Name + name = $Name properties = @{ - logs = @() + logs = @() } } @@ -263,8 +263,8 @@ function Set-TargetResource Write-Verbose -Message "Updating diagnostic setting {$Name}" } $response = Invoke-AzRest -Uri "https://management.azure.com/providers/microsoft.AadCustomSecurityAttributesDiagnosticSettings/diagnosticsettings/$($Name)?api-version=2017-04-01-preview" ` - -Method PUT ` - -Payload $payload + -Method PUT ` + -Payload $payload Write-Verbose -Message "RESPONSE: $($response.Content)" } # REMOVE @@ -272,7 +272,7 @@ function Set-TargetResource { Write-Verbose -Message "Removing diagnostic setting {$Name}" $response = Invoke-AzRest -Uri "https://management.azure.com/providers/microsoft.AadCustomSecurityAttributesDiagnosticSettings/diagnosticsettings/$($Name)?api-version=2017-04-01-preview" ` - -Method DELETE + -Method DELETE } } @@ -448,7 +448,7 @@ function Export-TargetResource { $Script:ExportMode = $true $response = Invoke-AzRest -Uri 'https://management.azure.com/providers/microsoft.AadCustomSecurityAttributesDiagnosticSettings/diagnosticsettings?api-version=2017-04-01-preview' ` - -Method Get + -Method Get [array] $Script:exportedInstances = (ConvertFrom-Json $response.Content).value $i = 1 $dscContent = '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureSubscription/MSFT_AzureSubscription.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureSubscription/MSFT_AzureSubscription.psm1 index 17b50e1dda..f9bc25c333 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureSubscription/MSFT_AzureSubscription.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureSubscription/MSFT_AzureSubscription.psm1 @@ -73,12 +73,12 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($Id)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Id } } elseif ($null -eq $instance -and -not [System.String]::IsNullOrEmpty($Name)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.properties.displayName -eq $DisplayName -and ` - $_.properties.invoiceSectionId -eq $InvoiceSectionId} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.properties.displayName -eq $DisplayName -and ` + $_.properties.invoiceSectionId -eq $InvoiceSectionId } } } else @@ -94,7 +94,7 @@ function Get-TargetResource $uri = "https://management.azure.com$($InvoiceSectionId)/billingSubscriptions?api-version=2024-04-01" $response = Invoke-AzRest -Uri $uri -Method Get $instances = (ConvertFrom-Json $response.Content).value - $instance = $instances | Where-Object -FilterScript {$_.properties.displayName -eq $DisplayName} + $instance = $instances | Where-Object -FilterScript { $_.properties.displayName -eq $DisplayName } } } if ($null -eq $instance) @@ -198,12 +198,12 @@ function Set-TargetResource # CREATE if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { - $uri = "https://management.azure.com/providers/Microsoft.Subscription/aliases/$((New-GUID).ToString())?api-version=2021-10-01" + $uri = "https://management.azure.com/providers/Microsoft.Subscription/aliases/$((New-Guid).ToString())?api-version=2021-10-01" $params = @{ properties = @{ billingScope = $InvoiceSectionId DisplayName = $DisplayName - Workload = "Production" + Workload = 'Production' } } $payload = ConvertTo-Json $params -Depth 10 -Compress diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureVerifiedIdFaceCheck/MSFT_AzureVerifiedIdFaceCheck.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureVerifiedIdFaceCheck/MSFT_AzureVerifiedIdFaceCheck.psm1 index 4e9907eafa..2198e9fce0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureVerifiedIdFaceCheck/MSFT_AzureVerifiedIdFaceCheck.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureVerifiedIdFaceCheck/MSFT_AzureVerifiedIdFaceCheck.psm1 @@ -403,7 +403,7 @@ function Export-TargetResource $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results + -Results $Results $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderDeviceAuthenticatedScanDefinition/MSFT_DefenderDeviceAuthenticatedScanDefinition.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderDeviceAuthenticatedScanDefinition/MSFT_DefenderDeviceAuthenticatedScanDefinition.psm1 index 54da575452..70b2391927 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderDeviceAuthenticatedScanDefinition/MSFT_DefenderDeviceAuthenticatedScanDefinition.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderDeviceAuthenticatedScanDefinition/MSFT_DefenderDeviceAuthenticatedScanDefinition.psm1 @@ -89,24 +89,24 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($Id)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.id -eq $Id } } if ($null -eq $instance) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.scanName -eq $Name} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.scanName -eq $Name } } } else { $instances = (Invoke-M365DSCDefenderREST -Uri 'https://api.securitycenter.microsoft.com/api/DeviceAuthenticatedScanDefinitions' ` - -Method GET).value + -Method GET).value if (-not [System.String]::IsNullOrEmpty($Id)) { - $instance = $instances | Where-Object -FilterScript {$_.id -eq $Id} + $instance = $instances | Where-Object -FilterScript { $_.id -eq $Id } } if ($null -eq $instance) { - $instance = $instances | Where-Object -FilterScript {$_.scanName -eq $Name} + $instance = $instances | Where-Object -FilterScript { $_.scanName -eq $Name } } } if ($null -eq $instance) @@ -118,8 +118,8 @@ function Get-TargetResource if ($null -ne $instance.scannerAgent) { $ScannerAgentValue = @{ - id = $instance.scannerAgent.id - machineId = $instance.scannerAgent.machineId + id = $instance.scannerAgent.id + machineId = $instance.scannerAgent.machineId machineName = $instance.scannerAgent.machineName } } @@ -146,8 +146,8 @@ function Get-TargetResource else { $ScanAuthenticationParamsValue = @{ - "@odata.context" = "#microsoft.windowsDefenderATP.api.SnmpAuthParams" - Type = "NoAuthNoPriv" + '@odata.context' = '#microsoft.windowsDefenderATP.api.SnmpAuthParams' + Type = 'NoAuthNoPriv' } } @@ -265,61 +265,61 @@ function Set-TargetResource $currentInstance = Get-TargetResource @PSBoundParameters $instanceParams = @{ - scanType = $ScanType - scanName = $Name - isActive = $IsActive - target = $Target - intervalInHours = $IntervalInHours - scannerAgent = @{ + scanType = $ScanType + scanName = $Name + isActive = $IsActive + target = $Target + intervalInHours = $IntervalInHours + scannerAgent = @{ machineName = $ScannerAgent.machineName id = $ScannerAgent.id } - targetType = 'Ip' + targetType = 'Ip' scanAuthenticationParams = @{ - "@odata.type" = $ScanAuthenticationParams.DataType - type = $ScanAuthenticationParams.Type + '@odata.type' = $ScanAuthenticationParams.DataType + type = $ScanAuthenticationParams.Type } } if ($null -ne $ScanAuthenticationParams.KeyVaultUrl) { - $instanceParams.scanAuthenticationParams.Add("keyVaultUrl", $ScanAuthenticationParams.KeyVaultUrl) + $instanceParams.scanAuthenticationParams.Add('keyVaultUrl', $ScanAuthenticationParams.KeyVaultUrl) } if ($null -ne $ScanAuthenticationParams.KeyVaultSecretName) { - $instanceParams.scanAuthenticationParams.Add("keyVaultSecretName", $ScanAuthenticationParams.KeyVaultSecretName) + $instanceParams.scanAuthenticationParams.Add('keyVaultSecretName', $ScanAuthenticationParams.KeyVaultSecretName) } if ($null -ne $ScanAuthenticationParams.Domain) { - $instanceParams.scanAuthenticationParams.Add("domain", $ScanAuthenticationParams.Domain) + $instanceParams.scanAuthenticationParams.Add('domain', $ScanAuthenticationParams.Domain) } if ($null -ne $ScanAuthenticationParams.Username) { - $instanceParams.scanAuthenticationParams.Add("username", $ScanAuthenticationParams.Username) + $instanceParams.scanAuthenticationParams.Add('username', $ScanAuthenticationParams.Username) } if ($null -ne $ScanAuthenticationParams.IsGMSAUser) { - $instanceParams.scanAuthenticationParams.Add("isGMSAUser", $ScanAuthenticationParams.IsGMSAUser) + $instanceParams.scanAuthenticationParams.Add('isGMSAUser', $ScanAuthenticationParams.IsGMSAUser) } if ($null -ne $ScanAuthenticationParams.CommunityString) { - $instanceParams.scanAuthenticationParams.Add("communityString", $ScanAuthenticationParams.CommunityString) + $instanceParams.scanAuthenticationParams.Add('communityString', $ScanAuthenticationParams.CommunityString) } if ($null -ne $ScanAuthenticationParams.AuthProtocol) { - $instanceParams.scanAuthenticationParams.Add("authProtocol", $ScanAuthenticationParams.AuthProtocol) + $instanceParams.scanAuthenticationParams.Add('authProtocol', $ScanAuthenticationParams.AuthProtocol) } if ($null -ne $ScanAuthenticationParams.AuthPassword) { - $instanceParams.scanAuthenticationParams.Add("authPassword", $ScanAuthenticationParams.AuthPassword) + $instanceParams.scanAuthenticationParams.Add('authPassword', $ScanAuthenticationParams.AuthPassword) } if ($null -ne $ScanAuthenticationParams.PrivProtocol) { - $instanceParams.scanAuthenticationParams.Add("privProtocol", $ScanAuthenticationParams.PrivProtocol) + $instanceParams.scanAuthenticationParams.Add('privProtocol', $ScanAuthenticationParams.PrivProtocol) } if ($null -ne $ScanAuthenticationParams.PrivPassword) { - $instanceParams.scanAuthenticationParams.Add("privPassword", $ScanAuthenticationParams.PrivPassword) + $instanceParams.scanAuthenticationParams.Add('privPassword', $ScanAuthenticationParams.PrivPassword) } # CREATE @@ -327,8 +327,8 @@ function Set-TargetResource { Write-Verbose -Message "Creating new device authenticated scan definition {$Name} with payload:`r`n$(ConvertTo-Json $instanceParams -Depth 10)" $response = Invoke-M365DSCDefenderREST -Uri 'https://api.securitycenter.microsoft.com/api/DeviceAuthenticatedScanDefinitions' ` - -Method POST ` - -Body $instanceParams + -Method POST ` + -Body $instanceParams Write-Verbose -Message "Response:`r`n$($response.Content)" } # UPDATE @@ -336,8 +336,8 @@ function Set-TargetResource { Write-Verbose -Message "Updating device authenticated scan definition {$Name} with payload:`r`n$(ConvertTo-Json $instanceParams -Depth 10)" $response = Invoke-M365DSCDefenderREST -Uri "https://api.securitycenter.microsoft.com/api/DeviceAuthenticatedScanDefinitions/$($currentInstance.Id)" ` - -Method PATCH ` - -Body $instanceParams + -Method PATCH ` + -Body $instanceParams Write-Verbose -Message "Response:`r`n$($response.Content)" } # REMOVE @@ -347,9 +347,9 @@ function Set-TargetResource ScanDefinitionIds = @($currentInstance.Id) } Write-Verbose -Message "Deleting device authenticated scan definition {$Name} with payload:`r`n$(ConvertTo-Json $instanceParams -Depth 10)" - $response = Invoke-M365DSCDefenderREST -Uri "https://api.securitycenter.microsoft.com/api/DeviceAuthenticatedScanDefinitions/BatchDelete" ` - -Method POST ` - -Body $instanceParams + $response = Invoke-M365DSCDefenderREST -Uri 'https://api.securitycenter.microsoft.com/api/DeviceAuthenticatedScanDefinitions/BatchDelete' ` + -Method POST ` + -Body $instanceParams Write-Verbose -Message "Response:`r`n$($response.Content)" } } @@ -443,7 +443,7 @@ function Test-TargetResource $testResult = $true # Once set, these cannot be retrieved nor changed. - $ValuesToCheck.Remove("ScanAuthenticationParams") | Out-Null + $ValuesToCheck.Remove('ScanAuthenticationParams') | Out-Null #Compare Cim instances foreach ($key in $PSBoundParameters.Keys) @@ -469,9 +469,9 @@ function Test-TargetResource if ($testResult) { $testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys } Write-Verbose -Message "Test-TargetResource returned $testResult" @@ -533,7 +533,7 @@ function Export-TargetResource { $Script:ExportMode = $true [array] $Script:exportedInstances = (Invoke-M365DSCDefenderREST -Uri 'https://api.securitycenter.microsoft.com/api/DeviceAuthenticatedScanDefinitions' ` - -Method GET).value + -Method GET).value $i = 1 $dscContent = '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderSubscriptionPlan/MSFT_DefenderSubscriptionPlan.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderSubscriptionPlan/MSFT_DefenderSubscriptionPlan.psm1 index 13a1b423f4..9c66bc6907 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderSubscriptionPlan/MSFT_DefenderSubscriptionPlan.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderSubscriptionPlan/MSFT_DefenderSubscriptionPlan.psm1 @@ -83,11 +83,11 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($SubscriptionId)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.SubscriptionId -eq $SubscriptionId -and $_.Name -eq $PlanName} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.SubscriptionId -eq $SubscriptionId -and $_.Name -eq $PlanName } } elseif ($null -eq $instance -and -not [System.String]::IsNullOrEmpty($SubscriptionName)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.SubscriptionName -eq $SubscriptionName -and $_.Name -eq $PlanName} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.SubscriptionName -eq $SubscriptionName -and $_.Name -eq $PlanName } } } else @@ -97,20 +97,20 @@ function Get-TargetResource { $subscription = Get-AzSubscription -SubscriptionName $SubscriptionName - if($subscription -ne $null) + if ($subscription -ne $null) { $subscriptionId = $subscription.Id } } - if($subscriptionId -ne $null) + if ($subscriptionId -ne $null) { - Set-AzContext -Subscription $subscriptionId -ErrorAction Stop - $instance = Get-AzSecurityPricing -Name $PlanName -ErrorAction Stop - $azContext = Get-AzContext - Add-Member -InputObject $instance -NotePropertyName "SubscriptionName" -NotePropertyValue $azContext.Subscription.Name - Add-Member -InputObject $instance -NotePropertyName "SubscriptionId" -NotePropertyValue $azContext.Subscription.Id + Set-AzContext -Subscription $subscriptionId -ErrorAction Stop + $instance = Get-AzSecurityPricing -Name $PlanName -ErrorAction Stop + $azContext = Get-AzContext + Add-Member -InputObject $instance -NotePropertyName 'SubscriptionName' -NotePropertyValue $azContext.Subscription.Name + Add-Member -InputObject $instance -NotePropertyName 'SubscriptionId' -NotePropertyValue $azContext.Subscription.Id } } @@ -234,7 +234,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Set-AzContext -Subscription $currentInstance.SubscriptionId -ErrorAction Stop - if($Extensions) + if ($Extensions) { Set-AzSecurityPricing -Name $PlanName -PricingTier $PricingTier -SubPlan $SubPlanName -Extension $Extensions -ErrorAction Stop } @@ -457,17 +457,17 @@ function Get-SubscriptionsDefenderPlansFromArg try { $results = @() - $argQuery=@' + $argQuery = @' securityresources | where type == "microsoft.security/pricings" | project Id=id, PlanName=name, SubscriptionId=subscriptionId, SubPlan=tostring(properties.subPlan), PricingTier=tostring(properties.pricingTier), Extensions=tostring(properties.extensions) | join kind=inner (resourcecontainers | where type == "microsoft.resources/subscriptions" | project SubscriptionName = name, SubscriptionId = subscriptionId) on SubscriptionId | project-away SubscriptionId1 '@ $queryResult = Search-AzGraph -Query $argQuery -First 1000 -UseTenantScope -ErrorAction Stop $results += $queryResult.Data - while($queryResult.SkipToken -ne $null) + while ($queryResult.SkipToken -ne $null) { - $queryResult = Search-AzGraph -Query $argQuery -First 1000 -UseTenantScope -SkipToken $queryResult.SkipToken -ErrorAction Stop - $results+=$queryResult.Data + $queryResult = Search-AzGraph -Query $argQuery -First 1000 -UseTenantScope -SkipToken $queryResult.SkipToken -ErrorAction Stop + $results += $queryResult.Data } return $results diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOATPBuiltInProtectionRule/MSFT_EXOATPBuiltInProtectionRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOATPBuiltInProtectionRule/MSFT_EXOATPBuiltInProtectionRule.psm1 index 8deb5252dc..ae19d28f7d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOATPBuiltInProtectionRule/MSFT_EXOATPBuiltInProtectionRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOATPBuiltInProtectionRule/MSFT_EXOATPBuiltInProtectionRule.psm1 @@ -255,7 +255,7 @@ function Test-TargetResource { switch -regex ($key) { - "^ExceptIf\w+$" + '^ExceptIf\w+$' { $CurrentValues[$key] = @() break diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOActiveSyncDeviceAccessRule/MSFT_EXOActiveSyncDeviceAccessRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOActiveSyncDeviceAccessRule/MSFT_EXOActiveSyncDeviceAccessRule.psm1 index 658a073396..001c00dc45 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOActiveSyncDeviceAccessRule/MSFT_EXOActiveSyncDeviceAccessRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOActiveSyncDeviceAccessRule/MSFT_EXOActiveSyncDeviceAccessRule.psm1 @@ -95,7 +95,7 @@ function Get-TargetResource if ($null -eq $ActiveSyncDeviceAccessRule) { - Write-Verbose -Message "Trying to retrieve instance by Identity" + Write-Verbose -Message 'Trying to retrieve instance by Identity' $ActiveSyncDeviceAccessRule = Get-ActiveSyncDeviceAccessRule -Identity $Identity -ErrorAction 'SilentlyContinue' if ($null -eq $ActiveSyncDeviceAccessRule) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOActiveSyncMailboxPolicy/MSFT_EXOActiveSyncMailboxPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOActiveSyncMailboxPolicy/MSFT_EXOActiveSyncMailboxPolicy.psm1 index 80cee1cb8b..366a3eb245 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOActiveSyncMailboxPolicy/MSFT_EXOActiveSyncMailboxPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOActiveSyncMailboxPolicy/MSFT_EXOActiveSyncMailboxPolicy.psm1 @@ -14,7 +14,7 @@ [Parameter()] [System.String] - [ValidateSet("Disable", "HandsfreeOnly", "Allow")] + [ValidateSet('Disable', 'HandsfreeOnly', 'Allow')] $AllowBluetooth, [Parameter()] @@ -147,7 +147,7 @@ [Parameter()] [System.String] - [ValidateSet("All", "TwoWeeks", "OneMonth", "ThreeMonths", "SixMonths")] + [ValidateSet('All', 'TwoWeeks', 'OneMonth', 'ThreeMonths', 'SixMonths')] $MaxCalendarAgeFilter, [Parameter()] @@ -156,7 +156,7 @@ [Parameter()] [System.String] - [ValidateSet("All", "OneDay", "ThreeDays", "OneWeek", "TwoWeeks", "OneMonth", "ThreeMonths", "SixMonths")] + [ValidateSet('All', 'OneDay', 'ThreeDays', 'OneWeek', 'TwoWeeks', 'OneMonth', 'ThreeMonths', 'SixMonths')] $MaxEmailAgeFilter, [Parameter()] @@ -275,7 +275,7 @@ { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } else { @@ -287,68 +287,68 @@ } $results = @{ - Ensure = 'Present' - Name = [System.String]$instance.Name - AllowApplePushNotifications = [System.Boolean]$instance.AllowApplePushNotifications - AllowBluetooth = [System.String]$instance.AllowBluetooth - AllowBrowser = [System.Boolean]$instance.AllowBrowser - AllowCamera = [System.Boolean]$instance.AllowCamera - AllowConsumerEmail = [System.Boolean]$instance.AllowConsumerEmail - AllowDesktopSync = [System.Boolean]$instance.AllowDesktopSync - AllowExternalDeviceManagement = [System.Boolean]$instance.AllowExternalDeviceManagement - AllowHTMLEmail = [System.Boolean]$instance.AllowHTMLEmail - AllowInternetSharing = [System.Boolean]$instance.AllowInternetSharing - AllowIrDA = [System.Boolean]$instance.AllowIrDA - AllowMobileOTAUpdate = [System.Boolean]$instance.AllowMobileOTAUpdate - AllowNonProvisionableDevices = [System.Boolean]$instance.AllowNonProvisionableDevices - AllowPOPIMAPEmail = [System.Boolean]$instance.AllowPOPIMAPEmail - AllowRemoteDesktop = [System.Boolean]$instance.AllowRemoteDesktop - AllowSimpleDevicePassword = [System.Boolean]$instance.AllowSimpleDevicePassword + Ensure = 'Present' + Name = [System.String]$instance.Name + AllowApplePushNotifications = [System.Boolean]$instance.AllowApplePushNotifications + AllowBluetooth = [System.String]$instance.AllowBluetooth + AllowBrowser = [System.Boolean]$instance.AllowBrowser + AllowCamera = [System.Boolean]$instance.AllowCamera + AllowConsumerEmail = [System.Boolean]$instance.AllowConsumerEmail + AllowDesktopSync = [System.Boolean]$instance.AllowDesktopSync + AllowExternalDeviceManagement = [System.Boolean]$instance.AllowExternalDeviceManagement + AllowHTMLEmail = [System.Boolean]$instance.AllowHTMLEmail + AllowInternetSharing = [System.Boolean]$instance.AllowInternetSharing + AllowIrDA = [System.Boolean]$instance.AllowIrDA + AllowMobileOTAUpdate = [System.Boolean]$instance.AllowMobileOTAUpdate + AllowNonProvisionableDevices = [System.Boolean]$instance.AllowNonProvisionableDevices + AllowPOPIMAPEmail = [System.Boolean]$instance.AllowPOPIMAPEmail + AllowRemoteDesktop = [System.Boolean]$instance.AllowRemoteDesktop + AllowSimpleDevicePassword = [System.Boolean]$instance.AllowSimpleDevicePassword AllowSMIMEEncryptionAlgorithmNegotiation = [System.String]$instance.AllowSMIMEEncryptionAlgorithmNegotiation - AllowSMIMESoftCerts = [System.Boolean]$instance.AllowSMIMESoftCerts - AllowStorageCard = [System.Boolean]$instance.AllowStorageCard - AllowTextMessaging = [System.Boolean]$instance.AllowTextMessaging - AllowUnsignedApplications = [System.Boolean]$instance.AllowUnsignedApplications - AllowUnsignedInstallationPackages = [System.Boolean]$instance.AllowUnsignedInstallationPackages - AllowWiFi = [System.Boolean]$instance.AllowWiFi - AlphanumericDevicePasswordRequired = [System.Boolean]$instance.AlphanumericDevicePasswordRequired - ApprovedApplicationList = [System.String[]]$instance.ApprovedApplicationList - AttachmentsEnabled = [System.Boolean]$instance.AttachmentsEnabled - DeviceEncryptionEnabled = [System.Boolean]$instance.DeviceEncryptionEnabled - DevicePasswordEnabled = [System.Boolean]$instance.DevicePasswordEnabled - DevicePasswordExpiration = [System.String]$instance.DevicePasswordExpiration - DevicePasswordHistory = [System.Int32]$instance.DevicePasswordHistory - DevicePolicyRefreshInterval = [System.String]$instance.DevicePolicyRefreshInterval - IrmEnabled = [System.Boolean]$instance.IrmEnabled - IsDefault = [System.Boolean]$instance.IsDefault - IsDefaultPolicy = [System.Boolean]$instance.IsDefaultPolicy - MaxAttachmentSize = [System.String]$instance.MaxAttachmentSize - MaxCalendarAgeFilter = [System.String]$instance.MaxCalendarAgeFilter - MaxDevicePasswordFailedAttempts = [System.String]$instance.MaxDevicePasswordFailedAttempts - MaxEmailAgeFilter = [System.String]$instance.MaxEmailAgeFilter - MaxEmailBodyTruncationSize = [System.String]$instance.MaxEmailBodyTruncationSize - MaxEmailHTMLBodyTruncationSize = [System.String]$instance.MaxEmailHTMLBodyTruncationSize - MaxInactivityTimeDeviceLock = [System.String]$instance.MaxInactivityTimeDeviceLock - MinDevicePasswordComplexCharacters = [System.Int32]$instance.MinDevicePasswordComplexCharacters - MinDevicePasswordLength = [System.Int32]$instance.MinDevicePasswordLength - PasswordRecoveryEnabled = [System.Boolean]$instance.PasswordRecoveryEnabled - RequireDeviceEncryption = [System.Boolean]$instance.RequireDeviceEncryption - RequireEncryptedSMIMEMessages = [System.Boolean]$instance.RequireEncryptedSMIMEMessages - RequireEncryptionSMIMEAlgorithm = [System.String]$instance.RequireEncryptionSMIMEAlgorithm - RequireManualSyncWhenRoaming = [System.Boolean]$instance.RequireManualSyncWhenRoaming - RequireSignedSMIMEAlgorithm = [System.String]$instance.RequireSignedSMIMEAlgorithm - RequireSignedSMIMEMessages = [System.Boolean]$instance.RequireSignedSMIMEMessages - RequireStorageCardEncryption = [System.Boolean]$instance.RequireStorageCardEncryption - UnapprovedInROMApplicationList = [System.String[]]$instance.UnapprovedInROMApplicationList - UNCAccessEnabled = [System.Boolean]$instance.UNCAccessEnabled - WSSAccessEnabled = [System.Boolean]$instance.WSSAccessEnabled - Identity = [System.String]$Identity - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + AllowSMIMESoftCerts = [System.Boolean]$instance.AllowSMIMESoftCerts + AllowStorageCard = [System.Boolean]$instance.AllowStorageCard + AllowTextMessaging = [System.Boolean]$instance.AllowTextMessaging + AllowUnsignedApplications = [System.Boolean]$instance.AllowUnsignedApplications + AllowUnsignedInstallationPackages = [System.Boolean]$instance.AllowUnsignedInstallationPackages + AllowWiFi = [System.Boolean]$instance.AllowWiFi + AlphanumericDevicePasswordRequired = [System.Boolean]$instance.AlphanumericDevicePasswordRequired + ApprovedApplicationList = [System.String[]]$instance.ApprovedApplicationList + AttachmentsEnabled = [System.Boolean]$instance.AttachmentsEnabled + DeviceEncryptionEnabled = [System.Boolean]$instance.DeviceEncryptionEnabled + DevicePasswordEnabled = [System.Boolean]$instance.DevicePasswordEnabled + DevicePasswordExpiration = [System.String]$instance.DevicePasswordExpiration + DevicePasswordHistory = [System.Int32]$instance.DevicePasswordHistory + DevicePolicyRefreshInterval = [System.String]$instance.DevicePolicyRefreshInterval + IrmEnabled = [System.Boolean]$instance.IrmEnabled + IsDefault = [System.Boolean]$instance.IsDefault + IsDefaultPolicy = [System.Boolean]$instance.IsDefaultPolicy + MaxAttachmentSize = [System.String]$instance.MaxAttachmentSize + MaxCalendarAgeFilter = [System.String]$instance.MaxCalendarAgeFilter + MaxDevicePasswordFailedAttempts = [System.String]$instance.MaxDevicePasswordFailedAttempts + MaxEmailAgeFilter = [System.String]$instance.MaxEmailAgeFilter + MaxEmailBodyTruncationSize = [System.String]$instance.MaxEmailBodyTruncationSize + MaxEmailHTMLBodyTruncationSize = [System.String]$instance.MaxEmailHTMLBodyTruncationSize + MaxInactivityTimeDeviceLock = [System.String]$instance.MaxInactivityTimeDeviceLock + MinDevicePasswordComplexCharacters = [System.Int32]$instance.MinDevicePasswordComplexCharacters + MinDevicePasswordLength = [System.Int32]$instance.MinDevicePasswordLength + PasswordRecoveryEnabled = [System.Boolean]$instance.PasswordRecoveryEnabled + RequireDeviceEncryption = [System.Boolean]$instance.RequireDeviceEncryption + RequireEncryptedSMIMEMessages = [System.Boolean]$instance.RequireEncryptedSMIMEMessages + RequireEncryptionSMIMEAlgorithm = [System.String]$instance.RequireEncryptionSMIMEAlgorithm + RequireManualSyncWhenRoaming = [System.Boolean]$instance.RequireManualSyncWhenRoaming + RequireSignedSMIMEAlgorithm = [System.String]$instance.RequireSignedSMIMEAlgorithm + RequireSignedSMIMEMessages = [System.Boolean]$instance.RequireSignedSMIMEMessages + RequireStorageCardEncryption = [System.Boolean]$instance.RequireStorageCardEncryption + UnapprovedInROMApplicationList = [System.String[]]$instance.UnapprovedInROMApplicationList + UNCAccessEnabled = [System.Boolean]$instance.UNCAccessEnabled + WSSAccessEnabled = [System.Boolean]$instance.WSSAccessEnabled + Identity = [System.String]$Identity + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } @@ -379,7 +379,7 @@ function Set-TargetResource [Parameter()] [System.String] - [ValidateSet("Disable", "HandsfreeOnly", "Allow")] + [ValidateSet('Disable', 'HandsfreeOnly', 'Allow')] $AllowBluetooth, [Parameter()] @@ -512,7 +512,7 @@ function Set-TargetResource [Parameter()] [System.String] - [ValidateSet("All", "TwoWeeks", "OneMonth", "ThreeMonths", "SixMonths")] + [ValidateSet('All', 'TwoWeeks', 'OneMonth', 'ThreeMonths', 'SixMonths')] $MaxCalendarAgeFilter, [Parameter()] @@ -521,7 +521,7 @@ function Set-TargetResource [Parameter()] [System.String] - [ValidateSet("All", "OneDay", "ThreeDays", "OneWeek", "TwoWeeks", "OneMonth", "ThreeMonths", "SixMonths")] + [ValidateSet('All', 'OneDay', 'ThreeDays', 'OneWeek', 'TwoWeeks', 'OneMonth', 'ThreeMonths', 'SixMonths')] $MaxEmailAgeFilter, [Parameter()] @@ -642,7 +642,7 @@ function Set-TargetResource # CREATE if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { - $setParameters.Remove("Identity") + $setParameters.Remove('Identity') New-ActiveSyncMailboxPolicy @SetParameters } # UPDATE @@ -662,7 +662,7 @@ function Test-TargetResource [CmdletBinding()] [OutputType([System.Boolean])] param - ( + ( [Parameter()] [System.String] $Name, @@ -673,7 +673,7 @@ function Test-TargetResource [Parameter()] [System.String] - [ValidateSet("Disable", "HandsfreeOnly", "Allow")] + [ValidateSet('Disable', 'HandsfreeOnly', 'Allow')] $AllowBluetooth, [Parameter()] @@ -806,7 +806,7 @@ function Test-TargetResource [Parameter()] [System.String] - [ValidateSet("All", "TwoWeeks", "OneMonth", "ThreeMonths", "SixMonths")] + [ValidateSet('All', 'TwoWeeks', 'OneMonth', 'ThreeMonths', 'SixMonths')] $MaxCalendarAgeFilter, [Parameter()] @@ -815,7 +815,7 @@ function Test-TargetResource [Parameter()] [System.String] - [ValidateSet("All", "OneDay", "ThreeDays", "OneWeek", "TwoWeeks", "OneMonth", "ThreeMonths", "SixMonths")] + [ValidateSet('All', 'OneDay', 'ThreeDays', 'OneWeek', 'TwoWeeks', 'OneMonth', 'ThreeMonths', 'SixMonths')] $MaxEmailAgeFilter, [Parameter()] @@ -1014,13 +1014,13 @@ function Export-TargetResource $displayedKey = $config.Name Write-Host " |---[$i/$($Script:exportedInstances.Count)] $displayedKey" -NoNewline $params = @{ - Identity = $config.Name - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Identity = $config.Name + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAddressList/MSFT_EXOAddressList.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAddressList/MSFT_EXOAddressList.psm1 index c244a92033..0ed8e06cd9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAddressList/MSFT_EXOAddressList.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAddressList/MSFT_EXOAddressList.psm1 @@ -168,7 +168,7 @@ function Get-TargetResource } if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $AddressLists = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $AddressLists = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOApplicationAccessPolicy/MSFT_EXOApplicationAccessPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOApplicationAccessPolicy/MSFT_EXOApplicationAccessPolicy.psm1 index edc165286e..2380c67839 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOApplicationAccessPolicy/MSFT_EXOApplicationAccessPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOApplicationAccessPolicy/MSFT_EXOApplicationAccessPolicy.psm1 @@ -298,7 +298,7 @@ function Set-TargetResource { Write-Verbose -Message "Re-create Application Access Policy '$($currentApplicationAccessPolicyConfig.Identity)'" Remove-ApplicationAccessPolicy -Identity $currentApplicationAccessPolicyConfig.Identity -Confirm:$false - Write-Verbose -Message "Removing existing policy was successful" + Write-Verbose -Message 'Removing existing policy was successful' Write-Verbose -Message "Creating new instance with parameters: $(Convert-M365DscHashtableToString -Hashtable $NewApplicationAccessPolicyParams)" New-ApplicationAccessPolicy @NewApplicationAccessPolicyParams } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOArcConfig/MSFT_EXOArcConfig.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOArcConfig/MSFT_EXOArcConfig.psm1 index a79d3e4da8..8d89120aa6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOArcConfig/MSFT_EXOArcConfig.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOArcConfig/MSFT_EXOArcConfig.psm1 @@ -82,16 +82,16 @@ function Get-TargetResource $ArcConfigSettings = Get-ArcConfig -ErrorAction Stop $result = @{ - IsSingleInstance = 'Yes' - ArcTrustedSealers = $ArcConfigSettings.ArcTrustedSealers - Credential = $Credential - ApplicationId = $ApplicationId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword - Managedidentity = $ManagedIdentity.IsPresent - TenantId = $TenantId - AccessTokens = $AccessTokens + IsSingleInstance = 'Yes' + ArcTrustedSealers = $ArcConfigSettings.ArcTrustedSealers + Credential = $Credential + ApplicationId = $ApplicationId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + Managedidentity = $ManagedIdentity.IsPresent + TenantId = $TenantId + AccessTokens = $AccessTokens } Write-Verbose -Message 'Found Arc config settings' @@ -345,7 +345,7 @@ function Export-TargetResource $dscContent = '' Write-Host "`r`n" -NoNewline - Write-Host " |---[1/1]" -NoNewline + Write-Host ' |---[1/1]' -NoNewline $Params = @{ IsSingleInstance = 'Yes' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOArcConfig/MSFT_EXOArcConfig.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOArcConfig/MSFT_EXOArcConfig.schema.mof index e773a36adf..791ea59bc8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOArcConfig/MSFT_EXOArcConfig.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOArcConfig/MSFT_EXOArcConfig.schema.mof @@ -11,4 +11,4 @@ class MSFT_EXOArcConfig : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; [Write, Description("Access token used for authentication.")] String AccessTokens[]; -}; \ No newline at end of file +}; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAtpProtectionPolicyRule/MSFT_EXOAtpProtectionPolicyRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAtpProtectionPolicyRule/MSFT_EXOAtpProtectionPolicyRule.psm1 index 46ffac1760..87bf25ceff 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAtpProtectionPolicyRule/MSFT_EXOAtpProtectionPolicyRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAtpProtectionPolicyRule/MSFT_EXOAtpProtectionPolicyRule.psm1 @@ -107,7 +107,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } else { @@ -119,26 +119,26 @@ function Get-TargetResource } $results = @{ - Identity = $instance.Identity - Ensure = 'Present' - Comments = $instance.Comments - Enabled = $instance.State -eq 'Enabled' + Identity = $instance.Identity + Ensure = 'Present' + Comments = $instance.Comments + Enabled = $instance.State -eq 'Enabled' ExceptIfRecipientDomainIs = $instance.ExceptIfRecipientDomainIs - ExceptIfSentTo = $instance.ExceptIfSentTo - ExceptIfSentToMemberOf = $instance.ExceptIfSentToMemberOf - Name = $instance.Name - Priority = $instance.Priority - RecipientDomainIs = $instance.RecipientDomainIs - SafeAttachmentPolicy = $instance.SafeAttachmentPolicy - SafeLinksPolicy = $instance.SafeLinksPolicy - SentTo = $instance.SentTo - SentToMemberOf = $instance.SentToMemberOf - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ExceptIfSentTo = $instance.ExceptIfSentTo + ExceptIfSentToMemberOf = $instance.ExceptIfSentToMemberOf + Name = $instance.Name + Priority = $instance.Priority + RecipientDomainIs = $instance.RecipientDomainIs + SafeAttachmentPolicy = $instance.SafeAttachmentPolicy + SafeLinksPolicy = $instance.SafeLinksPolicy + SentTo = $instance.SentTo + SentToMemberOf = $instance.SentToMemberOf + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } @@ -269,11 +269,11 @@ function Set-TargetResource { if ($currentInstance.SafeAttachmentPolicy -ne $SetParameters.SafeAttachmentPolicy) { - throw "SafeAttachmentPolicy cannot be changed after creation" + throw 'SafeAttachmentPolicy cannot be changed after creation' } if ($currentInstance.SafeLinksPolicy -ne $SetParameters.SafeLinksPolicy) { - throw "SafeLinksPolicy cannot be changed after creation" + throw 'SafeLinksPolicy cannot be changed after creation' } # Enabled state can only be changed by the Enabled/Disable-ATPProtectionPolicyRule cmdlets @@ -290,9 +290,9 @@ function Set-TargetResource } } - $SetParameters.Remove("SafeLinksPolicy") | Out-Null - $SetParameters.Remove("SafeAttachmentPolicy") | Out-Null - $SetParameters.Remove("Enabled") | Out-Null + $SetParameters.Remove('SafeLinksPolicy') | Out-Null + $SetParameters.Remove('SafeAttachmentPolicy') | Out-Null + $SetParameters.Remove('Enabled') | Out-Null Set-ATPProtectionPolicyRule @SetParameters } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAvailabilityConfig/MSFT_EXOAvailabilityConfig.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAvailabilityConfig/MSFT_EXOAvailabilityConfig.psm1 index 7050ec3891..157d4fe455 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAvailabilityConfig/MSFT_EXOAvailabilityConfig.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAvailabilityConfig/MSFT_EXOAvailabilityConfig.psm1 @@ -358,7 +358,7 @@ function Export-TargetResource return '' } - $OrgWideValue = "NotConfigured" + $OrgWideValue = 'NotConfigured' if ($null -ne $AvailabilityConfig.OrgWideAccount) { $user = Get-User -Identity $AvailabilityConfig.OrgWideAccount.ToString() diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCASMailboxSettings/MSFT_EXOCASMailboxSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCASMailboxSettings/MSFT_EXOCASMailboxSettings.psm1 index 7dd5b109f6..5f3372dc52 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCASMailboxSettings/MSFT_EXOCASMailboxSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCASMailboxSettings/MSFT_EXOCASMailboxSettings.psm1 @@ -216,7 +216,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $mailboxCasSettings = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $mailboxCasSettings = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/MSFT_EXOCalendarProcessing.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/MSFT_EXOCalendarProcessing.psm1 index 5ece0f3e50..724df67a64 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/MSFT_EXOCalendarProcessing.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/MSFT_EXOCalendarProcessing.psm1 @@ -45,17 +45,17 @@ function Get-TargetResource $AllRequestOutOfPolicy, [Parameter()] - [ValidateSet("None", "AutoUpdate", "AutoAccept")] + [ValidateSet('None', 'AutoUpdate', 'AutoAccept')] [System.String] $AutomateProcessing, [Parameter()] - [ValidateSet("Standard", "Reserved")] + [ValidateSet('Standard', 'Reserved')] [System.String] $BookingType, [Parameter()] - [ValidateRange(0,1080)] + [ValidateRange(0, 1080)] [System.UInt32] $BookingWindowInDays = 180, @@ -381,17 +381,17 @@ function Set-TargetResource $AllRequestOutOfPolicy, [Parameter()] - [ValidateSet("None", "AutoUpdate", "AutoAccept")] + [ValidateSet('None', 'AutoUpdate', 'AutoAccept')] [System.String] $AutomateProcessing, [Parameter()] - [ValidateSet("Standard", "Reserved")] + [ValidateSet('Standard', 'Reserved')] [System.String] $BookingType, [Parameter()] - [ValidateRange(0,1080)] + [ValidateRange(0, 1080)] [System.UInt32] $BookingWindowInDays = 180, @@ -564,15 +564,15 @@ function Set-TargetResource -InboundParameters $PSBoundParameters $UpdateParameters = ([Hashtable]$PSBoundParameters).Clone() - $UpdateParameters.Remove("Ensure") | Out-Null - $UpdateParameters.Remove("Credential") | Out-Null - $UpdateParameters.Remove("ApplicationId") | Out-Null - $UpdateParameters.Remove("TenantId") | Out-Null - $UpdateParameters.Remove("CertificateThumbprint") | Out-Null - $UpdateParameters.Remove("ApplicationSecret") | Out-Null - $UpdateParameters.Remove("CertificatePath") | Out-Null - $UpdateParameters.Remove("CertificatePassword") | Out-Null - $UpdateParameters.Remove("ManagedIdentity") | Out-Null + $UpdateParameters.Remove('Ensure') | Out-Null + $UpdateParameters.Remove('Credential') | Out-Null + $UpdateParameters.Remove('ApplicationId') | Out-Null + $UpdateParameters.Remove('TenantId') | Out-Null + $UpdateParameters.Remove('CertificateThumbprint') | Out-Null + $UpdateParameters.Remove('ApplicationSecret') | Out-Null + $UpdateParameters.Remove('CertificatePath') | Out-Null + $UpdateParameters.Remove('CertificatePassword') | Out-Null + $UpdateParameters.Remove('ManagedIdentity') | Out-Null $UpdateParameters.Remove('AccessTokens') | Out-Null # Some parameters can only be applied to Resource Mailboxes @@ -581,14 +581,14 @@ function Set-TargetResource $mailbox = Get-Mailbox $UpdateParameters.Identity if ($mailbox.RecipientTypeDetails -ne 'EquipmentMailbox' -and $mailbox.RecipientTypeDetails -ne 'RoomMailbox') { - Write-Verbose -Message "Removing the AddNewRequestsTentatively parameter because the mailbox is not a resource one." - $UpdateParameters.Remove("AddNewRequestsTentatively") | Out-Null + Write-Verbose -Message 'Removing the AddNewRequestsTentatively parameter because the mailbox is not a resource one.' + $UpdateParameters.Remove('AddNewRequestsTentatively') | Out-Null - Write-Verbose -Message "Removing the BookingType parameter because the mailbox is not a resource one." - $UpdateParameters.Remove("BookingType") | Out-Null + Write-Verbose -Message 'Removing the BookingType parameter because the mailbox is not a resource one.' + $UpdateParameters.Remove('BookingType') | Out-Null - Write-Verbose -Message "Removing the ProcessExternalMeetingMessages parameter because the mailbox is not a resource one." - $UpdateParameters.Remove("ProcessExternalMeetingMessages") | Out-Null + Write-Verbose -Message 'Removing the ProcessExternalMeetingMessages parameter because the mailbox is not a resource one.' + $UpdateParameters.Remove('ProcessExternalMeetingMessages') | Out-Null } } @@ -642,17 +642,17 @@ function Test-TargetResource $AllRequestOutOfPolicy, [Parameter()] - [ValidateSet("None", "AutoUpdate", "AutoAccept")] + [ValidateSet('None', 'AutoUpdate', 'AutoAccept')] [System.String] $AutomateProcessing, [Parameter()] - [ValidateSet("Standard", "Reserved")] + [ValidateSet('Standard', 'Reserved')] [System.String] $BookingType, [Parameter()] - [ValidateRange(0,1080)] + [ValidateRange(0, 1080)] [System.UInt32] $BookingWindowInDays = 180, diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/settings.json index 7fc3b9d5d9..8a7b393ceb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/settings.json @@ -26,8 +26,8 @@ "Recipient Management" ], "requiredrolegroups": [ - "Organization Management", - "Help Desk" + "Organization Management", + "Help Desk" ] } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataAtRestEncryptionPolicy/MSFT_EXODataAtRestEncryptionPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataAtRestEncryptionPolicy/MSFT_EXODataAtRestEncryptionPolicy.psm1 index 6ab0724f54..841b9f66f8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataAtRestEncryptionPolicy/MSFT_EXODataAtRestEncryptionPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataAtRestEncryptionPolicy/MSFT_EXODataAtRestEncryptionPolicy.psm1 @@ -72,7 +72,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity.Name -eq $Identity} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity.Name -eq $Identity } } else { @@ -84,18 +84,18 @@ function Get-TargetResource } $results = @{ - Identity = $Identity - Description = [System.String]$instance.Description - Enabled = [System.Boolean]$instance.Enabled - Name = [System.String]$instance.Name - AzureKeyIDs = [System.String[]]$instance.AzureKeyIDs - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Identity = $Identity + Description = [System.String]$instance.Description + Enabled = [System.Boolean]$instance.Enabled + Name = [System.String]$instance.Name + AzureKeyIDs = [System.String[]]$instance.AzureKeyIDs + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } @@ -197,7 +197,7 @@ function Set-TargetResource } elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { - Write-Warning "Removal of M365DataAtRestEncryptionPolicy is not supported." + Write-Warning 'Removal of M365DataAtRestEncryptionPolicy is not supported.' } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataAtRestEncryptionPolicyAssignment/MSFT_EXODataAtRestEncryptionPolicyAssignment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataAtRestEncryptionPolicyAssignment/MSFT_EXODataAtRestEncryptionPolicyAssignment.psm1 index 2291d653d2..dd27fd2550 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataAtRestEncryptionPolicyAssignment/MSFT_EXODataAtRestEncryptionPolicyAssignment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataAtRestEncryptionPolicyAssignment/MSFT_EXODataAtRestEncryptionPolicyAssignment.psm1 @@ -7,7 +7,7 @@ [Parameter()] [System.String] $DataEncryptionPolicy, - + [Parameter(Mandatory = $true)] [System.String] $IsSingleInstance, @@ -59,14 +59,14 @@ } $results = @{ - DataEncryptionPolicy = [System.String]$instance.Name - IsSingleInstance = 'Yes' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + DataEncryptionPolicy = [System.String]$instance.Name + IsSingleInstance = 'Yes' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } @@ -90,7 +90,7 @@ function Set-TargetResource [Parameter()] [System.String] $DataEncryptionPolicy, - + [Parameter(Mandatory = $true)] [System.String] $IsSingleInstance, @@ -148,7 +148,7 @@ function Test-TargetResource [Parameter()] [System.String] $DataEncryptionPolicy, - + [Parameter(Mandatory = $true)] [System.String] $IsSingleInstance, diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataClassification/MSFT_EXODataClassification.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataClassification/MSFT_EXODataClassification.psm1 index 8c5183e113..6e42aebac8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataClassification/MSFT_EXODataClassification.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXODataClassification/MSFT_EXODataClassification.psm1 @@ -98,7 +98,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $DataClassification = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $DataClassification = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } else { @@ -259,7 +259,7 @@ function Set-TargetResource if (('Present' -eq $Ensure ) -and ($null -eq $DataClassification)) { - Write-Verbose -Message "Data Classification in Exchange Online are now deprecated in favor of Sensitive Information Types in Security and Compliance." + Write-Verbose -Message 'Data Classification in Exchange Online are now deprecated in favor of Sensitive Information Types in Security and Compliance.' } elseif (('Present' -eq $Ensure ) -and ($Null -ne $DataClassification)) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXODistributionGroup/MSFT_EXODistributionGroup.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXODistributionGroup/MSFT_EXODistributionGroup.psm1 index ac74ceb1bf..f758ab9a57 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXODistributionGroup/MSFT_EXODistributionGroup.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXODistributionGroup/MSFT_EXODistributionGroup.psm1 @@ -253,14 +253,14 @@ function Get-TargetResource { if ($null -ne $PrimarySmtpAddress) { - $distributionGroup = $Script:exportedInstances | Where-Object -FilterScript {$_.PrimarySmtpAddress -eq $PrimarySmtpAddress} + $distributionGroup = $Script:exportedInstances | Where-Object -FilterScript { $_.PrimarySmtpAddress -eq $PrimarySmtpAddress } $distributionGroupMembers = Get-DistributionGroupMember -Identity $PrimarySmtpAddress ` -ErrorAction 'Stop' ` -ResultSize 'Unlimited' } else { - $distributionGroup = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $distributionGroup = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } $distributionGroupMembers = Get-DistributionGroupMember -Identity $Identity ` -ErrorAction 'Stop' ` -ResultSize 'Unlimited' @@ -338,58 +338,58 @@ function Get-TargetResource } } $result = @{ - Identity = $distributionGroup.Identity - Alias = $distributionGroup.Alias - BccBlocked = $distributionGroup.BccBlocked - BypassNestedModerationEnabled = $distributionGroup.BypassNestedModerationEnabled - Description = $descriptionValue - DisplayName = $distributionGroup.DisplayName - HiddenGroupMembershipEnabled = $distributionGroup.HiddenGroupMembershipEnabled - ManagedBy = $ManagedByValue - MemberDepartRestriction = $distributionGroup.MemberDepartRestriction - MemberJoinRestriction = $distributionGroup.MemberJoinRestriction - Members = $distributionGroupMembers.Name - ModeratedBy = $ModeratedByValue - ModerationEnabled = $distributionGroup.ModerationEnabled - Name = $distributionGroup.Name - Notes = $distributionGroup.Notes - OrganizationalUnit = $distributionGroup.OrganizationalUnit - PrimarySmtpAddress = $distributionGroup.PrimarySmtpAddress - RequireSenderAuthenticationEnabled = $distributionGroup.RequireSenderAuthenticationEnabled - RoomList = $distributionGroup.RoomList - SendModerationNotifications = $distributionGroup.SendModerationNotifications - AcceptMessagesOnlyFrom = [Array]$distributionGroup.AcceptMessagesOnlyFrom - AcceptMessagesOnlyFromDLMembers = [Array]$distributionGroup.AcceptMessagesOnlyFromDLMembers - AcceptMessagesOnlyFromSendersOrMembers = [Array]$distributionGroup.AcceptMessagesOnlyFromSendersOrMembers - CustomAttribute1 = $distributionGroup.CustomAttribute1 - CustomAttribute2 = $distributionGroup.CustomAttribute2 - CustomAttribute3 = $distributionGroup.CustomAttribute3 - CustomAttribute4 = $distributionGroup.CustomAttribute4 - CustomAttribute5 = $distributionGroup.CustomAttribute5 - CustomAttribute6 = $distributionGroup.CustomAttribute6 - CustomAttribute7 = $distributionGroup.CustomAttribute7 - CustomAttribute8 = $distributionGroup.CustomAttribute8 - CustomAttribute9 = $distributionGroup.CustomAttribute9 - CustomAttribute10 = $distributionGroup.CustomAttribute10 - CustomAttribute11 = $distributionGroup.CustomAttribute11 - CustomAttribute12 = $distributionGroup.CustomAttribute12 - CustomAttribute13 = $distributionGroup.CustomAttribute13 - CustomAttribute14 = $distributionGroup.CustomAttribute14 - CustomAttribute15 = $distributionGroup.CustomAttribute15 - EmailAddresses = [Array]$distributionGroup.EmailAddresses - GrantSendOnBehalfTo = [Array]$distributionGroup.GrantSendOnBehalfTo - HiddenFromAddressListsEnabled = [Boolean]$distributionGroup.HiddenFromAddressListsEnabled - SendOofMessageToOriginatorEnabled = [Boolean]$distributionGroup.SendOofMessageToOriginatorEnabled - Type = $groupTypeValue - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword - Managedidentity = $ManagedIdentity.IsPresent - TenantId = $TenantId - AccessTokens = $AccessTokens + Identity = $distributionGroup.Identity + Alias = $distributionGroup.Alias + BccBlocked = $distributionGroup.BccBlocked + BypassNestedModerationEnabled = $distributionGroup.BypassNestedModerationEnabled + Description = $descriptionValue + DisplayName = $distributionGroup.DisplayName + HiddenGroupMembershipEnabled = $distributionGroup.HiddenGroupMembershipEnabled + ManagedBy = $ManagedByValue + MemberDepartRestriction = $distributionGroup.MemberDepartRestriction + MemberJoinRestriction = $distributionGroup.MemberJoinRestriction + Members = $distributionGroupMembers.Name + ModeratedBy = $ModeratedByValue + ModerationEnabled = $distributionGroup.ModerationEnabled + Name = $distributionGroup.Name + Notes = $distributionGroup.Notes + OrganizationalUnit = $distributionGroup.OrganizationalUnit + PrimarySmtpAddress = $distributionGroup.PrimarySmtpAddress + RequireSenderAuthenticationEnabled = $distributionGroup.RequireSenderAuthenticationEnabled + RoomList = $distributionGroup.RoomList + SendModerationNotifications = $distributionGroup.SendModerationNotifications + AcceptMessagesOnlyFrom = [Array]$distributionGroup.AcceptMessagesOnlyFrom + AcceptMessagesOnlyFromDLMembers = [Array]$distributionGroup.AcceptMessagesOnlyFromDLMembers + AcceptMessagesOnlyFromSendersOrMembers = [Array]$distributionGroup.AcceptMessagesOnlyFromSendersOrMembers + CustomAttribute1 = $distributionGroup.CustomAttribute1 + CustomAttribute2 = $distributionGroup.CustomAttribute2 + CustomAttribute3 = $distributionGroup.CustomAttribute3 + CustomAttribute4 = $distributionGroup.CustomAttribute4 + CustomAttribute5 = $distributionGroup.CustomAttribute5 + CustomAttribute6 = $distributionGroup.CustomAttribute6 + CustomAttribute7 = $distributionGroup.CustomAttribute7 + CustomAttribute8 = $distributionGroup.CustomAttribute8 + CustomAttribute9 = $distributionGroup.CustomAttribute9 + CustomAttribute10 = $distributionGroup.CustomAttribute10 + CustomAttribute11 = $distributionGroup.CustomAttribute11 + CustomAttribute12 = $distributionGroup.CustomAttribute12 + CustomAttribute13 = $distributionGroup.CustomAttribute13 + CustomAttribute14 = $distributionGroup.CustomAttribute14 + CustomAttribute15 = $distributionGroup.CustomAttribute15 + EmailAddresses = [Array]$distributionGroup.EmailAddresses + GrantSendOnBehalfTo = [Array]$distributionGroup.GrantSendOnBehalfTo + HiddenFromAddressListsEnabled = [Boolean]$distributionGroup.HiddenFromAddressListsEnabled + SendOofMessageToOriginatorEnabled = [Boolean]$distributionGroup.SendOofMessageToOriginatorEnabled + Type = $groupTypeValue + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + Managedidentity = $ManagedIdentity.IsPresent + TenantId = $TenantId + AccessTokens = $AccessTokens } return $result diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEOPProtectionPolicyRule/MSFT_EXOEOPProtectionPolicyRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEOPProtectionPolicyRule/MSFT_EXOEOPProtectionPolicyRule.psm1 index 8dc09444f3..eccf55db00 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEOPProtectionPolicyRule/MSFT_EXOEOPProtectionPolicyRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEOPProtectionPolicyRule/MSFT_EXOEOPProtectionPolicyRule.psm1 @@ -239,7 +239,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { #following Microsoft recommendation, we will not create new EOPProtectionPolicyRule, instead we will enable the rule if not already done - Write-Verbose -Message "We not create new EOPProtectionPolicyRule if it is not present" + Write-Verbose -Message 'We not create new EOPProtectionPolicyRule if it is not present' } elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { @@ -259,9 +259,9 @@ function Set-TargetResource } } - if($currentInstance.State -ne $State) + if ($currentInstance.State -ne $State) { - if($State -eq 'Enabled') + if ($State -eq 'Enabled') { Enable-EOPProtectionPolicyRule -Identity $Identity } @@ -276,7 +276,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { #following Microsoft recommendation, we will not remove EOPProtectionPolicyRules. - Write-Verbose -Message "We will not remove EOPProtectionPolicyRules" + Write-Verbose -Message 'We will not remove EOPProtectionPolicyRules' } } @@ -401,7 +401,7 @@ function Test-TargetResource { switch -regex ($key) { - "^ExceptIf\w+$|^RecipientDomainIs$|^SentTo(\w+)?$" + '^ExceptIf\w+$|^RecipientDomainIs$|^SentTo(\w+)?$' { $CurrentValues[$key] = @() break @@ -455,7 +455,7 @@ function Export-TargetResource $AccessTokens ) - $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` -InboundParameters $PSBoundParameters #Ensure the proper dependencies are installed in the current environment. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEOPProtectionPolicyRule/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEOPProtectionPolicyRule/settings.json index e54bf36221..37932ff284 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEOPProtectionPolicyRule/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEOPProtectionPolicyRule/settings.json @@ -28,5 +28,4 @@ "requiredrolegroups": [] } } - } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEmailTenantSettings/MSFT_EXOEmailTenantSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEmailTenantSettings/MSFT_EXOEmailTenantSettings.psm1 index dd5a345ee6..56e14f7bfa 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEmailTenantSettings/MSFT_EXOEmailTenantSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEmailTenantSettings/MSFT_EXOEmailTenantSettings.psm1 @@ -95,20 +95,20 @@ function Get-TargetResource $EmailTenantSettings = Get-EmailTenantSettings -ErrorAction Stop $result = @{ - IsSingleInstance = 'Yes' - Identity = $EmailTenantSettings.Identity - EnablePriorityAccountProtection = $EmailTenantSettings.EnablePriorityAccountProtection - Name = $EmailTenantSettings.Name - IsValid = $EmailTenantSettings.IsValid - ObjectState = $EmailTenantSettings.ObjectState - Credential = $Credential - ApplicationId = $ApplicationId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword - Managedidentity = $ManagedIdentity.IsPresent - TenantId = $TenantId - AccessTokens = $AccessTokens + IsSingleInstance = 'Yes' + Identity = $EmailTenantSettings.Identity + EnablePriorityAccountProtection = $EmailTenantSettings.EnablePriorityAccountProtection + Name = $EmailTenantSettings.Name + IsValid = $EmailTenantSettings.IsValid + ObjectState = $EmailTenantSettings.ObjectState + Credential = $Credential + ApplicationId = $ApplicationId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + Managedidentity = $ManagedIdentity.IsPresent + TenantId = $TenantId + AccessTokens = $AccessTokens } Write-Verbose -Message 'Found Email Tenant Settings config ' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEmailTenantSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEmailTenantSettings/settings.json index a3fb9d4fcf..94d8b30f01 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEmailTenantSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOEmailTenantSettings/settings.json @@ -26,8 +26,8 @@ "Security Reader" ], "requiredrolegroups": [ - "Organization Management", - "Security Administrator" + "Organization Management", + "Security Administrator" ] } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOExternalInOutlook/MSFT_EXOExternalInOutlook.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOExternalInOutlook/MSFT_EXOExternalInOutlook.psm1 index 053b3e4bff..357c749b31 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOExternalInOutlook/MSFT_EXOExternalInOutlook.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOExternalInOutlook/MSFT_EXOExternalInOutlook.psm1 @@ -166,11 +166,11 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { - Write-Verbose -Message "The setting cannot be created, it can only be enabled or disabled." + Write-Verbose -Message 'The setting cannot be created, it can only be enabled or disabled.' } elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { - Write-Verbose -Message "Updating the settings for ExternalInOutlook." + Write-Verbose -Message 'Updating the settings for ExternalInOutlook.' $UpdateParameters = ([Hashtable]$BoundParameters).Clone() $UpdateParameters.Remove('Verbose') | Out-Null @@ -190,7 +190,7 @@ function Set-TargetResource } elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { - Write-Verbose -Message "The setting cannot be removed, it can only be enabled or disabled." + Write-Verbose -Message 'The setting cannot be removed, it can only be enabled or disabled.' } } @@ -324,7 +324,7 @@ function Export-TargetResource $AccessTokens ) - $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` -InboundParameters $PSBoundParameters #Ensure the proper dependencies are installed in the current environment. @@ -362,14 +362,14 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $($config.Identity)" -NoNewline $params = @{ - Identity = $config.Identity - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret - AccessTokens = $AccessTokens + Identity = $config.Identity + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOExternalInOutlook/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOExternalInOutlook/settings.json index 7e639c9df4..3c02f8c7fc 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOExternalInOutlook/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOExternalInOutlook/settings.json @@ -29,5 +29,4 @@ "requiredrolegroups": [] } } - } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/MSFT_EXOFocusedInbox.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/MSFT_EXOFocusedInbox.psm1 index c424b4364e..688d2e49ec 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/MSFT_EXOFocusedInbox.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/MSFT_EXOFocusedInbox.psm1 @@ -65,23 +65,23 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' try { - $instance = Get-FocusedInbox -Identity $Identity + $instance = Get-FocusedInbox -Identity $Identity if ($null -eq $instance) { return $nullResult } $results = @{ - Identity = $Identity - FocusedInboxOn = [Boolean]$instance.FocusedInboxOn + Identity = $Identity + FocusedInboxOn = [Boolean]$instance.FocusedInboxOn FocusedInboxOnLastUpdateTime = [DateTime]$instance.FocusedInboxOnLastUpdateTime - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } @@ -160,7 +160,7 @@ function Set-TargetResource $setParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters - $SetParameters.Remove("FocusedInboxOnLastUpdateTime") | Out-Null + $SetParameters.Remove('FocusedInboxOnLastUpdateTime') | Out-Null Set-FocusedInbox @SetParameters } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/readme.md index 0212dc7bb0..c2e49a3cd2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/readme.md +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/readme.md @@ -1,5 +1,5 @@ -# EXOFocusedInbox +# EXOFocusedInbox ## Description Manage the Focused Inbox configuration for mailboxes in your organization. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/settings.json index 5421220128..d61f35ed81 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOFocusedInbox/settings.json @@ -26,8 +26,8 @@ "Recipient Management" ], "requiredrolegroups": [ - "Organization Management", - "Help Desk" + "Organization Management", + "Help Desk" ] } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOGroupSettings/MSFT_EXOGroupSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOGroupSettings/MSFT_EXOGroupSettings.psm1 index 3c23ad0ce7..f1a55013b8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOGroupSettings/MSFT_EXOGroupSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOGroupSettings/MSFT_EXOGroupSettings.psm1 @@ -281,7 +281,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - [Array]$group = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + [Array]$group = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.psm1 index 971ba90f42..7886c18717 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterPolicy/MSFT_EXOHostedContentFilterPolicy.psm1 @@ -323,20 +323,24 @@ function Get-TargetResource [System.String[]]$AllowedSendersValues = $HostedContentFilterPolicy.AllowedSenders.Sender | Select-Object Address -ExpandProperty Address [System.String[]]$BlockedSendersValues = $HostedContentFilterPolicy.BlockedSenders.Sender | Select-Object Address -ExpandProperty Address # Check if the values are null and assign them an empty string array if they are - if ($null -eq $AllowedSendersValues) { + if ($null -eq $AllowedSendersValues) + { $AllowedSendersValues = @() } - if ($null -eq $BlockedSendersValues) { + if ($null -eq $BlockedSendersValues) + { $BlockedSendersValues = @() } [System.String[]]$AllowedSenderDomains = $HostedContentFilterPolicy.AllowedSenderDomains.Domain [System.String[]]$BlockedSenderDomains = $HostedContentFilterPolicy.BlockedSenderDomains.Domain # Check if the values are null and assign them an empty string array if they are - if ($null -eq $AllowedSenderDomains) { + if ($null -eq $AllowedSenderDomains) + { $AllowedSenderDomains = @() } - if ($null -eq $BlockedSenderDomains) { + if ($null -eq $BlockedSenderDomains) + { $BlockedSenderDomains = @() } $result = @{ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterRule/MSFT_EXOHostedContentFilterRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterRule/MSFT_EXOHostedContentFilterRule.psm1 index 2adf454d92..d298fba963 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterRule/MSFT_EXOHostedContentFilterRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOHostedContentFilterRule/MSFT_EXOHostedContentFilterRule.psm1 @@ -126,7 +126,7 @@ function Get-TargetResource { Write-Verbose -Message "Couldn't find rule by ID, trying by name." $rules = Get-HostedContentFilterRule - $HostedContentFilterRule = $rules | Where-Object -FilterScript {$_.Name -eq $Identity -and $_.HostedContentFilterPolicy -eq $HostedContentFilterPolicy} + $HostedContentFilterRule = $rules | Where-Object -FilterScript { $_.Name -eq $Identity -and $_.HostedContentFilterPolicy -eq $HostedContentFilterPolicy } } catch { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailTips/MSFT_EXOMailTips.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailTips/MSFT_EXOMailTips.psm1 index 5b87fb95ac..bdcd3a337f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailTips/MSFT_EXOMailTips.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailTips/MSFT_EXOMailTips.psm1 @@ -62,7 +62,7 @@ function Get-TargetResource $AccessTokens ) - Write-Verbose -Message "Getting configuration of Mailtips" + Write-Verbose -Message 'Getting configuration of Mailtips' if ($Global:CurrentModeIsExport) { $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` @@ -194,7 +194,7 @@ function Set-TargetResource $AccessTokens ) - Write-Verbose -Message "Setting configuration of Mailtips" + Write-Verbose -Message 'Setting configuration of Mailtips' #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -322,7 +322,7 @@ function Test-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Testing configuration of Mailtips" + Write-Verbose -Message 'Testing configuration of Mailtips' $CurrentValues = Get-TargetResource @PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAuditBypassAssociation/MSFT_EXOMailboxAuditBypassAssociation.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAuditBypassAssociation/MSFT_EXOMailboxAuditBypassAssociation.psm1 index 0d2fc291bf..022c062b4b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAuditBypassAssociation/MSFT_EXOMailboxAuditBypassAssociation.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAuditBypassAssociation/MSFT_EXOMailboxAuditBypassAssociation.psm1 @@ -57,7 +57,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAutoReplyConfiguration/MSFT_EXOMailboxAutoReplyConfiguration.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAutoReplyConfiguration/MSFT_EXOMailboxAutoReplyConfiguration.psm1 index e5dfa230d6..efec5952df 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAutoReplyConfiguration/MSFT_EXOMailboxAutoReplyConfiguration.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAutoReplyConfiguration/MSFT_EXOMailboxAutoReplyConfiguration.psm1 @@ -46,7 +46,7 @@ function Get-TargetResource $EventsToDeleteIDs, [Parameter()] - [ValidateSet('None', 'Known','All')] + [ValidateSet('None', 'Known', 'All')] [System.String] $ExternalAudience, @@ -235,7 +235,7 @@ function Set-TargetResource $EventsToDeleteIDs, [Parameter()] - [ValidateSet('None', 'Known','All')] + [ValidateSet('None', 'Known', 'All')] [System.String] $ExternalAudience, @@ -372,7 +372,7 @@ function Test-TargetResource $EventsToDeleteIDs, [Parameter()] - [ValidateSet('None', 'Known','All')] + [ValidateSet('None', 'Known', 'All')] [System.String] $ExternalAudience, diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/MSFT_EXOMailboxCalendarConfiguration.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/MSFT_EXOMailboxCalendarConfiguration.psm1 index 4e64667fca..e248580ae4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/MSFT_EXOMailboxCalendarConfiguration.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/MSFT_EXOMailboxCalendarConfiguration.psm1 @@ -229,60 +229,60 @@ function Get-TargetResource if ($null -eq $config) { - return $nullResult + return $nullResult } $results = @{ - Ensure = 'Present' - Identity = $Identity - AgendaMailIntroductionEnabled = $config.AgendaMailIntroductionEnabled - AutoDeclineWhenBusy = $config.AutoDeclineWhenBusy - CalendarFeedsPreferredLanguage = $config.CalendarFeedsPreferredLanguage - CalendarFeedsPreferredRegion = $config.CalendarFeedsPreferredRegion - CalendarFeedsRootPageId = $config.CalendarFeedsRootPageId - ConversationalSchedulingEnabled = $config.ConversationalSchedulingEnabled - CreateEventsFromEmailAsPrivate = $config.CreateEventsFromEmailAsPrivate - DefaultMinutesToReduceLongEventsBy = $config.DefaultMinutesToReduceLongEventsBy - DefaultMinutesToReduceShortEventsBy = $config.DefaultMinutesToReduceShortEventsBy - DefaultOnlineMeetingProvider = $config.DefaultOnlineMeetingProvider - DefaultReminderTime = $config.DefaultReminderTime - DeleteMeetingRequestOnRespond = $config.DeleteMeetingRequestOnRespond - DiningEventsFromEmailEnabled = $config.DiningEventsFromEmailEnabled - EntertainmentEventsFromEmailEnabled = $config.EntertainmentEventsFromEmailEnabled - EventsFromEmailEnabled = $config.EventsFromEmailEnabled - FirstWeekOfYear = $config.FirstWeekOfYear - FlightEventsFromEmailEnabled = $config.FlightEventsFromEmailEnabled - HotelEventsFromEmailEnabled = $config.HotelEventsFromEmailEnabled - InvoiceEventsFromEmailEnabled = $config.InvoiceEventsFromEmailEnabled - LocationDetailsInFreeBusy = $config.LocationDetailsInFreeBusy - MailboxLocation = $config.MailboxLocation - OnlineMeetingsByDefaultEnabled = $config.OnlineMeetingsByDefaultEnabled - PackageDeliveryEventsFromEmailEnabled = $config.PackageDeliveryEventsFromEmailEnabled - PreserveDeclinedMeetings = $config.PreserveDeclinedMeetings - RemindersEnabled = $config.RemindersEnabled - ReminderSoundEnabled = $config.ReminderSoundEnabled - RentalCarEventsFromEmailEnabled = $config.RentalCarEventsFromEmailEnabled + Ensure = 'Present' + Identity = $Identity + AgendaMailIntroductionEnabled = $config.AgendaMailIntroductionEnabled + AutoDeclineWhenBusy = $config.AutoDeclineWhenBusy + CalendarFeedsPreferredLanguage = $config.CalendarFeedsPreferredLanguage + CalendarFeedsPreferredRegion = $config.CalendarFeedsPreferredRegion + CalendarFeedsRootPageId = $config.CalendarFeedsRootPageId + ConversationalSchedulingEnabled = $config.ConversationalSchedulingEnabled + CreateEventsFromEmailAsPrivate = $config.CreateEventsFromEmailAsPrivate + DefaultMinutesToReduceLongEventsBy = $config.DefaultMinutesToReduceLongEventsBy + DefaultMinutesToReduceShortEventsBy = $config.DefaultMinutesToReduceShortEventsBy + DefaultOnlineMeetingProvider = $config.DefaultOnlineMeetingProvider + DefaultReminderTime = $config.DefaultReminderTime + DeleteMeetingRequestOnRespond = $config.DeleteMeetingRequestOnRespond + DiningEventsFromEmailEnabled = $config.DiningEventsFromEmailEnabled + EntertainmentEventsFromEmailEnabled = $config.EntertainmentEventsFromEmailEnabled + EventsFromEmailEnabled = $config.EventsFromEmailEnabled + FirstWeekOfYear = $config.FirstWeekOfYear + FlightEventsFromEmailEnabled = $config.FlightEventsFromEmailEnabled + HotelEventsFromEmailEnabled = $config.HotelEventsFromEmailEnabled + InvoiceEventsFromEmailEnabled = $config.InvoiceEventsFromEmailEnabled + LocationDetailsInFreeBusy = $config.LocationDetailsInFreeBusy + MailboxLocation = $config.MailboxLocation + OnlineMeetingsByDefaultEnabled = $config.OnlineMeetingsByDefaultEnabled + PackageDeliveryEventsFromEmailEnabled = $config.PackageDeliveryEventsFromEmailEnabled + PreserveDeclinedMeetings = $config.PreserveDeclinedMeetings + RemindersEnabled = $config.RemindersEnabled + ReminderSoundEnabled = $config.ReminderSoundEnabled + RentalCarEventsFromEmailEnabled = $config.RentalCarEventsFromEmailEnabled ServiceAppointmentEventsFromEmailEnabled = $config.ServiceAppointmentEventsFromEmailEnabled - ShortenEventScopeDefault = $config.ShortenEventScopeDefault - ShowWeekNumbers = $config.ShowWeekNumbers - TimeIncrement = $config.TimeIncrement - UseBrightCalendarColorThemeInOwa = $config.UseBrightCalendarColorThemeInOwa - WeatherEnabled = $config.WeatherEnabled - WeatherLocationBookmark = $config.WeatherLocationBookmark - WeatherLocations = [Array]$config.WeatherLocations - WeatherUnit = $config.WeatherUnit - WeekStartDay = $config.WeekStartDay - WorkDays = $config.WorkDays - WorkingHoursEndTime = $config.WorkingHoursEndTime - WorkingHoursStartTime = $config.WorkingHoursStartTime - WorkingHoursTimeZone = $config.WorkingHoursTimeZone - WorkspaceUserEnabled = $config.WorkspaceUserEnabled - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ShortenEventScopeDefault = $config.ShortenEventScopeDefault + ShowWeekNumbers = $config.ShowWeekNumbers + TimeIncrement = $config.TimeIncrement + UseBrightCalendarColorThemeInOwa = $config.UseBrightCalendarColorThemeInOwa + WeatherEnabled = $config.WeatherEnabled + WeatherLocationBookmark = $config.WeatherLocationBookmark + WeatherLocations = [Array]$config.WeatherLocations + WeatherUnit = $config.WeatherUnit + WeekStartDay = $config.WeekStartDay + WorkDays = $config.WorkDays + WorkingHoursEndTime = $config.WorkingHoursEndTime + WorkingHoursStartTime = $config.WorkingHoursStartTime + WorkingHoursTimeZone = $config.WorkingHoursTimeZone + WorkspaceUserEnabled = $config.WorkspaceUserEnabled + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/readme.md index 5f4846dd1e..198a5c8768 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/readme.md +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/readme.md @@ -3,4 +3,4 @@ ## Description -This resource allows users to manage mailbox calendar settings. +This resource allows users to manage mailbox calendar settings. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/settings.json index f9832ee223..680a76a258 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarConfiguration/settings.json @@ -26,8 +26,8 @@ "Recipient Management" ], "requiredrolegroups": [ - "Organization Management", - "Help Desk" + "Organization Management", + "Help Desk" ] } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/MSFT_EXOMailboxCalendarFolder.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/MSFT_EXOMailboxCalendarFolder.psm1 index 88cdf82dde..516b16d47d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/MSFT_EXOMailboxCalendarFolder.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/MSFT_EXOMailboxCalendarFolder.psm1 @@ -9,17 +9,17 @@ function Get-TargetResource $Identity, [Parameter()] - [ValidateSet("AvailabilityOnly", "LimitedDetails", "FullDetails")] + [ValidateSet('AvailabilityOnly', 'LimitedDetails', 'FullDetails')] [System.String] - $DetailLevel = "AvailabilityOnly", + $DetailLevel = 'AvailabilityOnly', [Parameter()] - [ValidateSet("OneDay", "ThreeDays", "OneWeek", "OneMonth", "ThreeMonths", "SixMonths", "OneYear")] + [ValidateSet('OneDay', 'ThreeDays', 'OneWeek', 'OneMonth', 'ThreeMonths', 'SixMonths', 'OneYear')] [System.String] - $PublishDateRangeFrom = "ThreeMonths", + $PublishDateRangeFrom = 'ThreeMonths', [Parameter()] - [ValidateSet("OneDay", "ThreeDays", "OneWeek", "OneMonth", "ThreeMonths", "SixMonths", "OneYear")] + [ValidateSet('OneDay', 'ThreeDays', 'OneWeek', 'OneMonth', 'ThreeMonths', 'SixMonths', 'OneYear')] [System.String] $PublishDateRangeTo, @@ -154,17 +154,17 @@ function Set-TargetResource $Identity, [Parameter()] - [ValidateSet("AvailabilityOnly", "LimitedDetails", "FullDetails")] + [ValidateSet('AvailabilityOnly', 'LimitedDetails', 'FullDetails')] [System.String] - $DetailLevel = "AvailabilityOnly", + $DetailLevel = 'AvailabilityOnly', [Parameter()] - [ValidateSet("OneDay", "ThreeDays", "OneWeek", "OneMonth", "ThreeMonths", "SixMonths", "OneYear")] + [ValidateSet('OneDay', 'ThreeDays', 'OneWeek', 'OneMonth', 'ThreeMonths', 'SixMonths', 'OneYear')] [System.String] - $PublishDateRangeFrom = "ThreeMonths", + $PublishDateRangeFrom = 'ThreeMonths', [Parameter()] - [ValidateSet("OneDay", "ThreeDays", "OneWeek", "OneMonth", "ThreeMonths", "SixMonths", "OneYear")] + [ValidateSet('OneDay', 'ThreeDays', 'OneWeek', 'OneMonth', 'ThreeMonths', 'SixMonths', 'OneYear')] [System.String] $PublishDateRangeTo, @@ -238,15 +238,15 @@ function Set-TargetResource -InboundParameters $PSBoundParameters $UpdateParameters = ([Hashtable]$PSBoundParameters).Clone() - $UpdateParameters.Remove("Ensure") | Out-Null - $UpdateParameters.Remove("Credential") | Out-Null - $UpdateParameters.Remove("ApplicationId") | Out-Null - $UpdateParameters.Remove("TenantId") | Out-Null - $UpdateParameters.Remove("CertificateThumbprint") | Out-Null - $UpdateParameters.Remove("ApplicationSecret") | Out-Null - $UpdateParameters.Remove("CertificatePath") | Out-Null - $UpdateParameters.Remove("CertificatePassword") | Out-Null - $UpdateParameters.Remove("ManagedIdentity") | Out-Null + $UpdateParameters.Remove('Ensure') | Out-Null + $UpdateParameters.Remove('Credential') | Out-Null + $UpdateParameters.Remove('ApplicationId') | Out-Null + $UpdateParameters.Remove('TenantId') | Out-Null + $UpdateParameters.Remove('CertificateThumbprint') | Out-Null + $UpdateParameters.Remove('ApplicationSecret') | Out-Null + $UpdateParameters.Remove('CertificatePath') | Out-Null + $UpdateParameters.Remove('CertificatePassword') | Out-Null + $UpdateParameters.Remove('ManagedIdentity') | Out-Null $UpdateParameters.Remove('AccessTokens') | Out-Null # The SharedCalendarSyncStartDate needs to be used by itself in a subsequent call. @@ -254,7 +254,7 @@ function Set-TargetResource { Write-Verbose -Message "Updating the Mailbox Calendar Folder SharedCalendarSyncStartDate property for {$Identity}" Set-MailboxCalendarFolder -Identity $Identity -SharedCalendarSyncStartDate $SharedCalendarSyncStartDate - $UpdateParameters.Remove("SharedCalendarSyncStartDate") | Out-Null + $UpdateParameters.Remove('SharedCalendarSyncStartDate') | Out-Null } Write-Verbose -Message "Updating the Mailbox Calendar Folder for {$Identity}" Set-MailboxCalendarFolder @UpdateParameters @@ -271,17 +271,17 @@ function Test-TargetResource $Identity, [Parameter()] - [ValidateSet("AvailabilityOnly", "LimitedDetails", "FullDetails")] + [ValidateSet('AvailabilityOnly', 'LimitedDetails', 'FullDetails')] [System.String] - $DetailLevel = "AvailabilityOnly", + $DetailLevel = 'AvailabilityOnly', [Parameter()] - [ValidateSet("OneDay", "ThreeDays", "OneWeek", "OneMonth", "ThreeMonths", "SixMonths", "OneYear")] + [ValidateSet('OneDay', 'ThreeDays', 'OneWeek', 'OneMonth', 'ThreeMonths', 'SixMonths', 'OneYear')] [System.String] - $PublishDateRangeFrom = "ThreeMonths", + $PublishDateRangeFrom = 'ThreeMonths', [Parameter()] - [ValidateSet("OneDay", "ThreeDays", "OneWeek", "OneMonth", "ThreeMonths", "SixMonths", "OneYear")] + [ValidateSet('OneDay', 'ThreeDays', 'OneWeek', 'OneMonth', 'ThreeMonths', 'SixMonths', 'OneYear')] [System.String] $PublishDateRangeTo, @@ -443,7 +443,7 @@ function Export-TargetResource } # Name of calendar folder depends on the language of the mailbox - $calendarFolderName = (Get-MailboxFolderStatistics -Identity $($mailbox.UserPrincipalName) -FolderScope Calendar | Where-Object {$_.FolderType -eq 'Calendar'}).Name + $calendarFolderName = (Get-MailboxFolderStatistics -Identity $($mailbox.UserPrincipalName) -FolderScope Calendar | Where-Object { $_.FolderType -eq 'Calendar' }).Name $folderPath = $mailbox.UserPrincipalName + ':\' + $calendarFolderName Write-Host " |---[$i/$($mailboxes.Count)] $($folderPath)" -NoNewline $Params = @{ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/settings.json index c656ab4211..6b34f17419 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/settings.json @@ -26,8 +26,8 @@ "Recipient Management" ], "requiredrolegroups": [ - "Organization Management", - "Help Desk" + "Organization Management", + "Help Desk" ] } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxFolderPermission/MSFT_EXOMailboxFolderPermission.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxFolderPermission/MSFT_EXOMailboxFolderPermission.psm1 index 21fcb822c9..a6bc9679bd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxFolderPermission/MSFT_EXOMailboxFolderPermission.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxFolderPermission/MSFT_EXOMailboxFolderPermission.psm1 @@ -71,7 +71,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instances = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $instances = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } else { @@ -84,26 +84,28 @@ function Get-TargetResource [Array]$permissionsObj = @() - foreach($mailboxfolderPermission in $instances){ + foreach ($mailboxfolderPermission in $instances) + { $currentPermission = @{} $currentPermission.Add('User', $mailboxFolderPermission.User.ToString()) $currentPermission.Add('AccessRights', $mailboxFolderPermission.AccessRights) - if($null -ne $mailboxFolderPermission.SharingPermissionFlags) { + if ($null -ne $mailboxFolderPermission.SharingPermissionFlags) + { $currentPermission.Add('SharingPermissionFlags', $mailboxFolderPermission.SharingPermissionFlags) } $permissionsObj += $currentPermission } $results = @{ - Identity = $Identity - UserPermissions = [Array]$permissionsObj - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Identity = $Identity + UserPermissions = [Array]$permissionsObj + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } @@ -198,28 +200,37 @@ function Set-TargetResource # Remove all the current existing pemrissions on this folder. # Skip removing the default and anonymous permissions, as can't be removed, and should just be directly updated. - foreach($currentUserPermission in $currentMailboxFolderPermissions) { - if($currentUserPermission.User.ToString().ToLower() -ne "default" -and $currentUserPermission.User.ToString().ToLower() -ne "anonymous"){ + foreach ($currentUserPermission in $currentMailboxFolderPermissions) + { + if ($currentUserPermission.User.ToString().ToLower() -ne 'default' -and $currentUserPermission.User.ToString().ToLower() -ne 'anonymous') + { Remove-MailboxFolderPermission -Identity $Identity -User $currentUserPermission.User -Confirm:$false } } # Add the desired state permissions on the mailbox folder # For Default and anonymous users, as the permissions were not removed, we just need to call set. - foreach($userPermission in $UserPermissions) { - if($userPermission.User.ToString().ToLower() -eq "default" -or $userPermission.User.ToString().ToLower() -eq "anonymous"){ - if ($userPermission.SharingPermissionFlags -eq ""){ + foreach ($userPermission in $UserPermissions) + { + if ($userPermission.User.ToString().ToLower() -eq 'default' -or $userPermission.User.ToString().ToLower() -eq 'anonymous') + { + if ($userPermission.SharingPermissionFlags -eq '') + { Set-MailboxFolderPermission -Identity $Identity -User $userPermission.User -AccessRights $userPermission.AccessRights } - else { + else + { Set-MailboxFolderPermission -Identity $Identity -User $userPermission.User -AccessRights $userPermission.AccessRights -SharingPermissionFlags $userPermission.SharingPermissionFlags } } - else { - if ($userPermission.SharingPermissionFlags -eq ""){ + else + { + if ($userPermission.SharingPermissionFlags -eq '') + { Add-MailboxFolderPermission -Identity $Identity -User $userPermission.User -AccessRights $userPermission.AccessRights } - else { + else + { Add-MailboxFolderPermission -Identity $Identity -User $userPermission.User -AccessRights $userPermission.AccessRights -SharingPermissionFlags $userPermission.SharingPermissionFlags } } @@ -309,7 +320,8 @@ function Test-TargetResource { $testTargetResource = $false } - else { + else + { $ValuesToCheck.Remove($key) | Out-Null } } @@ -319,12 +331,12 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys ` - -IncludedDrifts $driftedParams + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys ` + -IncludedDrifts $driftedParams - if(-not $TestResult) + if (-not $TestResult) { $testTargetResource = $false } @@ -487,9 +499,10 @@ function Get-M365DSCEXOUserPermissionsList $StringContent += "MSFT_EXOMailboxFolderUserPermission {`r`n" $StringContent += " User = '" + $permission.User + "'`r`n" $StringContent += " AccessRights = '" + $permission.AccessRights + "'`r`n" - if($null -ne $permission.SharingPermissionFlags){ - # $StringContent += " SharingPermissionFlags = `$null" + "`r`n" - # } else { + if ($null -ne $permission.SharingPermissionFlags) + { + # $StringContent += " SharingPermissionFlags = `$null" + "`r`n" + # } else { $StringContent += " SharingPermissionFlags = '" + $permission.SharingPermissionFlags + "'`r`n" } $StringContent += " }`r`n" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxFolderPermission/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxFolderPermission/settings.json index 874090d3bc..ec5534569f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxFolderPermission/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxFolderPermission/settings.json @@ -26,8 +26,8 @@ "Recipient Management" ], "requiredrolegroups": [ - "Organization Management", - "Help Desk" + "Organization Management", + "Help Desk" ] } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxIRMAccess/MSFT_EXOMailboxIRMAccess.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxIRMAccess/MSFT_EXOMailboxIRMAccess.psm1 index 13c1f4be94..3df797b6ba 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxIRMAccess/MSFT_EXOMailboxIRMAccess.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxIRMAccess/MSFT_EXOMailboxIRMAccess.psm1 @@ -68,7 +68,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity -and $_.User -eq $User} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity -and $_.User -eq $User } } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxPermission/MSFT_EXOMailboxPermission.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxPermission/MSFT_EXOMailboxPermission.psm1 index 39a70e00e2..f89dd48825 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxPermission/MSFT_EXOMailboxPermission.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxPermission/MSFT_EXOMailboxPermission.psm1 @@ -9,13 +9,13 @@ function Get-TargetResource $Identity, [Parameter(Mandatory = $true)] - [ValidateSet("ChangeOwner", "ChangePermission", "DeleteItem", "ExternalAccount", "FullAccess", "ReadPermission")] + [ValidateSet('ChangeOwner', 'ChangePermission', 'DeleteItem', 'ExternalAccount', 'FullAccess', 'ReadPermission')] [System.String[]] $AccessRights, [Parameter(Mandatory = $true)] [System.String] - [ValidateSet("None", "All", "Children", "Descendents", "SelfAndChildren")] + [ValidateSet('None', 'All', 'Children', 'Descendents', 'SelfAndChildren')] $InheritanceType = 'All', [Parameter()] @@ -105,7 +105,7 @@ function Get-TargetResource if ($permission.Length -gt 1) { - $permission = $permission | Where-Object -FilterScript {$_.User -eq $User -and (Compare-Object -ReferenceObject $_.AccessRights.Replace(' ','').Split(',') -DifferenceObject $AccessRights).Count -eq 0} + $permission = $permission | Where-Object -FilterScript { $_.User -eq $User -and (Compare-Object -ReferenceObject $_.AccessRights.Replace(' ', '').Split(',') -DifferenceObject $AccessRights).Count -eq 0 } } if ($permission.Length -gt 1) @@ -120,21 +120,21 @@ function Get-TargetResource } $result = @{ - Identity = $permission.Identity - AccessRights = [Array]$permission.AccessRights.Replace(' ','').Split(',') - InheritanceType = $permission.InheritanceType - Owner = $permission.Owner - User = $permission.User - Deny = [Boolean]$permission.Deny - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword - Managedidentity = $ManagedIdentity.IsPresent - TenantId = $TenantId - AccessTokens = $AccessTokens + Identity = $permission.Identity + AccessRights = [Array]$permission.AccessRights.Replace(' ', '').Split(',') + InheritanceType = $permission.InheritanceType + Owner = $permission.Owner + User = $permission.User + Deny = [Boolean]$permission.Deny + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + Managedidentity = $ManagedIdentity.IsPresent + TenantId = $TenantId + AccessTokens = $AccessTokens } Write-Verbose -Message "Found permissions for mailbox {$($Identity)}" @@ -162,13 +162,13 @@ function Set-TargetResource $Identity, [Parameter(Mandatory = $true)] - [ValidateSet("ChangeOwner", "ChangePermission", "DeleteItem", "ExternalAccount", "FullAccess", "ReadPermission")] + [ValidateSet('ChangeOwner', 'ChangePermission', 'DeleteItem', 'ExternalAccount', 'FullAccess', 'ReadPermission')] [System.String[]] $AccessRights, [Parameter(Mandatory = $true)] [System.String] - [ValidateSet("None", "All", "Children", "Descendents", "SelfAndChildren")] + [ValidateSet('None', 'All', 'Children', 'Descendents', 'SelfAndChildren')] $InheritanceType = 'All', [Parameter()] @@ -273,13 +273,13 @@ function Test-TargetResource $Identity, [Parameter(Mandatory = $true)] - [ValidateSet("ChangeOwner", "ChangePermission", "DeleteItem", "ExternalAccount", "FullAccess", "ReadPermission")] + [ValidateSet('ChangeOwner', 'ChangePermission', 'DeleteItem', 'ExternalAccount', 'FullAccess', 'ReadPermission')] [System.String[]] $AccessRights, [Parameter(Mandatory = $true)] [System.String] - [ValidateSet("None", "All", "Children", "Descendents", "SelfAndChildren")] + [ValidateSet('None', 'All', 'Children', 'Descendents', 'SelfAndChildren')] $InheritanceType = 'All', [Parameter()] @@ -448,7 +448,7 @@ function Export-TargetResource Write-Host " |---[$j/$($permissions.Count)] $($permission.Identity)" -NoNewline $Params = @{ Identity = $mailbox.UserPrincipalName - AccessRights = [Array]$permission.AccessRights.Replace(' ','').Replace('SendAs,','').Split(',') # ignore SendAs permissions since they are not supported by *-MailboxPermission cmdlets + AccessRights = [Array]$permission.AccessRights.Replace(' ', '').Replace('SendAs,', '').Split(',') # ignore SendAs permissions since they are not supported by *-MailboxPermission cmdlets InheritanceType = $permission.InheritanceType User = $permission.User Credential = $Credential diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxSettings/MSFT_EXOMailboxSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxSettings/MSFT_EXOMailboxSettings.psm1 index f5b5a24b5d..70b56677fb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxSettings/MSFT_EXOMailboxSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxSettings/MSFT_EXOMailboxSettings.psm1 @@ -103,7 +103,7 @@ function Get-TargetResource try { $mailboxSettings = Get-MailboxRegionalConfiguration -Identity $DisplayName -ErrorAction Stop - $mailboxInfo = Get-Mailbox -Identity $DisplayName -ErrorAction Stop + $mailboxInfo = Get-Mailbox -Identity $DisplayName -ErrorAction Stop } catch { @@ -124,7 +124,7 @@ function Get-TargetResource AddressBookPolicy = $mailboxInfo.AddressBookPolicy RoleAssignmentPolicy = $mailboxInfo.RoleAssignmentPolicy SharingPolicy = $mailboxInfo.SharingPolicy - Ensure = "Present" + Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId CertificateThumbprint = $CertificateThumbprint @@ -355,9 +355,9 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys Write-Verbose -Message "Test-TargetResource returned $testResult" @@ -435,7 +435,7 @@ function Export-TargetResource { $DisplayNameValue = $mailbox.Name - if ([System.Guid]::TryParse($mailbox.Identity,[System.Management.Automation.PSReference]$ObjectGuid)) + if ([System.Guid]::TryParse($mailbox.Identity, [System.Management.Automation.PSReference]$ObjectGuid)) { try { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRole/MSFT_EXOManagementRole.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRole/MSFT_EXOManagementRole.psm1 index fc30a27966..6053feec9b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRole/MSFT_EXOManagementRole.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRole/MSFT_EXOManagementRole.psm1 @@ -87,7 +87,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $AllManagementRoles = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Name} + $AllManagementRoles = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Name } } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleAssignment/MSFT_EXOManagementRoleAssignment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleAssignment/MSFT_EXOManagementRoleAssignment.psm1 index bd4575f6f3..b88d9c2602 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleAssignment/MSFT_EXOManagementRoleAssignment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleAssignment/MSFT_EXOManagementRoleAssignment.psm1 @@ -123,7 +123,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $roleAssignment = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Name} + $roleAssignment = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Name } } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/MSFT_EXOManagementRoleEntry.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/MSFT_EXOManagementRoleEntry.psm1 index bbdde00cf5..01be59dfff 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/MSFT_EXOManagementRoleEntry.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/MSFT_EXOManagementRoleEntry.psm1 @@ -80,7 +80,7 @@ function Get-TargetResource $IdentityParts = $Identity.Split('\') if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $roleEntry = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $IdentityParts[0] -and $_.Name -eq $IdentityParts[1]} + $roleEntry = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $IdentityParts[0] -and $_.Name -eq $IdentityParts[1] } } else { @@ -194,7 +194,7 @@ function Set-TargetResource $currentValues = Get-TargetResource @PSBoundParameters $paramDifference = Compare-Object -ReferenceObject $currentValues.Parameters -DifferenceObject $Parameters - $paramsToAdd = $paramDifference | Where-Object -FilterScript {$_.SideIndicator -eq '=>'} + $paramsToAdd = $paramDifference | Where-Object -FilterScript { $_.SideIndicator -eq '=>' } $paramsToAddEntries = @() foreach ($diff in $paramsToAdd) { @@ -206,7 +206,7 @@ function Set-TargetResource Set-ManagementRoleEntry -Identity $Identity -AddParameter -Parameters $paramsToAddEntries } - $paramsToRemove = $paramDifference | Where-Object -FilterScript {$_.SideIndicator -eq '<='} + $paramsToRemove = $paramDifference | Where-Object -FilterScript { $_.SideIndicator -eq '<=' } $paramsToRemoveEntries = @() foreach ($diff in $paramsToRemove) { @@ -378,10 +378,10 @@ function Export-TargetResource $Global:M365DSCExportResourceInstancesCount++ } - Write-Host " |---[$i/$($Script:exportedInstances.Count)] $($roleEntry.Identity + "\" + $roleEntry.Name)" -NoNewline + Write-Host " |---[$i/$($Script:exportedInstances.Count)] $($roleEntry.Identity + '\' + $roleEntry.Name)" -NoNewline $Params = @{ - Identity = $roleEntry.Identity + "\" + $roleEntry.Name + Identity = $roleEntry.Identity + '\' + $roleEntry.Name Credential = $Credential ApplicationId = $ApplicationId TenantId = $TenantId diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementScope/MSFT_EXOManagementScope.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementScope/MSFT_EXOManagementScope.psm1 index bd19cc11f4..79bbb79057 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementScope/MSFT_EXOManagementScope.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementScope/MSFT_EXOManagementScope.psm1 @@ -75,7 +75,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $ManagementScope = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $ManagementScope = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } else { @@ -87,18 +87,18 @@ function Get-TargetResource } $results = @{ - Identity = $Identity - Name = $ManagementScope.Name - RecipientRestrictionFilter = $ManagementScope.RecipientFilter - RecipientRoot = $ManagementScope.RecipientRoot - Exclusive = $ManagementScope.Exclusive - Ensure = "Present" - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Identity = $Identity + Name = $ManagementScope.Name + RecipientRestrictionFilter = $ManagementScope.RecipientFilter + RecipientRoot = $ManagementScope.RecipientRoot + Exclusive = $ManagementScope.Exclusive + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMigration/MSFT_EXOMigration.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMigration/MSFT_EXOMigration.psm1 index 7eccbcb0c8..c8ae0443d1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMigration/MSFT_EXOMigration.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMigration/MSFT_EXOMigration.psm1 @@ -108,7 +108,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity.Name -eq $Identity} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity.Name -eq $Identity } } else { @@ -123,35 +123,35 @@ function Get-TargetResource $UserEmails = $Users | ForEach-Object { $_.Identity } $results = @{ - Identity = $Identity - NotificationEmails = [System.String[]]$instance.NotificationEmails - AddUsers = [System.Boolean]$instance.AddUsers - BadItemLimit = [System.String]$instance.BadItemLimit - LargeItemLimit = [System.String]$instance.LargeItemLimit - MoveOptions = [System.String[]]$instance.MoveOptions - SkipMerging = [System.String[]]$instance.SkipMerging - Update = [System.Boolean]$instance.Update - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens - Status = $instance.Status.Value - MigrationUsers = $UserEmails - SourceEndpoint = $instance.SourceEndpoint.Identity.Id - TargetDeliveryDomain = $instance.TargetDeliveryDomain + Identity = $Identity + NotificationEmails = [System.String[]]$instance.NotificationEmails + AddUsers = [System.Boolean]$instance.AddUsers + BadItemLimit = [System.String]$instance.BadItemLimit + LargeItemLimit = [System.String]$instance.LargeItemLimit + MoveOptions = [System.String[]]$instance.MoveOptions + SkipMerging = [System.String[]]$instance.SkipMerging + Update = [System.Boolean]$instance.Update + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens + Status = $instance.Status.Value + MigrationUsers = $UserEmails + SourceEndpoint = $instance.SourceEndpoint.Identity.Id + TargetDeliveryDomain = $instance.TargetDeliveryDomain } if ($instance.CompleteAfter -ne $null) { - $results.Add('CompleteAfter', $instance.CompleteAfter.ToString("MM/dd/yyyy hh:mm tt")) + $results.Add('CompleteAfter', $instance.CompleteAfter.ToString('MM/dd/yyyy hh:mm tt')) } if ($instance.StartAfter -ne $null) { - $results.Add('StartAfter', $instance.CompleteAfter.ToString("MM/dd/yyyy hh:mm tt")) + $results.Add('StartAfter', $instance.CompleteAfter.ToString('MM/dd/yyyy hh:mm tt')) } return [System.Collections.Hashtable] $results @@ -284,15 +284,15 @@ function Set-TargetResource $csvBytes = [System.Text.Encoding]::UTF8.GetBytes($csvContent -join "`r`n") $BatchParams = @{ - Name = $Identity # Use the existing Identity as the new batch name - CSVData = $csvBytes # Directly use the byte array - NotificationEmails = $NotificationEmails # Use the same notification emails if provided - CompleteAfter = $CompleteAfter - StartAfter = $StartAfter - BadItemLimit = [System.String]$BadItemLimit - LargeItemLimit = $LargeItemLimit - SkipMerging = $SkipMerging - SourceEndpoint = $SourceEndpoint + Name = $Identity # Use the existing Identity as the new batch name + CSVData = $csvBytes # Directly use the byte array + NotificationEmails = $NotificationEmails # Use the same notification emails if provided + CompleteAfter = $CompleteAfter + StartAfter = $StartAfter + BadItemLimit = [System.String]$BadItemLimit + LargeItemLimit = $LargeItemLimit + SkipMerging = $SkipMerging + SourceEndpoint = $SourceEndpoint TargetDeliveryDomain = $TargetDeliveryDomain } @@ -334,22 +334,22 @@ function Set-TargetResource $csvFilePath = "$env:TEMP\MigrationUsers.csv" # Convert each item in the array to a custom object with an EmailAddress property - $csvContent = $MigrationUsers | ForEach-Object { [PSCustomObject]@{EmailAddress = $_} } + $csvContent = $MigrationUsers | ForEach-Object { [PSCustomObject]@{EmailAddress = $_ } } # Export to CSV with the header "EmailAddress" $csvContent | Export-Csv -Path $csvFilePath -NoTypeInformation -Force $BatchParams = @{ - Identity = $Identity # Use the existing Identity as the new batch name - CSVData = [System.IO.File]::ReadAllBytes($csvFilePath) # Load the CSV as byte array + Identity = $Identity # Use the existing Identity as the new batch name + CSVData = [System.IO.File]::ReadAllBytes($csvFilePath) # Load the CSV as byte array NotificationEmails = $NotificationEmails # Use the same notification emails if provided - CompleteAfter = $CompleteAfter - StartAfter = $StartAfter - BadItemLimit = [System.String]$BadItemLimit - LargeItemLimit = $LargeItemLimit - SkipMerging = $SkipMerging - Update = $Update - AddUsers = $AddUsers + CompleteAfter = $CompleteAfter + StartAfter = $StartAfter + BadItemLimit = [System.String]$BadItemLimit + LargeItemLimit = $LargeItemLimit + SkipMerging = $SkipMerging + Update = $Update + AddUsers = $AddUsers } Set-MigrationBatch @BatchParams diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMigrationEndpoint/MSFT_EXOMigrationEndpoint.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMigrationEndpoint/MSFT_EXOMigrationEndpoint.psm1 index 8e8ef54b1a..0890bcf4b8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMigrationEndpoint/MSFT_EXOMigrationEndpoint.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMigrationEndpoint/MSFT_EXOMigrationEndpoint.psm1 @@ -129,7 +129,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $migrationEndpoint = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $migrationEndpoint = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } else { @@ -141,31 +141,31 @@ function Get-TargetResource } $results = @{ - Identity = $Identity - AcceptUntrustedCertificates = $migrationEndpoint.AcceptUntrustedCertificates - AppID = $migrationEndpoint.AppID - AppSecretKeyVaultUrl = $migrationEndpoint.AppSecretKeyVaultUrl - Authentication = $migrationEndpoint.Authentication - EndpointType = $migrationEndpoint.EndpointType - ExchangeServer = $migrationEndpoint.ExchangeServer - MailboxPermission = $migrationEndpoint.MailboxPermission - MaxConcurrentIncrementalSyncs = $migrationEndpoint.MaxConcurrentIncrementalSyncs - MaxConcurrentMigrations = $migrationEndpoint.MaxConcurrentMigrations - NspiServer = $migrationEndpoint.NspiServer - Port = $migrationEndpoint.Port - RemoteServer = $migrationEndpoint.RemoteServer - RemoteTenant = $migrationEndpoint.RemoteTenant - RpcProxyServer = $migrationEndpoint.RpcProxyServer - Security = $migrationEndpoint.Security - SourceMailboxLegacyDN = $migrationEndpoint.SourceMailboxLegacyDN - UseAutoDiscover = $migrationEndpoint.UseAutoDiscover - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Identity = $Identity + AcceptUntrustedCertificates = $migrationEndpoint.AcceptUntrustedCertificates + AppID = $migrationEndpoint.AppID + AppSecretKeyVaultUrl = $migrationEndpoint.AppSecretKeyVaultUrl + Authentication = $migrationEndpoint.Authentication + EndpointType = $migrationEndpoint.EndpointType + ExchangeServer = $migrationEndpoint.ExchangeServer + MailboxPermission = $migrationEndpoint.MailboxPermission + MaxConcurrentIncrementalSyncs = $migrationEndpoint.MaxConcurrentIncrementalSyncs + MaxConcurrentMigrations = $migrationEndpoint.MaxConcurrentMigrations + NspiServer = $migrationEndpoint.NspiServer + Port = $migrationEndpoint.Port + RemoteServer = $migrationEndpoint.RemoteServer + RemoteTenant = $migrationEndpoint.RemoteTenant + RpcProxyServer = $migrationEndpoint.RpcProxyServer + Security = $migrationEndpoint.Security + SourceMailboxLegacyDN = $migrationEndpoint.SourceMailboxLegacyDN + UseAutoDiscover = $migrationEndpoint.UseAutoDiscover + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results @@ -319,7 +319,7 @@ function Set-TargetResource $newParams.Add('Name', $Identity) $newParams.Add('Confirm', [Switch]$false) - if ($EndpointType -eq "IMAP") + if ($EndpointType -eq 'IMAP') { # Removing mailbox permission parameter as this is valid only for outlook anywhere migration $setParams.Remove('MailboxPermission') diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOOnPremisesOrganization/MSFT_EXOOnPremisesOrganization.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOOnPremisesOrganization/MSFT_EXOOnPremisesOrganization.psm1 index 183afecfed..2a0655f57a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOOnPremisesOrganization/MSFT_EXOOnPremisesOrganization.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOOnPremisesOrganization/MSFT_EXOOnPremisesOrganization.psm1 @@ -246,24 +246,24 @@ function Set-TargetResource -InboundParameters $PSBoundParameters $NewOnPremisesOrganizationParams = @{ - Name = $Identity - Comment = $Comment - HybridDomains = $HybridDomains - InboundConnector = $InboundConnector - OrganizationName = $OrganizationName - OrganizationGuid = $OrganizationGuid - OutboundConnector = $OutboundConnector - Confirm = $false + Name = $Identity + Comment = $Comment + HybridDomains = $HybridDomains + InboundConnector = $InboundConnector + OrganizationName = $OrganizationName + OrganizationGuid = $OrganizationGuid + OutboundConnector = $OutboundConnector + Confirm = $false } $SetOnPremisesOrganizationParams = @{ - Identity = $Identity - Comment = $Comment - HybridDomains = $HybridDomains - InboundConnector = $InboundConnector - OrganizationName = $OrganizationName - OutboundConnector = $OutboundConnector - Confirm = $false + Identity = $Identity + Comment = $Comment + HybridDomains = $HybridDomains + InboundConnector = $InboundConnector + OrganizationName = $OrganizationName + OutboundConnector = $OutboundConnector + Confirm = $false } if (-not [System.String]::IsNullOrEmpty($OrganizationRelationship)) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPhishSimOverrideRule/MSFT_EXOPhishSimOverrideRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPhishSimOverrideRule/MSFT_EXOPhishSimOverrideRule.psm1 index ee3dc48fbe..a282259ff0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPhishSimOverrideRule/MSFT_EXOPhishSimOverrideRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPhishSimOverrideRule/MSFT_EXOPhishSimOverrideRule.psm1 @@ -75,7 +75,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } else { @@ -115,7 +115,8 @@ function Get-TargetResource } # Function to compare and modify properties -function ModifyPropertiesForSetCmdlet { +function ModifyPropertiesForSetCmdlet +{ param ( [Hashtable]$setParameters, [Hashtable]$currentInstance, @@ -131,10 +132,12 @@ function ModifyPropertiesForSetCmdlet { $removeArray = $currentArray | Where-Object { $_ -notin $setArray } # Modify $setParameters - if ($addArray.Count -gt 0) { + if ($addArray.Count -gt 0) + { $setParameters.Add("Add$propertyName", $addArray) } - if ($removeArray.Count -gt 0) { + if ($removeArray.Count -gt 0) + { $setParameters.Add("Remove$propertyName", $removeArray) } @@ -217,8 +220,8 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { $ruleIdentity = $setParameters['Identity'] - $setParameters.Add("Name", $ruleIdentity) - $setParameters.Remove("Identity") + $setParameters.Add('Name', $ruleIdentity) + $setParameters.Remove('Identity') New-EXOPhishSimOverrideRule @SetParameters } @@ -226,8 +229,8 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { # Modify Domains and SenderIpRanges parameters as Set cmdlet for this resource has different parameter names - ModifyPropertiesForSetCmdlet -setParameters $setParameters -currentInstance $currentInstance -propertyName "Domains" - ModifyPropertiesForSetCmdlet -setParameters $setParameters -currentInstance $currentInstance -propertyName "SenderIpRanges" + ModifyPropertiesForSetCmdlet -setParameters $setParameters -currentInstance $currentInstance -propertyName 'Domains' + ModifyPropertiesForSetCmdlet -setParameters $setParameters -currentInstance $currentInstance -propertyName 'SenderIpRanges' Set-EXOPhishSimOverrideRule @SetParameters } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPlace/MSFT_EXOPlace.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPlace/MSFT_EXOPlace.psm1 index 9327331b4d..bfb60a5035 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPlace/MSFT_EXOPlace.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPlace/MSFT_EXOPlace.psm1 @@ -69,7 +69,7 @@ function Get-TargetResource $ParentId, [Parameter()] - [ValidateSet("Floor", "Section", "None")] + [ValidateSet('Floor', 'Section', 'None')] [System.String] $ParentType, @@ -172,7 +172,7 @@ function Get-TargetResource if (-not [System.String]::IsNullOrEmpty($DisplayName)) { Write-Verbose -Message "Couldn't retrieve place by Id {$($Identity)}. Trying by DisplayName" - $place = Get-Place -ResultSize 'Unlimited' | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $place = Get-Place -ResultSize 'Unlimited' | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } if ($null -eq $place) @@ -305,7 +305,7 @@ function Set-TargetResource $ParentId, [Parameter()] - [ValidateSet("Floor", "Section", "None")] + [ValidateSet('Floor', 'Section', 'None')] [System.String] $ParentType, @@ -476,7 +476,7 @@ function Test-TargetResource $ParentId, [Parameter()] - [ValidateSet("Floor", "Section", "None")] + [ValidateSet('Floor', 'Section', 'None')] [System.String] $ParentType, diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/MSFT_EXOQuarantinePolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/MSFT_EXOQuarantinePolicy.psm1 index ac155325d0..77be9e2cec 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/MSFT_EXOQuarantinePolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOQuarantinePolicy/MSFT_EXOQuarantinePolicy.psm1 @@ -143,128 +143,128 @@ function Get-TargetResource if ($QuarantinePolicy.QuarantinePolicyType -eq 'GlobalQuarantineTag') { $result = @{ - CustomDisclaimer = $QuarantinePolicy.CustomDisclaimer - EndUserSpamNotificationFrequency = $QuarantinePolicy.EndUserSpamNotificationFrequency - EndUserSpamNotificationFrequencyInDays = $QuarantinePolicy.EndUserSpamNotificationFrequencyInDays - EndUserSpamNotificationCustomFromAddress = $QuarantinePolicy.EndUserSpamNotificationCustomFromAddress - MultiLanguageCustomDisclaimer = $QuarantinePolicy.MultiLanguageCustomDisclaimer - EsnCustomSubject = $QuarantinePolicy.EsnCustomSubject - MultiLanguageSenderName = $QuarantinePolicy.MultiLanguageSenderName - MultiLanguageSetting = $QuarantinePolicy.MultiLanguageSetting - OrganizationBrandingEnabled = $QuarantinePolicy.OrganizationBrandingEnabled - QuarantinePolicyType = $QuarantinePolicy.QuarantinePolicyType - Identity = $Identity - Credential = $Credential - Ensure = 'Present' - ApplicationId = $ApplicationId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword - Managedidentity = $ManagedIdentity.IsPresent - TenantId = $TenantId - AccessTokens = $AccessTokens + CustomDisclaimer = $QuarantinePolicy.CustomDisclaimer + EndUserSpamNotificationFrequency = $QuarantinePolicy.EndUserSpamNotificationFrequency + EndUserSpamNotificationFrequencyInDays = $QuarantinePolicy.EndUserSpamNotificationFrequencyInDays + EndUserSpamNotificationCustomFromAddress = $QuarantinePolicy.EndUserSpamNotificationCustomFromAddress + MultiLanguageCustomDisclaimer = $QuarantinePolicy.MultiLanguageCustomDisclaimer + EsnCustomSubject = $QuarantinePolicy.EsnCustomSubject + MultiLanguageSenderName = $QuarantinePolicy.MultiLanguageSenderName + MultiLanguageSetting = $QuarantinePolicy.MultiLanguageSetting + OrganizationBrandingEnabled = $QuarantinePolicy.OrganizationBrandingEnabled + QuarantinePolicyType = $QuarantinePolicy.QuarantinePolicyType + Identity = $Identity + Credential = $Credential + Ensure = 'Present' + ApplicationId = $ApplicationId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + Managedidentity = $ManagedIdentity.IsPresent + TenantId = $TenantId + AccessTokens = $AccessTokens } } else { $EndUserQuarantinePermissionsValueDecimal = 0 if ($QuarantinePolicy.EndUserQuarantinePermissions) + { + # Convert string output of EndUserQuarantinePermissions to binary value and then to decimal value + # needed for EndUserQuarantinePermissionsValue attribute of New-/Set-QuarantinePolicy cmdlet. + # This parameter uses a decimal value that's converted from a binary value. + # The binary value corresponds to the list of available permissions in a specific order. + # For each permission, the value 1 equals True and the value 0 equals False. + + $EndUserQuarantinePermissionsBinary = '' + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToViewHeader: True')) + { + $PermissionToViewHeader = '1' + } + else + { + $PermissionToViewHeader = '0' + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToDownload: True')) + { + $PermissionToDownload = '1' + } + else + { + $PermissionToDownload = '0' + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToAllowSender: True')) + { + $PermissionToAllowSender = '1' + } + else + { + $PermissionToAllowSender = '0' + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToBlockSender: True')) + { + $PermissionToBlockSender = '1' + } + else + { + $PermissionToBlockSender = '0' + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToRequestRelease: True')) + { + $PermissionToRequestRelease = '1' + } + else + { + $PermissionToRequestRelease = '0' + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToRelease: True')) + { + $PermissionToRelease = '1' + } + else + { + $PermissionToRelease = '0' + } + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToPreview: True')) + { + $PermissionToPreview = '1' + } + else { - # Convert string output of EndUserQuarantinePermissions to binary value and then to decimal value - # needed for EndUserQuarantinePermissionsValue attribute of New-/Set-QuarantinePolicy cmdlet. - # This parameter uses a decimal value that's converted from a binary value. - # The binary value corresponds to the list of available permissions in a specific order. - # For each permission, the value 1 equals True and the value 0 equals False. - - $EndUserQuarantinePermissionsBinary = '' - if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToViewHeader: True')) - { - $PermissionToViewHeader = '1' - } - else - { - $PermissionToViewHeader = '0' - } - if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToDownload: True')) - { - $PermissionToDownload = '1' - } - else - { - $PermissionToDownload = '0' - } - if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToAllowSender: True')) - { - $PermissionToAllowSender = '1' - } - else - { - $PermissionToAllowSender = '0' - } - if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToBlockSender: True')) - { - $PermissionToBlockSender = '1' - } - else - { - $PermissionToBlockSender = '0' - } - if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToRequestRelease: True')) - { - $PermissionToRequestRelease = '1' - } - else - { - $PermissionToRequestRelease = '0' - } - if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToRelease: True')) - { - $PermissionToRelease = '1' - } - else - { - $PermissionToRelease = '0' - } - if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToPreview: True')) - { - $PermissionToPreview = '1' - } - else - { - $PermissionToPreview = '0' - } - if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToDelete: True')) - { - $PermissionToDelete = '1' - } - else - { - $PermissionToDelete = '0' - } - # Concat values to binary value - $EndUserQuarantinePermissionsBinary = [System.String]::Concat($PermissionToViewHeader, $PermissionToDownload, $PermissionToAllowSender, $PermissionToBlockSender, $PermissionToRequestRelease, $PermissionToRelease, $PermissionToPreview, $PermissionToDelete) - - # Convert to Decimal value - [int]$EndUserQuarantinePermissionsValueDecimal = [System.Convert]::ToByte($EndUserQuarantinePermissionsBinary, 2) + $PermissionToPreview = '0' } - $result = @{ - Identity = $Identity - EndUserQuarantinePermissionsValue = $EndUserQuarantinePermissionsValueDecimal - ESNEnabled = $QuarantinePolicy.ESNEnabled - MultiLanguageCustomDisclaimer = $QuarantinePolicy.MultiLanguageCustomDisclaimer - MultiLanguageSenderName = $QuarantinePolicy.MultiLanguageSenderName - MultiLanguageSetting = $QuarantinePolicy.MultiLanguageSetting - OrganizationBrandingEnabled = $QuarantinePolicy.OrganizationBrandingEnabled - Credential = $Credential - Ensure = 'Present' - ApplicationId = $ApplicationId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword - Managedidentity = $ManagedIdentity.IsPresent - TenantId = $TenantId - AccessTokens = $AccessTokens + if ($QuarantinePolicy.EndUserQuarantinePermissions.Contains('PermissionToDelete: True')) + { + $PermissionToDelete = '1' + } + else + { + $PermissionToDelete = '0' } + # Concat values to binary value + $EndUserQuarantinePermissionsBinary = [System.String]::Concat($PermissionToViewHeader, $PermissionToDownload, $PermissionToAllowSender, $PermissionToBlockSender, $PermissionToRequestRelease, $PermissionToRelease, $PermissionToPreview, $PermissionToDelete) + + # Convert to Decimal value + [int]$EndUserQuarantinePermissionsValueDecimal = [System.Convert]::ToByte($EndUserQuarantinePermissionsBinary, 2) + } + $result = @{ + Identity = $Identity + EndUserQuarantinePermissionsValue = $EndUserQuarantinePermissionsValueDecimal + ESNEnabled = $QuarantinePolicy.ESNEnabled + MultiLanguageCustomDisclaimer = $QuarantinePolicy.MultiLanguageCustomDisclaimer + MultiLanguageSenderName = $QuarantinePolicy.MultiLanguageSenderName + MultiLanguageSetting = $QuarantinePolicy.MultiLanguageSetting + OrganizationBrandingEnabled = $QuarantinePolicy.OrganizationBrandingEnabled + Credential = $Credential + Ensure = 'Present' + ApplicationId = $ApplicationId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + Managedidentity = $ManagedIdentity.IsPresent + TenantId = $TenantId + AccessTokens = $AccessTokens + } } Write-Verbose -Message "Found QuarantinePolicy $($Identity)" Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -423,7 +423,8 @@ function Set-TargetResource elseif (('Present' -eq $Ensure ) -and ($Null -ne $QuarantinePolicy)) { Write-Verbose -Message "Setting QuarantinePolicy $($Identity) with values: $(Convert-M365DscHashtableToString -Hashtable $QuarantinePolicyParams)" - if ($QuarantinePolicyType -eq 'GlobalQuarantineTag') { + if ($QuarantinePolicyType -eq 'GlobalQuarantineTag') + { $QuarantinePolicyParams.Remove('Identity') | Out-Null Get-QuarantinePolicy -QuarantinePolicyType GlobalQuarantinePolicy | Set-QuarantinePolicy @QuarantinePolicyParams } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORecipientPermission/MSFT_EXORecipientPermission.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORecipientPermission/MSFT_EXORecipientPermission.psm1 index 7a87ce811f..e589117126 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORecipientPermission/MSFT_EXORecipientPermission.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORecipientPermission/MSFT_EXORecipientPermission.psm1 @@ -456,7 +456,7 @@ function Export-TargetResource } $IdentityValue = $recipientPermission.Identity - if ([System.Guid]::TryParse($IdentityValue,[System.Management.Automation.PSReference]$ObjectGuid)) + if ([System.Guid]::TryParse($IdentityValue, [System.Management.Automation.PSReference]$ObjectGuid)) { $user = Get-User -Identity $IdentityValue $IdentityValue = $user.UserPrincipalName diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOReportSubmissionPolicy/MSFT_EXOReportSubmissionPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOReportSubmissionPolicy/MSFT_EXOReportSubmissionPolicy.psm1 index fc70da66fa..ecdfa2dbde 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOReportSubmissionPolicy/MSFT_EXOReportSubmissionPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOReportSubmissionPolicy/MSFT_EXOReportSubmissionPolicy.psm1 @@ -143,7 +143,7 @@ function Get-TargetResource $AccessTokens ) - Write-Verbose -Message "Getting configuration of ReportSubmissionPolicy" + Write-Verbose -Message 'Getting configuration of ReportSubmissionPolicy' if ($Global:CurrentModeIsExport) { $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` @@ -178,49 +178,49 @@ function Get-TargetResource if ($null -eq $ReportSubmissionPolicy) { - Write-Verbose -Message "ReportSubmissionPolicy does not exist." + Write-Verbose -Message 'ReportSubmissionPolicy does not exist.' return $nullReturn } else { $result = @{ - IsSingleInstance = 'Yes' - DisableQuarantineReportingOption = $ReportSubmissionPolicy.DisableQuarantineReportingOption - EnableCustomNotificationSender = $ReportSubmissionPolicy.EnableCustomNotificationSender - EnableOrganizationBranding = $ReportSubmissionPolicy.EnableOrganizationBranding - EnableReportToMicrosoft = $ReportSubmissionPolicy.EnableReportToMicrosoft - EnableThirdPartyAddress = $ReportSubmissionPolicy.EnableThirdPartyAddress - EnableUserEmailNotification = $ReportSubmissionPolicy.EnableUserEmailNotification - JunkReviewResultMessage = $ReportSubmissionPolicy.JunkReviewResultMessage - NotJunkReviewResultMessage = $ReportSubmissionPolicy.NotJunkReviewResultMessage - NotificationFooterMessage = $ReportSubmissionPolicy.NotificationFooterMessage - NotificationSenderAddress = $ReportSubmissionPolicy.NotificationSenderAddress - PhishingReviewResultMessage = $ReportSubmissionPolicy.PhishingReviewResultMessage - PostSubmitMessage = $ReportSubmissionPolicy.PostSubmitMessage - PostSubmitMessageEnabled = $ReportSubmissionPolicy.PostSubmitMessageEnabled - PostSubmitMessageTitle = $ReportSubmissionPolicy.PostSubmitMessageTitle - PreSubmitMessage = $ReportSubmissionPolicy.PreSubmitMessage - PreSubmitMessageEnabled = $ReportSubmissionPolicy.PreSubmitMessageEnabled - PreSubmitMessageTitle = $ReportSubmissionPolicy.PreSubmitMessageTitle - ReportJunkAddresses = $ReportSubmissionPolicy.ReportJunkAddresses - ReportJunkToCustomizedAddress = $ReportSubmissionPolicy.ReportJunkToCustomizedAddress - ReportNotJunkAddresses = $ReportSubmissionPolicy.ReportNotJunkAddresses - ReportNotJunkToCustomizedAddress = $ReportSubmissionPolicy.ReportNotJunkToCustomizedAddress - ReportPhishAddresses = $ReportSubmissionPolicy.ReportPhishAddresses - ReportPhishToCustomizedAddress = $ReportSubmissionPolicy.ReportPhishToCustomizedAddress - ThirdPartyReportAddresses = $ReportSubmissionPolicy.ThirdPartyReportAddresses - Credential = $Credential - Ensure = 'Present' - ApplicationId = $ApplicationId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword - Managedidentity = $ManagedIdentity.IsPresent - TenantId = $TenantId - AccessTokens = $AccessTokens + IsSingleInstance = 'Yes' + DisableQuarantineReportingOption = $ReportSubmissionPolicy.DisableQuarantineReportingOption + EnableCustomNotificationSender = $ReportSubmissionPolicy.EnableCustomNotificationSender + EnableOrganizationBranding = $ReportSubmissionPolicy.EnableOrganizationBranding + EnableReportToMicrosoft = $ReportSubmissionPolicy.EnableReportToMicrosoft + EnableThirdPartyAddress = $ReportSubmissionPolicy.EnableThirdPartyAddress + EnableUserEmailNotification = $ReportSubmissionPolicy.EnableUserEmailNotification + JunkReviewResultMessage = $ReportSubmissionPolicy.JunkReviewResultMessage + NotJunkReviewResultMessage = $ReportSubmissionPolicy.NotJunkReviewResultMessage + NotificationFooterMessage = $ReportSubmissionPolicy.NotificationFooterMessage + NotificationSenderAddress = $ReportSubmissionPolicy.NotificationSenderAddress + PhishingReviewResultMessage = $ReportSubmissionPolicy.PhishingReviewResultMessage + PostSubmitMessage = $ReportSubmissionPolicy.PostSubmitMessage + PostSubmitMessageEnabled = $ReportSubmissionPolicy.PostSubmitMessageEnabled + PostSubmitMessageTitle = $ReportSubmissionPolicy.PostSubmitMessageTitle + PreSubmitMessage = $ReportSubmissionPolicy.PreSubmitMessage + PreSubmitMessageEnabled = $ReportSubmissionPolicy.PreSubmitMessageEnabled + PreSubmitMessageTitle = $ReportSubmissionPolicy.PreSubmitMessageTitle + ReportJunkAddresses = $ReportSubmissionPolicy.ReportJunkAddresses + ReportJunkToCustomizedAddress = $ReportSubmissionPolicy.ReportJunkToCustomizedAddress + ReportNotJunkAddresses = $ReportSubmissionPolicy.ReportNotJunkAddresses + ReportNotJunkToCustomizedAddress = $ReportSubmissionPolicy.ReportNotJunkToCustomizedAddress + ReportPhishAddresses = $ReportSubmissionPolicy.ReportPhishAddresses + ReportPhishToCustomizedAddress = $ReportSubmissionPolicy.ReportPhishToCustomizedAddress + ThirdPartyReportAddresses = $ReportSubmissionPolicy.ThirdPartyReportAddresses + Credential = $Credential + Ensure = 'Present' + ApplicationId = $ApplicationId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + Managedidentity = $ManagedIdentity.IsPresent + TenantId = $TenantId + AccessTokens = $AccessTokens } - Write-Verbose -Message "Found ReportSubmissionPolicy" + Write-Verbose -Message 'Found ReportSubmissionPolicy' Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" return $result } @@ -392,7 +392,7 @@ function Set-TargetResource -Parameters $PSBoundParameters Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Setting configuration of ReportSubmissionPolicy" + Write-Verbose -Message 'Setting configuration of ReportSubmissionPolicy' $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` -InboundParameters $PSBoundParameters @@ -414,7 +414,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentReportSubmissionPolicy.Ensure -eq 'Absent') { - Write-Verbose -Message "Creating ReportSubmissionPolicy" + Write-Verbose -Message 'Creating ReportSubmissionPolicy' New-ReportSubmissionPolicy Set-ReportSubmissionPolicy @ReportSubmissionPolicyParams -Confirm:$false @@ -426,8 +426,8 @@ function Set-TargetResource } elseif ($Ensure -eq 'Absent' -and $currentReportSubmissionPolicy.Ensure -eq 'Present') { - Write-Verbose -Message "Removing ReportSubmissionPolicy" - Remove-ReportSubmissionPolicy -Identity "DefaultReportSubmissionPolicy" + Write-Verbose -Message 'Removing ReportSubmissionPolicy' + Remove-ReportSubmissionPolicy -Identity 'DefaultReportSubmissionPolicy' } } @@ -587,7 +587,7 @@ function Test-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Testing configuration of ReportSubmissionPolicy" + Write-Verbose -Message 'Testing configuration of ReportSubmissionPolicy' $CurrentValues = Get-TargetResource @PSBoundParameters @@ -673,7 +673,7 @@ function Export-TargetResource } $dscContent = '' - Write-Host " |---Export Default ReportSubmissionPolicy" -NoNewline + Write-Host ' |---Export Default ReportSubmissionPolicy' -NoNewline if ($null -ne $Global:M365DSCExportResourceInstancesCount) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOReportSubmissionRule/MSFT_EXOReportSubmissionRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOReportSubmissionRule/MSFT_EXOReportSubmissionRule.psm1 index cb3069e680..3271fc0229 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOReportSubmissionRule/MSFT_EXOReportSubmissionRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOReportSubmissionRule/MSFT_EXOReportSubmissionRule.psm1 @@ -59,7 +59,7 @@ function Get-TargetResource $AccessTokens ) - Write-Verbose -Message "Getting configuration of ReportSubmissionRule" + Write-Verbose -Message 'Getting configuration of ReportSubmissionRule' if ($Global:CurrentModeIsExport) { $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` @@ -94,28 +94,28 @@ function Get-TargetResource if ($null -eq $ReportSubmissionRule) { - Write-Verbose -Message "ReportSubmissionRule does not exist." + Write-Verbose -Message 'ReportSubmissionRule does not exist.' return $nullReturn } else { $result = @{ - IsSingleInstance = 'Yes' - Identity = $ReportSubmissionRule.Identity - Comments = $ReportSubmissionRule.Comments - SentTo = $ReportSubmissionRule.SentTo - Credential = $Credential - Ensure = 'Present' - ApplicationId = $ApplicationId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword - Managedidentity = $ManagedIdentity.IsPresent - TenantId = $TenantId - AccessTokens = $AccessTokens + IsSingleInstance = 'Yes' + Identity = $ReportSubmissionRule.Identity + Comments = $ReportSubmissionRule.Comments + SentTo = $ReportSubmissionRule.SentTo + Credential = $Credential + Ensure = 'Present' + ApplicationId = $ApplicationId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + Managedidentity = $ManagedIdentity.IsPresent + TenantId = $TenantId + AccessTokens = $AccessTokens } - Write-Verbose -Message "Found ReportSubmissionRule" + Write-Verbose -Message 'Found ReportSubmissionRule' Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" return $result } @@ -203,7 +203,7 @@ function Set-TargetResource -Parameters $PSBoundParameters Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Setting configuration of ReportSubmissionRule" + Write-Verbose -Message 'Setting configuration of ReportSubmissionRule' $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` -InboundParameters $PSBoundParameters @@ -224,7 +224,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentReportSubmissionRule.Ensure -eq 'Absent') { - Write-Verbose -Message "Creating ReportSubmissionRule" + Write-Verbose -Message 'Creating ReportSubmissionRule' $ReportSubmissionRuleParams.Add('Name', $Identity) | Out-Null $ReportSubmissionRuleParams.Remove('Identity') | Out-Null @@ -240,7 +240,7 @@ function Set-TargetResource } elseif ($Ensure -eq 'Absent' -and $currentReportSubmissionRule.Ensure -eq 'Present') { - Write-Verbose -Message "Removing ReportSubmissionRule" + Write-Verbose -Message 'Removing ReportSubmissionRule' Remove-ReportSubmissionRule -Identity $Identity -Confirm:$false } } @@ -317,7 +317,7 @@ function Test-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Testing configuration of ReportSubmissionRule" + Write-Verbose -Message 'Testing configuration of ReportSubmissionRule' $CurrentValues = Get-TargetResource @PSBoundParameters @@ -404,7 +404,7 @@ function Export-TargetResource } $dscContent = '' - Write-Host " |---Export ReportSubmissionRule" -NoNewline + Write-Host ' |---Export ReportSubmissionRule' -NoNewline if ($null -ne $Global:M365DSCExportResourceInstancesCount) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/MSFT_EXORetentionPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/MSFT_EXORetentionPolicy.psm1 index fbd6d16c3a..e167ce3330 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/MSFT_EXORetentionPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/MSFT_EXORetentionPolicy.psm1 @@ -1,414 +1,414 @@ -function Get-TargetResource -{ - [CmdletBinding()] - [OutputType([System.Collections.Hashtable])] - param - ( - [Parameter(Mandatory = $true)] - [System.String] - $Identity, - - [Parameter()] - [System.Boolean] - $IsDefault, - - [Parameter()] - [System.Boolean] - $IsDefaultArbitrationMailbox, - - [Parameter()] - [System.String] - $Name, - - [Parameter()] - [System.Guid] - $RetentionId, - - [Parameter()] - [System.String[]] - $RetentionPolicyTagLinks, - - [Parameter()] - [System.Management.Automation.PSCredential] - $Credential, +function Get-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Collections.Hashtable])] + param + ( + [Parameter(Mandatory = $true)] + [System.String] + $Identity, + + [Parameter()] + [System.Boolean] + $IsDefault, + + [Parameter()] + [System.Boolean] + $IsDefaultArbitrationMailbox, + + [Parameter()] + [System.String] + $Name, + + [Parameter()] + [System.Guid] + $RetentionId, + + [Parameter()] + [System.String[]] + $RetentionPolicyTagLinks, + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, [Parameter()] [ValidateSet('Present', 'Absent')] [System.String] $Ensure = 'Present', - - [Parameter()] - [System.String] - $ApplicationId, - - [Parameter()] - [System.String] - $TenantId, - - [Parameter()] - [System.String] - $CertificateThumbprint, - - [Parameter()] - [Switch] - $ManagedIdentity, - - [Parameter()] - [System.String[]] - $AccessTokens - ) - + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + New-M365DSCConnection -Workload 'ExchangeOnline' ` - -InboundParameters $PSBoundParameters | Out-Null - - Confirm-M365DSCDependencies - - #region Telemetry - $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') - $CommandName = $MyInvocation.MyCommand + -InboundParameters $PSBoundParameters | Out-Null + + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') + $CommandName = $MyInvocation.MyCommand $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` -CommandName $CommandName ` - -Parameters $PSBoundParameters - Add-M365DSCTelemetryEvent -Data $data - #endregion - - $nullResult = $PSBoundParameters - $nullResult.Ensure = 'Absent' - try - { - if ($null -ne $Script:exportedInstances -and $Script:ExportMode) - { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} - } - else - { - $instance = Get-RetentionPolicy -Identity $Identity -ErrorAction Stop - } - if ($null -eq $instance) - { - return $nullResult - } - - $results = @{ - Ensure = 'Present' - Identity = [System.String]$instance.Identity - IsDefault = [System.Boolean]$instance.IsDefault - IsDefaultArbitrationMailbox = [System.Boolean]$instance.IsDefaultArbitrationMailbox - Name = [System.String]$instance.Name - RetentionId = [System.Guid]$instance.RetentionId - RetentionPolicyTagLinks = [System.String[]]$instance.RetentionPolicyTagLinks - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens - } - return [System.Collections.Hashtable] $results - } - catch - { + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + $nullResult = $PSBoundParameters + $nullResult.Ensure = 'Absent' + try + { + if ($null -ne $Script:exportedInstances -and $Script:ExportMode) + { + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } + } + else + { + $instance = Get-RetentionPolicy -Identity $Identity -ErrorAction Stop + } + if ($null -eq $instance) + { + return $nullResult + } + + $results = @{ + Ensure = 'Present' + Identity = [System.String]$instance.Identity + IsDefault = [System.Boolean]$instance.IsDefault + IsDefaultArbitrationMailbox = [System.Boolean]$instance.IsDefaultArbitrationMailbox + Name = [System.String]$instance.Name + RetentionId = [System.Guid]$instance.RetentionId + RetentionPolicyTagLinks = [System.String[]]$instance.RetentionPolicyTagLinks + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens + } + return [System.Collections.Hashtable] $results + } + catch + { New-M365DSCLogEntry -Message 'Error retrieving data:' ` -Exception $_ ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` - -Credential $Credential - - return $nullResult - } -} - - -function Set-TargetResource -{ - [CmdletBinding()] - param - ( - [Parameter(Mandatory = $true)] - [System.String] - $Identity, - - [Parameter()] - [System.Boolean] - $IsDefault, - - [Parameter()] - [System.Boolean] - $IsDefaultArbitrationMailbox, - - [Parameter()] - [System.String] - $Name, - - [Parameter()] - [System.Guid] - $RetentionId, - - [Parameter()] - [System.String[]] - $RetentionPolicyTagLinks, + -Credential $Credential + + return $nullResult + } +} + + +function Set-TargetResource +{ + [CmdletBinding()] + param + ( + [Parameter(Mandatory = $true)] + [System.String] + $Identity, + + [Parameter()] + [System.Boolean] + $IsDefault, + + [Parameter()] + [System.Boolean] + $IsDefaultArbitrationMailbox, + + [Parameter()] + [System.String] + $Name, + + [Parameter()] + [System.Guid] + $RetentionId, + + [Parameter()] + [System.String[]] + $RetentionPolicyTagLinks, [Parameter()] [ValidateSet('Present', 'Absent')] [System.String] $Ensure = 'Present', - - - [Parameter()] - [System.Management.Automation.PSCredential] - $Credential, - - [Parameter()] - [System.String] - $ApplicationId, - - [Parameter()] - [System.String] - $TenantId, - - [Parameter()] - [System.String] - $CertificateThumbprint, - - [Parameter()] - [Switch] - $ManagedIdentity, - - [Parameter()] - [System.String[]] - $AccessTokens - ) - - #Ensure the proper dependencies are installed in the current environment. - Confirm-M365DSCDependencies - - #region Telemetry - $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') - $CommandName = $MyInvocation.MyCommand + + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') + $CommandName = $MyInvocation.MyCommand $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` -CommandName $CommandName ` - -Parameters $PSBoundParameters - Add-M365DSCTelemetryEvent -Data $data - #endregion - - $currentInstance = Get-TargetResource @PSBoundParameters - - $setParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters - - # CREATE - if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') - { - $setParameters.Remove("Identity") - New-RetentionPolicy @SetParameters - } - # UPDATE - elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') - { - Set-RetentionPolicy @SetParameters -Force - } - # REMOVE - elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') - { - Remove-RetentionPolicy -Identity $Identity -Force - } -} - - -function Test-TargetResource -{ - [CmdletBinding()] - [OutputType([System.Boolean])] - param - ( - [Parameter(Mandatory = $true)] - [System.String] - $Identity, - - [Parameter()] - [System.Boolean] - $IsDefault, - - [Parameter()] - [System.Boolean] - $IsDefaultArbitrationMailbox, - - [Parameter()] - [System.String] - $Name, - - [Parameter()] - [System.Guid] - $RetentionId, - - [Parameter()] - [System.String[]] - $RetentionPolicyTagLinks, + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + $currentInstance = Get-TargetResource @PSBoundParameters + + $setParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters + + # CREATE + if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') + { + $setParameters.Remove('Identity') + New-RetentionPolicy @SetParameters + } + # UPDATE + elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') + { + Set-RetentionPolicy @SetParameters -Force + } + # REMOVE + elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') + { + Remove-RetentionPolicy -Identity $Identity -Force + } +} + + +function Test-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Boolean])] + param + ( + [Parameter(Mandatory = $true)] + [System.String] + $Identity, + + [Parameter()] + [System.Boolean] + $IsDefault, + + [Parameter()] + [System.Boolean] + $IsDefaultArbitrationMailbox, + + [Parameter()] + [System.String] + $Name, + + [Parameter()] + [System.Guid] + $RetentionId, + + [Parameter()] + [System.String[]] + $RetentionPolicyTagLinks, [Parameter()] [ValidateSet('Present', 'Absent')] [System.String] $Ensure = 'Present', - - [Parameter()] - [System.Management.Automation.PSCredential] - $Credential, - - [Parameter()] - [System.String] - $ApplicationId, - - [Parameter()] - [System.String] - $TenantId, - - [Parameter()] - [System.String] - $CertificateThumbprint, - - [Parameter()] - [Switch] - $ManagedIdentity, - - [Parameter()] - [System.String[]] - $AccessTokens - ) - - #Ensure the proper dependencies are installed in the current environment. - Confirm-M365DSCDependencies - - #region Telemetry - $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') - $CommandName = $MyInvocation.MyCommand + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') + $CommandName = $MyInvocation.MyCommand $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` -CommandName $CommandName ` - -Parameters $PSBoundParameters - Add-M365DSCTelemetryEvent -Data $data - #endregion - - $CurrentValues = Get-TargetResource @PSBoundParameters - $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() - - Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" - Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" - + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + $CurrentValues = Get-TargetResource @PSBoundParameters + $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() + + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" + Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" + $testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys - - Write-Verbose -Message "Test-TargetResource returned $testResult" - - return $testResult -} - -function Export-TargetResource -{ - [CmdletBinding()] - [OutputType([System.String])] - param - ( - [Parameter()] - [System.Management.Automation.PSCredential] - $Credential, - - [Parameter()] - [System.String] - $ApplicationId, - - [Parameter()] - [System.String] - $TenantId, - - [Parameter()] - [System.Management.Automation.PSCredential] - $ApplicationSecret, - - [Parameter()] - [System.String] - $CertificateThumbprint, - - [Parameter()] - [Switch] - $ManagedIdentity, - - [Parameter()] - [System.String[]] - $AccessTokens - ) - + -ValuesToCheck $ValuesToCheck.Keys + + Write-Verbose -Message "Test-TargetResource returned $testResult" + + return $testResult +} + +function Export-TargetResource +{ + [CmdletBinding()] + [OutputType([System.String])] + param + ( + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ApplicationSecret, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` - -InboundParameters $PSBoundParameters - - Confirm-M365DSCDependencies - - #region Telemetry - $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') - $CommandName = $MyInvocation.MyCommand + -InboundParameters $PSBoundParameters + + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace('MSFT_', '') + $CommandName = $MyInvocation.MyCommand $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` -CommandName $CommandName ` - -Parameters $PSBoundParameters - Add-M365DSCTelemetryEvent -Data $data - #endregion - - try - { - $Script:ExportMode = $true - [array] $Script:exportedInstances = Get-RetentionPolicy -ErrorAction Stop - - $i = 1 - $dscContent = '' - if ($Script:exportedInstances.Length -eq 0) - { - Write-Host $Global:M365DSCEmojiGreenCheckMark - } - else - { - Write-Host "`r`n" -NoNewline - } - foreach ($config in $Script:exportedInstances) - { - $displayedKey = $config.Identity - Write-Host " |---[$i/$($Script:exportedInstances.Count)] $displayedKey" -NoNewline - $params = @{ - Identity = $config.Identity - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens - } - - $Results = Get-TargetResource @Params + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + try + { + $Script:ExportMode = $true + [array] $Script:exportedInstances = Get-RetentionPolicy -ErrorAction Stop + + $i = 1 + $dscContent = '' + if ($Script:exportedInstances.Length -eq 0) + { + Write-Host $Global:M365DSCEmojiGreenCheckMark + } + else + { + Write-Host "`r`n" -NoNewline + } + foreach ($config in $Script:exportedInstances) + { + $displayedKey = $config.Identity + Write-Host " |---[$i/$($Script:exportedInstances.Count)] $displayedKey" -NoNewline + $params = @{ + Identity = $config.Identity + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens + } + + $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results - + -Results $Results + $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` -ConnectionMode $ConnectionMode ` -ModulePath $PSScriptRoot ` -Results $Results ` - -Credential $Credential - $dscContent += $currentDSCBlock + -Credential $Credential + $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` - -FileName $Global:PartialExportFileName - $i++ - Write-Host $Global:M365DSCEmojiGreenCheckMark - } - return $dscContent - } - catch - { - Write-Host $Global:M365DSCEmojiRedX - + -FileName $Global:PartialExportFileName + $i++ + Write-Host $Global:M365DSCEmojiGreenCheckMark + } + return $dscContent + } + catch + { + Write-Host $Global:M365DSCEmojiRedX + New-M365DSCLogEntry -Message 'Error during Export:' ` -Exception $_ ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` - -Credential $Credential - - return '' - } -} + -Credential $Credential + + return '' + } +} Export-ModuleMember -Function *-TargetResource diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/MSFT_EXORetentionPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/MSFT_EXORetentionPolicy.schema.mof index 06fc8d548a..48aa7b434d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/MSFT_EXORetentionPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/MSFT_EXORetentionPolicy.schema.mof @@ -1,19 +1,19 @@ -[ClassVersion("1.0.0.0"), FriendlyName("EXORetentionPolicy")] -class MSFT_EXORetentionPolicy : OMI_BaseResource -{ - [Key, Description("The Identity parameter specifies the name, distinguished name (DN), or GUID of the retention policy.")] String Identity; - [Write, Description("The IsDefault switch specifies that this retention policy is the default retention policy. You don't need to specify a value with this switch.")] Boolean IsDefault; - [Write, Description("The IsDefaultArbitrationMailbox switch configures this policy as the default retention policy for arbitration mailboxes in your Exchange Online organization. You don't need to specify a value with this switch.")] Boolean IsDefaultArbitrationMailbox; - [Write, Description("The Name parameter specifies a unique name for the retention policy.")] String Name; - [Write, Description("The RetentionId parameter specifies the identity of the retention policy to make sure mailboxes moved between two Exchange organizations continue to have the same retention policy applied to them.")] String RetentionId; - [Write, Description("The RetentionPolicyTagLinks parameter specifies the identity of retention policy tags to associate with the retention policy. Mailboxes that get a retention policy applied have retention tags linked with that retention policy.")] String RetentionPolicyTagLinks[]; - +[ClassVersion("1.0.0.0"), FriendlyName("EXORetentionPolicy")] +class MSFT_EXORetentionPolicy : OMI_BaseResource +{ + [Key, Description("The Identity parameter specifies the name, distinguished name (DN), or GUID of the retention policy.")] String Identity; + [Write, Description("The IsDefault switch specifies that this retention policy is the default retention policy. You don't need to specify a value with this switch.")] Boolean IsDefault; + [Write, Description("The IsDefaultArbitrationMailbox switch configures this policy as the default retention policy for arbitration mailboxes in your Exchange Online organization. You don't need to specify a value with this switch.")] Boolean IsDefaultArbitrationMailbox; + [Write, Description("The Name parameter specifies a unique name for the retention policy.")] String Name; + [Write, Description("The RetentionId parameter specifies the identity of the retention policy to make sure mailboxes moved between two Exchange organizations continue to have the same retention policy applied to them.")] String RetentionId; + [Write, Description("The RetentionPolicyTagLinks parameter specifies the identity of retention policy tags to associate with the retention policy. Mailboxes that get a retention policy applied have retention tags linked with that retention policy.")] String RetentionPolicyTagLinks[]; + [Write, Description("Specifies if this report submission rule should exist."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; - [Write, Description("Credentials of the workload's Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; - [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; - [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; - [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; - [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; - [Write, Description("Access token used for authentication.")] String AccessTokens[]; -}; + [Write, Description("Credentials of the workload's Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; + [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; + [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; + [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; + [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; +}; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/readme.md index 08cbda5846..fe5ff622e7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/readme.md +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/readme.md @@ -1,5 +1,5 @@ -# EXORetentionPolicy - -## Description - -Use the New-RetentionPolicy cmdlet to create a retention policy and the Set-RetentionPolicy cmdlet to change the properties of an existing retention policy. +# EXORetentionPolicy + +## Description + +Use the New-RetentionPolicy cmdlet to create a retention policy and the Set-RetentionPolicy cmdlet to change the properties of an existing retention policy. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/settings.json index d805a5b797..4453cb593f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORetentionPolicy/settings.json @@ -26,8 +26,8 @@ "Recipient Management" ], "requiredrolegroups": [ - "Organization Management", - "Help Desk" + "Organization Management", + "Help Desk" ] } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORoleGroup/MSFT_EXORoleGroup.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORoleGroup/MSFT_EXORoleGroup.psm1 index ddaf63e526..040ebe5990 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXORoleGroup/MSFT_EXORoleGroup.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXORoleGroup/MSFT_EXORoleGroup.psm1 @@ -82,7 +82,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $RoleGroup = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $RoleGroup = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } else { @@ -229,7 +229,7 @@ function Set-TargetResource # Create Role Group if ($Members.Length -gt 0) { - $NewRoleGroupParams.Add("Members", $Members) + $NewRoleGroupParams.Add('Members', $Members) } New-RoleGroup @NewRoleGroupParams } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeAttachmentPolicy/MSFT_EXOSafeAttachmentPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeAttachmentPolicy/MSFT_EXOSafeAttachmentPolicy.psm1 index 96a586a511..13c8b963a0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeAttachmentPolicy/MSFT_EXOSafeAttachmentPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeAttachmentPolicy/MSFT_EXOSafeAttachmentPolicy.psm1 @@ -264,8 +264,9 @@ function Set-TargetResource $StopProcessingPolicy = $false if ($Redirect -eq $true) { - if ($ActionOnError -eq $true){ - Write-Verbose -Message "The ActionOnError parameter is deprecated" + if ($ActionOnError -eq $true) + { + Write-Verbose -Message 'The ActionOnError parameter is deprecated' $SafeAttachmentPolicyParams.Remove('ActionOnError') | Out-Null } $Message = 'Cannot proceed with processing of SafeAttachmentPolicy because Redirect is set to true ' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeLinksPolicy/MSFT_EXOSafeLinksPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeLinksPolicy/MSFT_EXOSafeLinksPolicy.psm1 index ae02e155d1..59fce47512 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeLinksPolicy/MSFT_EXOSafeLinksPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeLinksPolicy/MSFT_EXOSafeLinksPolicy.psm1 @@ -150,31 +150,31 @@ function Get-TargetResource else { $result = @{ - Identity = $SafeLinksPolicy.Identity - AdminDisplayName = $SafeLinksPolicy.AdminDisplayName - AllowClickThrough = $SafeLinksPolicy.AllowClickThrough - CustomNotificationText = $SafeLinksPolicy.CustomNotificationText - DeliverMessageAfterScan = $SafeLinksPolicy.DeliverMessageAfterScan - DoNotRewriteUrls = $SafeLinksPolicy.DoNotRewriteUrls - EnableForInternalSenders = $SafeLinksPolicy.EnableForInternalSenders - EnableOrganizationBranding = $SafeLinksPolicy.EnableOrganizationBranding - EnableSafeLinksForTeams = $SafeLinksPolicy.EnableSafeLinksForTeams - EnableSafeLinksForEmail = $SafeLinksPolicy.EnableSafeLinksForEmail - EnableSafeLinksForOffice = $SafeLinksPolicy.EnableSafeLinksForOffice - DisableUrlRewrite = $SafeLinksPolicy.DisableUrlRewrite - ScanUrls = $SafeLinksPolicy.ScanUrls - TrackClicks = $SafeLinksPolicy.TrackClicks + Identity = $SafeLinksPolicy.Identity + AdminDisplayName = $SafeLinksPolicy.AdminDisplayName + AllowClickThrough = $SafeLinksPolicy.AllowClickThrough + CustomNotificationText = $SafeLinksPolicy.CustomNotificationText + DeliverMessageAfterScan = $SafeLinksPolicy.DeliverMessageAfterScan + DoNotRewriteUrls = $SafeLinksPolicy.DoNotRewriteUrls + EnableForInternalSenders = $SafeLinksPolicy.EnableForInternalSenders + EnableOrganizationBranding = $SafeLinksPolicy.EnableOrganizationBranding + EnableSafeLinksForTeams = $SafeLinksPolicy.EnableSafeLinksForTeams + EnableSafeLinksForEmail = $SafeLinksPolicy.EnableSafeLinksForEmail + EnableSafeLinksForOffice = $SafeLinksPolicy.EnableSafeLinksForOffice + DisableUrlRewrite = $SafeLinksPolicy.DisableUrlRewrite + ScanUrls = $SafeLinksPolicy.ScanUrls + TrackClicks = $SafeLinksPolicy.TrackClicks # The Get-SafeLinksPolicy no longer returns this property # UseTranslatedNotificationText = $SafeLinksPolicy.UseTranslatedNotificationText - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword - Managedidentity = $ManagedIdentity.IsPresent - TenantId = $TenantId - AccessTokens = $AccessTokens + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + Managedidentity = $ManagedIdentity.IsPresent + TenantId = $TenantId + AccessTokens = $AccessTokens } Write-Verbose -Message "Found SafeLinksPolicy $($Identity)" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSecOpsOverrideRule/MSFT_EXOSecOpsOverrideRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSecOpsOverrideRule/MSFT_EXOSecOpsOverrideRule.psm1 index a804064c90..4d9292d96b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSecOpsOverrideRule/MSFT_EXOSecOpsOverrideRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSecOpsOverrideRule/MSFT_EXOSecOpsOverrideRule.psm1 @@ -67,7 +67,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } else { @@ -171,14 +171,14 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { $ruleIdentity = $setParameters['Identity'] - $setParameters.Add("Name", $ruleIdentity) - $setParameters.Remove("Identity") + $setParameters.Add('Name', $ruleIdentity) + $setParameters.Remove('Identity') New-EXOSecOpsOverrideRule @SetParameters } # UPDATE elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { - $setParameters.Remove("Policy") + $setParameters.Remove('Policy') Set-EXOSecOpsOverrideRule @SetParameters } # REMOVE diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOServicePrincipal/MSFT_EXOServicePrincipal.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOServicePrincipal/MSFT_EXOServicePrincipal.psm1 index da092793e8..22da7246e7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOServicePrincipal/MSFT_EXOServicePrincipal.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOServicePrincipal/MSFT_EXOServicePrincipal.psm1 @@ -78,7 +78,7 @@ function Get-TargetResource if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.AppId -eq $servicePrincipal.AppId} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.AppId -eq $servicePrincipal.AppId } } else { @@ -194,8 +194,8 @@ function Set-TargetResource # UPDATE elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { - $setParameters.Remove("AppId") - $setParameters.Remove("ObjectId") + $setParameters.Remove('AppId') + $setParameters.Remove('ObjectId') Set-ServicePrincipal -DisplayName $DisplayName -Identity $servicePrincipal.Id } # REMOVE diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSharedMailbox/MSFT_EXOSharedMailbox.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSharedMailbox/MSFT_EXOSharedMailbox.psm1 index 1047ca25c3..54ee8e009f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSharedMailbox/MSFT_EXOSharedMailbox.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSharedMailbox/MSFT_EXOSharedMailbox.psm1 @@ -98,7 +98,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $mailbox = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $mailbox = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } else { @@ -113,7 +113,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $mailbox = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $mailbox = $Script:exportedInstances | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSweepRule/MSFT_EXOSweepRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSweepRule/MSFT_EXOSweepRule.psm1 index 071e688af6..6082212593 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSweepRule/MSFT_EXOSweepRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSweepRule/MSFT_EXOSweepRule.psm1 @@ -95,7 +95,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } else { @@ -109,13 +109,13 @@ function Get-TargetResource $results = @{ Name = $instance.Name Provider = $instance.Provider - DestinationFolder = $instance.MailboxOwnerId + ":\" + $instance.DestinationFolder + DestinationFolder = $instance.MailboxOwnerId + ':\' + $instance.DestinationFolder Enabled = [Boolean]$instance.Enabled KeepForDays = $instance.KeepForDays KeepLatest = $instance.KeepLatest Mailbox = $instance.MailboxOwnerId SenderName = $instance.Sender.Split('"')[1] - SourceFolder = $instance.MailboxOwnerId + ":\" + $instance.SourceFolder + SourceFolder = $instance.MailboxOwnerId + ':\' + $instance.SourceFolder SystemCategory = $instance.SystemCategory Ensure = 'Present' Credential = $Credential @@ -234,22 +234,22 @@ function Set-TargetResource # CREATE if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { - Write-Verbose -Message "Creating new Sweep Rule." + Write-Verbose -Message 'Creating new Sweep Rule.' New-SweepRule @SetParameters } # UPDATE elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { - Write-Verbose -Message "Updating existing Sweep Rule." - $instance = Get-SweepRule -Mailbox $Mailbox | Where-Object -FilterScript {$_.Name -eq $Name} + Write-Verbose -Message 'Updating existing Sweep Rule.' + $instance = Get-SweepRule -Mailbox $Mailbox | Where-Object -FilterScript { $_.Name -eq $Name } $SetParameters.Add('Identity', $instance.RuleId) Set-SweepRule @SetParameters } # REMOVE elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { - Write-Verbose -Message "Removing existing Sweep Rule." - $instance = Get-SweepRule -Mailbox $Mailbox | Where-Object -FilterScript {$_.Name -eq $Name} + Write-Verbose -Message 'Removing existing Sweep Rule.' + $instance = Get-SweepRule -Mailbox $Mailbox | Where-Object -FilterScript { $_.Name -eq $Name } Remove-SweepRule -Identity $instance.RuleId -Mailbox $Mailbox } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTenantAllowBlockListItems/MSFT_EXOTenantAllowBlockListItems.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTenantAllowBlockListItems/MSFT_EXOTenantAllowBlockListItems.psm1 index 01778e9c2b..63a5ea5248 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTenantAllowBlockListItems/MSFT_EXOTenantAllowBlockListItems.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTenantAllowBlockListItems/MSFT_EXOTenantAllowBlockListItems.psm1 @@ -266,7 +266,7 @@ function Set-TargetResource if ($currentInstance.SubmissionID -ne $SubmissionID) { - throw "SubmissionID can not be changed" + throw 'SubmissionID can not be changed' } $UpdateParameters = ([Hashtable]$BoundParameters).Clone() @@ -448,7 +448,7 @@ function Export-TargetResource $ManagedIdentity ) - $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` -InboundParameters $PSBoundParameters #Ensure the proper dependencies are installed in the current environment. @@ -465,7 +465,7 @@ function Export-TargetResource try { - $ListTypes = ("FileHash", "Sender", "Url"); + $ListTypes = ('FileHash', 'Sender', 'Url') [array]$getValues = @() @@ -474,8 +474,8 @@ function Export-TargetResource $listValues = Get-TenantAllowBlockListItems -ListType $ListType -ErrorAction Stop $listValues | ForEach-Object { $getValues += @{ - Action = $_.Action - Value = $_.Value + Action = $_.Action + Value = $_.Value ListType = $ListType } } @@ -505,15 +505,15 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValues.Count)] $displayedKey" -NoNewline $params = @{ - Action = $config.Action - ListType = $config.ListType - Value = $config.Value - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId + Action = $config.Action + ListType = $config.ListType + Value = $config.Value + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret + ApplicationSecret = $ApplicationSecret } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTenantAllowBlockListSpoofItems/MSFT_EXOTenantAllowBlockListSpoofItems.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTenantAllowBlockListSpoofItems/MSFT_EXOTenantAllowBlockListSpoofItems.psm1 index 80ff2e2ead..3334138476 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTenantAllowBlockListSpoofItems/MSFT_EXOTenantAllowBlockListSpoofItems.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTenantAllowBlockListSpoofItems/MSFT_EXOTenantAllowBlockListSpoofItems.psm1 @@ -77,11 +77,11 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($Identity)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Identity -eq $Identity } } if ($null -eq $instance) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.SpoofedUser -eq $SpoofedUser} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.SpoofedUser -eq $SpoofedUser } } } else @@ -92,7 +92,7 @@ function Get-TargetResource } if ($null -eq $instance) { - $instance = Get-TenantAllowBlockListSpoofItems | Where-Object -FilterScript {$_.SpoofedUser -eq $SpoofedUser} + $instance = Get-TenantAllowBlockListSpoofItems | Where-Object -FilterScript { $_.SpoofedUser -eq $SpoofedUser } } } if ($null -eq $instance) @@ -216,9 +216,9 @@ function Set-TargetResource { Write-Verbose -Message "Updating blocked spoofed item {$SpoofedUser}" $instanceParams = @{ - Action = $Action - Ids = @($currentInstance.Identity) - Identity = 'Default' + Action = $Action + Ids = @($currentInstance.Identity) + Identity = 'Default' } Set-TenantAllowBlockListSpoofItems @instanceParams } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 index 89055e9a3f..ef40b3be26 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 @@ -784,7 +784,7 @@ function Get-TargetResource $MessageContainsDataClassificationsValue = $TransportRule.MessageContainsDataClassifications.Replace('"', "'") } - if ($TransportRule.State -eq "Enabled") + if ($TransportRule.State -eq 'Enabled') { $enabled = $true } @@ -1775,10 +1775,10 @@ function Set-TargetResource # check for deprecated DLP parameters and remove them if ($NewTransportRuleParams.ContainsKey('MessageContainsDataClassifications') ` - -or $NewTransportRuleParams.ContainsKey('ExceptIfMessageContainsDataClassifications') ` - -or $NewTransportRuleParams.ContainsKey('HasSenderOverride') ` - -or $NewTransportRuleParams.ContainsKey('ExceptIfHasSenderOverride') ` - -or $NewTransportRuleParams.ContainsKey('NotifySender')) + -or $NewTransportRuleParams.ContainsKey('ExceptIfMessageContainsDataClassifications') ` + -or $NewTransportRuleParams.ContainsKey('HasSenderOverride') ` + -or $NewTransportRuleParams.ContainsKey('ExceptIfHasSenderOverride') ` + -or $NewTransportRuleParams.ContainsKey('NotifySender')) { $NewTransportRuleParams.Remove('MessageContainsDataClassifications') | Out-Null $NewTransportRuleParams.Remove('ExceptIfMessageContainsDataClassifications') | Out-Null @@ -1786,7 +1786,7 @@ function Set-TargetResource $NewTransportRuleParams.Remove('ExceptIfHasSenderOverride') | Out-Null $NewTransportRuleParams.Remove('NotifySender') | Out-Null - Write-Verbose -Message "DEPRECATED - The DLP parameters (MessageContainsDataClassifications, ExceptIfMessageContainsDataClassifications, ExceptIfHasSenderOverride, HasSenderOverride and NotifySender) are deprecated and will be ignored." + Write-Verbose -Message 'DEPRECATED - The DLP parameters (MessageContainsDataClassifications, ExceptIfMessageContainsDataClassifications, ExceptIfHasSenderOverride, HasSenderOverride and NotifySender) are deprecated and will be ignored.' } $SetTransportRuleParams = $NewTransportRuleParams.Clone() diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/settings.json index 128a6b536d..c0378af3cc 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/settings.json @@ -8,7 +8,7 @@ "update": [ "Exchange Administrator" ] - }, + }, "permissions": { "graph": { "delegated": { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 index 52a0e3bea4..c8230fed2e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_FabricAdminTenantSettings/MSFT_FabricAdminTenantSettings.psm1 @@ -574,7 +574,7 @@ function Get-TargetResource } else { - $uri = $global:MsCloudLoginConnectionProfile.Fabric.HostUrl + "/v1/admin/tenantsettings" + $uri = $global:MsCloudLoginConnectionProfile.Fabric.HostUrl + '/v1/admin/tenantsettings' $instance = Invoke-M365DSCFabricWebRequest -Uri $uri -Method 'GET' } if ($null -eq $instance) @@ -584,136 +584,136 @@ function Get-TargetResource $results = @{ IsSingleInstance = 'Yes' - AADSSOForGateway = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AADSSOForGateway'}) - AdminApisIncludeDetailedMetadata = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AdminApisIncludeDetailedMetadata'}) - AdminApisIncludeExpressions = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AdminApisIncludeExpressions'}) - AdminCustomDisclaimer = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AdminCustomDisclaimer'}) - AISkillArtifactTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AISkillArtifactTenantSwitch'}) - AllowAccessOverPrivateLinks = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowAccessOverPrivateLinks'}) - AllowCVAuthenticationTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowCVAuthenticationTenant'}) - AllowCVLocalStorageV2Tenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowCVLocalStorageV2Tenant'}) - AllowCVToExportDataToFileTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowCVToExportDataToFileTenant'}) - AllowEndorsementMasterDataSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowEndorsementMasterDataSwitch'}) - AllowExternalDataSharingReceiverSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowExternalDataSharingReceiverSwitch'}) - AllowExternalDataSharingSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowExternalDataSharingSwitch'}) - AllowFreeTrial = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowFreeTrial'}) - AllowGuestLookup = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowGuestLookup'}) - AllowGuestUserToAccessSharedContent = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowGuestUserToAccessSharedContent'}) - AllowPowerBIASDQOnTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowPowerBIASDQOnTenant'}) - AllowSendAOAIDataToOtherRegions = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowSendAOAIDataToOtherRegions'}) - AllowSendNLToDaxDataToOtherRegions = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowSendNLToDaxDataToOtherRegions'}) - AllowServicePrincipalsCreateAndUseProfiles = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowServicePrincipalsCreateAndUseProfiles'}) - AllowServicePrincipalsUseReadAdminAPIs = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AllowServicePrincipalsUseReadAdminAPIs'}) - AppPush = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AppPush'}) - ArtifactSearchTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ArtifactSearchTenant'}) - ASCollectQueryTextTelemetryTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ASCollectQueryTextTelemetryTenantSwitch'}) - ASShareableCloudConnectionBindingSecurityModeTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ASShareableCloudConnectionBindingSecurityModeTenant'}) - ASWritethruContinuousExportTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ASWritethruContinuousExportTenantSwitch'}) - ASWritethruTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ASWritethruTenantSwitch'}) - AutoInstallPowerBIAppInTeamsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AutoInstallPowerBIAppInTeamsTenant'}) - AutomatedInsightsEntryPoints = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AutomatedInsightsEntryPoints'}) - AutomatedInsightsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AutomatedInsightsTenant'}) - AzureMap = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'AzureMap'}) - BingMap = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'BingMap'}) - BlockAccessFromPublicNetworks = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'BlockAccessFromPublicNetworks'}) - BlockAutoDiscoverAndPackageRefresh = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'BlockAutoDiscoverAndPackageRefresh'}) - BlockProtectedLabelSharingToEntireOrg = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'BlockProtectedLabelSharingToEntireOrg'}) - BlockResourceKeyAuthentication = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'BlockResourceKeyAuthentication'}) - CDSAManagement = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'CDSAManagement'}) - CertifiedCustomVisualsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'CertifiedCustomVisualsTenant'}) - CertifyDatasets = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'CertifyDatasets'}) - ConfigureFolderRetentionPeriod = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ConfigureFolderRetentionPeriod'}) - CreateAppWorkspaces = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'CreateAppWorkspaces'}) - CustomVisualsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'CustomVisualsTenant'}) - DatamartTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DatamartTenant'}) - DatasetExecuteQueries = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DatasetExecuteQueries'}) - DevelopServiceApps = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DevelopServiceApps'}) - DiscoverDatasetsConsumption = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DiscoverDatasetsConsumption'}) - DiscoverDatasetsSettingsCertified = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DiscoverDatasetsSettingsCertified'}) - DiscoverDatasetsSettingsPromoted = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DiscoverDatasetsSettingsPromoted'}) - DremioSSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'DremioSSO'}) - EimInformationProtectionDataSourceInheritanceSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EimInformationProtectionDataSourceInheritanceSetting'}) - EimInformationProtectionDownstreamInheritanceSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EimInformationProtectionDownstreamInheritanceSetting'}) - EimInformationProtectionEdit = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EimInformationProtectionEdit'}) - EimInformationProtectionLessElevated = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EimInformationProtectionLessElevated'}) - EimInformationProtectionWorkspaceAdminsOverrideAutomaticLabelsSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EimInformationProtectionWorkspaceAdminsOverrideAutomaticLabelsSetting'}) - ElevatedGuestsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ElevatedGuestsTenant'}) - EmailSecurityGroupsOnOutage = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EmailSecurityGroupsOnOutage'}) - EmailSubscriptionsToB2BUsers = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EmailSubscriptionsToB2BUsers'}) - EmailSubscriptionsToExternalUsers = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EmailSubscriptionsToExternalUsers'}) - EmailSubscriptionTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EmailSubscriptionTenant'}) - Embedding = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'Embedding'}) - EnableAOAI = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableAOAI'}) - EnableDatasetInPlaceSharing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableDatasetInPlaceSharing'}) - EnableExcelYellowIntegration = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableExcelYellowIntegration'}) - EnableFabricAirflow = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableFabricAirflow'}) - EnableNLToDax = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableNLToDax'}) - EnableReassignDataDomainSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EnableReassignDataDomainSwitch'}) - EsriVisual = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'EsriVisual'}) - ExpFlightingTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExpFlightingTenant'}) - ExportReport = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportReport'}) - ExportToCsv = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToCsv'}) - ExportToExcelSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToExcelSetting'}) - ExportToImage = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToImage'}) - ExportToMHTML = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToMHTML'}) - ExportToPowerPoint = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToPowerPoint'}) - ExportToWord = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToWord'}) - ExportToXML = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportToXML'}) - ExportVisualImageTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExportVisualImageTenant'}) - ExternalDatasetSharingTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExternalDatasetSharingTenant'}) - ExternalSharingV2 = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ExternalSharingV2'}) - FabricAddPartnerWorkload = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'FabricAddPartnerWorkload'}) - FabricFeedbackTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'FabricFeedbackTenantSwitch'}) - FabricGAWorkloads = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'FabricGAWorkloads'}) - FabricThirdPartyWorkloads = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'FabricThirdPartyWorkloads'}) - GitHubTenantSettings = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GitHubTenantSettings'}) - GitIntegrationCrossGeoTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GitIntegrationCrossGeoTenantSwitch'}) - GitIntegrationSensitivityLabelsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GitIntegrationSensitivityLabelsTenantSwitch'}) - GitIntegrationTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GitIntegrationTenantSwitch'}) - GoogleBigQuerySSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GoogleBigQuerySSO'}) - GraphQLTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'GraphQLTenant'}) - HealthcareSolutionsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'HealthcareSolutionsTenantSwitch'}) - InstallNonvalidatedTemplateApps = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'InstallNonvalidatedTemplateApps'}) - InstallServiceApps = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'InstallServiceApps'}) - KustoDashboardTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'KustoDashboardTenantSwitch'}) - LiveConnection = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'LiveConnection'}) - LogAnalyticsAttachForWorkspaceAdmins = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'LogAnalyticsAttachForWorkspaceAdmins'}) - M365DataSharing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'M365DataSharing'}) - Mirroring = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'Mirroring'}) - ODSPRefreshEnforcementTenantAllowAutomaticUpdate = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ODSPRefreshEnforcementTenantAllowAutomaticUpdate'}) - OneDriveSharePointAllowSharingTenantSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'OneDriveSharePointAllowSharingTenantSetting'}) - OneDriveSharePointViewerIntegrationTenantSettingV2 = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'OneDriveSharePointViewerIntegrationTenantSettingV2'}) - OneLakeFileExplorer = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'OneLakeFileExplorer'}) - OneLakeForThirdParty = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'OneLakeForThirdParty'}) - OnPremAnalyzeInExcel = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'OnPremAnalyzeInExcel'}) - PowerBIGoalsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'PowerBIGoalsTenant'}) - PowerPlatformSolutionsIntegrationTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'PowerPlatformSolutionsIntegrationTenant'}) - Printing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'Printing'}) - PromoteContent = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'PromoteContent'}) - PublishContentPack = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'PublishContentPack'}) - PublishToWeb = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'PublishToWeb'}) - QnaFeedbackLoop = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'QnaFeedbackLoop'}) - QnaLsdlSharing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'QnaLsdlSharing'}) - QueryScaleOutTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'QueryScaleOutTenant'}) - RedshiftSSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'RedshiftSSO'}) - RestrictMyFolderCapacity = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'RestrictMyFolderCapacity'}) - RetailSolutionsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'RetailSolutionsTenantSwitch'}) - RScriptVisual = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'RScriptVisual'}) - ServicePrincipalAccess = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ServicePrincipalAccess'}) - ShareLinkToEntireOrg = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ShareLinkToEntireOrg'}) - ShareToTeamsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'ShareToTeamsTenant'}) - SnowflakeSSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'SnowflakeSSO'}) - StorytellingTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'StorytellingTenant'}) - SustainabilitySolutionsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'SustainabilitySolutionsTenantSwitch'}) - TemplatePublish = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'TemplatePublish'}) - TenantSettingPublishGetHelpInfo = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'TenantSettingPublishGetHelpInfo'}) - TridentPrivatePreview = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'TridentPrivatePreview'}) - UsageMetrics = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'UsageMetrics'}) - UsageMetricsTrackUserLevelInfo = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'UsageMetricsTrackUserLevelInfo'}) - UseDatasetsAcrossWorkspaces = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'UseDatasetsAcrossWorkspaces'}) - VisualizeListInPowerBI = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'VisualizeListInPowerBI'}) - WebContentTilesTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'WebContentTilesTenant'}) - WebModelingTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript {$_.settingName -eq 'WebModelingTenantSwitch'}) + AADSSOForGateway = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AADSSOForGateway' }) + AdminApisIncludeDetailedMetadata = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AdminApisIncludeDetailedMetadata' }) + AdminApisIncludeExpressions = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AdminApisIncludeExpressions' }) + AdminCustomDisclaimer = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AdminCustomDisclaimer' }) + AISkillArtifactTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AISkillArtifactTenantSwitch' }) + AllowAccessOverPrivateLinks = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowAccessOverPrivateLinks' }) + AllowCVAuthenticationTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowCVAuthenticationTenant' }) + AllowCVLocalStorageV2Tenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowCVLocalStorageV2Tenant' }) + AllowCVToExportDataToFileTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowCVToExportDataToFileTenant' }) + AllowEndorsementMasterDataSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowEndorsementMasterDataSwitch' }) + AllowExternalDataSharingReceiverSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowExternalDataSharingReceiverSwitch' }) + AllowExternalDataSharingSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowExternalDataSharingSwitch' }) + AllowFreeTrial = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowFreeTrial' }) + AllowGuestLookup = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowGuestLookup' }) + AllowGuestUserToAccessSharedContent = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowGuestUserToAccessSharedContent' }) + AllowPowerBIASDQOnTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowPowerBIASDQOnTenant' }) + AllowSendAOAIDataToOtherRegions = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowSendAOAIDataToOtherRegions' }) + AllowSendNLToDaxDataToOtherRegions = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowSendNLToDaxDataToOtherRegions' }) + AllowServicePrincipalsCreateAndUseProfiles = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowServicePrincipalsCreateAndUseProfiles' }) + AllowServicePrincipalsUseReadAdminAPIs = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AllowServicePrincipalsUseReadAdminAPIs' }) + AppPush = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AppPush' }) + ArtifactSearchTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ArtifactSearchTenant' }) + ASCollectQueryTextTelemetryTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ASCollectQueryTextTelemetryTenantSwitch' }) + ASShareableCloudConnectionBindingSecurityModeTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ASShareableCloudConnectionBindingSecurityModeTenant' }) + ASWritethruContinuousExportTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ASWritethruContinuousExportTenantSwitch' }) + ASWritethruTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ASWritethruTenantSwitch' }) + AutoInstallPowerBIAppInTeamsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AutoInstallPowerBIAppInTeamsTenant' }) + AutomatedInsightsEntryPoints = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AutomatedInsightsEntryPoints' }) + AutomatedInsightsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AutomatedInsightsTenant' }) + AzureMap = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'AzureMap' }) + BingMap = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'BingMap' }) + BlockAccessFromPublicNetworks = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'BlockAccessFromPublicNetworks' }) + BlockAutoDiscoverAndPackageRefresh = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'BlockAutoDiscoverAndPackageRefresh' }) + BlockProtectedLabelSharingToEntireOrg = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'BlockProtectedLabelSharingToEntireOrg' }) + BlockResourceKeyAuthentication = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'BlockResourceKeyAuthentication' }) + CDSAManagement = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'CDSAManagement' }) + CertifiedCustomVisualsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'CertifiedCustomVisualsTenant' }) + CertifyDatasets = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'CertifyDatasets' }) + ConfigureFolderRetentionPeriod = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ConfigureFolderRetentionPeriod' }) + CreateAppWorkspaces = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'CreateAppWorkspaces' }) + CustomVisualsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'CustomVisualsTenant' }) + DatamartTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'DatamartTenant' }) + DatasetExecuteQueries = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'DatasetExecuteQueries' }) + DevelopServiceApps = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'DevelopServiceApps' }) + DiscoverDatasetsConsumption = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'DiscoverDatasetsConsumption' }) + DiscoverDatasetsSettingsCertified = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'DiscoverDatasetsSettingsCertified' }) + DiscoverDatasetsSettingsPromoted = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'DiscoverDatasetsSettingsPromoted' }) + DremioSSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'DremioSSO' }) + EimInformationProtectionDataSourceInheritanceSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EimInformationProtectionDataSourceInheritanceSetting' }) + EimInformationProtectionDownstreamInheritanceSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EimInformationProtectionDownstreamInheritanceSetting' }) + EimInformationProtectionEdit = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EimInformationProtectionEdit' }) + EimInformationProtectionLessElevated = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EimInformationProtectionLessElevated' }) + EimInformationProtectionWorkspaceAdminsOverrideAutomaticLabelsSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EimInformationProtectionWorkspaceAdminsOverrideAutomaticLabelsSetting' }) + ElevatedGuestsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ElevatedGuestsTenant' }) + EmailSecurityGroupsOnOutage = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EmailSecurityGroupsOnOutage' }) + EmailSubscriptionsToB2BUsers = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EmailSubscriptionsToB2BUsers' }) + EmailSubscriptionsToExternalUsers = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EmailSubscriptionsToExternalUsers' }) + EmailSubscriptionTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EmailSubscriptionTenant' }) + Embedding = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'Embedding' }) + EnableAOAI = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EnableAOAI' }) + EnableDatasetInPlaceSharing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EnableDatasetInPlaceSharing' }) + EnableExcelYellowIntegration = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EnableExcelYellowIntegration' }) + EnableFabricAirflow = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EnableFabricAirflow' }) + EnableNLToDax = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EnableNLToDax' }) + EnableReassignDataDomainSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EnableReassignDataDomainSwitch' }) + EsriVisual = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'EsriVisual' }) + ExpFlightingTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExpFlightingTenant' }) + ExportReport = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExportReport' }) + ExportToCsv = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExportToCsv' }) + ExportToExcelSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExportToExcelSetting' }) + ExportToImage = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExportToImage' }) + ExportToMHTML = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExportToMHTML' }) + ExportToPowerPoint = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExportToPowerPoint' }) + ExportToWord = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExportToWord' }) + ExportToXML = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExportToXML' }) + ExportVisualImageTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExportVisualImageTenant' }) + ExternalDatasetSharingTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExternalDatasetSharingTenant' }) + ExternalSharingV2 = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ExternalSharingV2' }) + FabricAddPartnerWorkload = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'FabricAddPartnerWorkload' }) + FabricFeedbackTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'FabricFeedbackTenantSwitch' }) + FabricGAWorkloads = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'FabricGAWorkloads' }) + FabricThirdPartyWorkloads = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'FabricThirdPartyWorkloads' }) + GitHubTenantSettings = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'GitHubTenantSettings' }) + GitIntegrationCrossGeoTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'GitIntegrationCrossGeoTenantSwitch' }) + GitIntegrationSensitivityLabelsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'GitIntegrationSensitivityLabelsTenantSwitch' }) + GitIntegrationTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'GitIntegrationTenantSwitch' }) + GoogleBigQuerySSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'GoogleBigQuerySSO' }) + GraphQLTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'GraphQLTenant' }) + HealthcareSolutionsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'HealthcareSolutionsTenantSwitch' }) + InstallNonvalidatedTemplateApps = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'InstallNonvalidatedTemplateApps' }) + InstallServiceApps = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'InstallServiceApps' }) + KustoDashboardTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'KustoDashboardTenantSwitch' }) + LiveConnection = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'LiveConnection' }) + LogAnalyticsAttachForWorkspaceAdmins = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'LogAnalyticsAttachForWorkspaceAdmins' }) + M365DataSharing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'M365DataSharing' }) + Mirroring = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'Mirroring' }) + ODSPRefreshEnforcementTenantAllowAutomaticUpdate = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ODSPRefreshEnforcementTenantAllowAutomaticUpdate' }) + OneDriveSharePointAllowSharingTenantSetting = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'OneDriveSharePointAllowSharingTenantSetting' }) + OneDriveSharePointViewerIntegrationTenantSettingV2 = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'OneDriveSharePointViewerIntegrationTenantSettingV2' }) + OneLakeFileExplorer = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'OneLakeFileExplorer' }) + OneLakeForThirdParty = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'OneLakeForThirdParty' }) + OnPremAnalyzeInExcel = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'OnPremAnalyzeInExcel' }) + PowerBIGoalsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'PowerBIGoalsTenant' }) + PowerPlatformSolutionsIntegrationTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'PowerPlatformSolutionsIntegrationTenant' }) + Printing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'Printing' }) + PromoteContent = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'PromoteContent' }) + PublishContentPack = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'PublishContentPack' }) + PublishToWeb = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'PublishToWeb' }) + QnaFeedbackLoop = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'QnaFeedbackLoop' }) + QnaLsdlSharing = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'QnaLsdlSharing' }) + QueryScaleOutTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'QueryScaleOutTenant' }) + RedshiftSSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'RedshiftSSO' }) + RestrictMyFolderCapacity = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'RestrictMyFolderCapacity' }) + RetailSolutionsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'RetailSolutionsTenantSwitch' }) + RScriptVisual = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'RScriptVisual' }) + ServicePrincipalAccess = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ServicePrincipalAccess' }) + ShareLinkToEntireOrg = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ShareLinkToEntireOrg' }) + ShareToTeamsTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'ShareToTeamsTenant' }) + SnowflakeSSO = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'SnowflakeSSO' }) + StorytellingTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'StorytellingTenant' }) + SustainabilitySolutionsTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'SustainabilitySolutionsTenantSwitch' }) + TemplatePublish = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'TemplatePublish' }) + TenantSettingPublishGetHelpInfo = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'TenantSettingPublishGetHelpInfo' }) + TridentPrivatePreview = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'TridentPrivatePreview' }) + UsageMetrics = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'UsageMetrics' }) + UsageMetricsTrackUserLevelInfo = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'UsageMetricsTrackUserLevelInfo' }) + UseDatasetsAcrossWorkspaces = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'UseDatasetsAcrossWorkspaces' }) + VisualizeListInPowerBI = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'VisualizeListInPowerBI' }) + WebContentTilesTenant = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'WebContentTilesTenant' }) + WebModelingTenantSwitch = Get-M365DSCFabricTenantSettingObject -Setting ($instance.tenantSettings | Where-Object -FilterScript { $_.settingName -eq 'WebModelingTenantSwitch' }) ApplicationId = $ApplicationId TenantId = $TenantId CertificateThumbprint = $CertificateThumbprint @@ -1285,7 +1285,7 @@ function Set-TargetResource $AccessTokens ) - Write-Warning -Message "This resource is read-only and does not support changing the settings. It is used for monitoring purposes only." + Write-Warning -Message 'This resource is read-only and does not support changing the settings. It is used for monitoring purposes only.' } function Test-TargetResource @@ -1941,7 +1941,7 @@ function Export-TargetResource try { $Script:ExportMode = $true - $uri = $global:MsCloudLoginConnectionProfile.Fabric.HostUrl + "/v1/admin/tenantsettings" + $uri = $global:MsCloudLoginConnectionProfile.Fabric.HostUrl + '/v1/admin/tenantsettings' [array] $Script:exportedInstances = Invoke-M365DSCFabricWebRequest -Uri $uri -Method 'GET' if ($null -ne $Global:M365DSCExportResourceInstancesCount) @@ -1985,7 +1985,7 @@ function Export-TargetResource $fixQuotes = $true } $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName $key + -ParameterName $key } } if ($fixQuotes) @@ -1995,7 +1995,7 @@ function Export-TargetResource $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` -FileName $Global:PartialExportFileName - Write-Host $Global:M365DSCEmojiGreenCheckMark + Write-Host $Global:M365DSCEmojiGreenCheckMark return $dscContent } catch @@ -2044,7 +2044,7 @@ function Get-M365DSCFabricTenantSettingAsString $StringContent += " title = '" + $setting.title.Replace("'", "''") + "'`r`n" if (-not [System.String]::IsNullOrEmpty($setting.properties)) { - $StringContent += " properties = @(" + $StringContent += ' properties = @(' foreach ($property in $setting.properties) { $StringContent += " MSFT_FabricTenantSettingProperty{`r`n" @@ -2053,7 +2053,7 @@ function Get-M365DSCFabricTenantSettingAsString $StringContent += " type = '$($property.type)'`r`n" $StringContent += " }`r`n" } - $StringContent += ")" + $StringContent += ')' } if (-not [System.String]::IsNullOrEmpty($setting.excludedSecurityGroups)) { @@ -2086,9 +2086,9 @@ function Get-M365DSCFabricTenantSettingObject Write-Verbose -Message "Retrieving values for setting {$($Setting.settingName)}" $values = @{ - settingName = $Setting.settingName - enabled = [Boolean]$Setting.enabled - title = $Setting.title + settingName = $Setting.settingName + enabled = [Boolean]$Setting.enabled + title = $Setting.title } if (-not [System.String]::IsNullOrEmpty($Setting.canSpecifySecurityGroups)) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneASRRulesPolicyWindows10/MSFT_IntuneASRRulesPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneASRRulesPolicyWindows10/MSFT_IntuneASRRulesPolicyWindows10.psm1 index 631222ea79..7c11b42a97 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneASRRulesPolicyWindows10/MSFT_IntuneASRRulesPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneASRRulesPolicyWindows10/MSFT_IntuneASRRulesPolicyWindows10.psm1 @@ -196,7 +196,7 @@ function Get-TargetResource $policy = Get-MgBetaDeviceManagementIntent -All -Filter "DisplayName eq '$DisplayName'" -ErrorAction SilentlyContinue } - if(([array]$policy).count -gt 1) + if (([array]$policy).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -249,7 +249,7 @@ function Get-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*') { if (Assert-M365DSCIsNonInteractiveShell) { @@ -456,19 +456,19 @@ function Set-TargetResource $PSBoundParameters.Remove('AccessTokens') | Out-Null $IncorrectParameters = @{ - BlockPersistenceThroughWmiType = @("userDefined", "warn") - OfficeAppsOtherProcessInjectionType = "userDefined" - OfficeAppsLaunchChildProcessType = "userDefined" - OfficeAppsExecutableContentCreationOrLaunchType = "userDefined" - OfficeMacroCodeAllowWin32ImportsType = "userDefined" - OfficeCommunicationAppsLaunchChildProcess = "disable" - ScriptObfuscatedMacroCodeType = "userDefined" - ScriptDownloadedPayloadExecutionType = @("userDefined", "warn") - ProcessCreationType = "userDefined" - UntrustedUSBProcessType = "userDefined" - UntrustedExecutableType = "userDefined" - EmailContentExecutionType = "userDefined" - GuardMyFoldersType = "userDefined" + BlockPersistenceThroughWmiType = @('userDefined', 'warn') + OfficeAppsOtherProcessInjectionType = 'userDefined' + OfficeAppsLaunchChildProcessType = 'userDefined' + OfficeAppsExecutableContentCreationOrLaunchType = 'userDefined' + OfficeMacroCodeAllowWin32ImportsType = 'userDefined' + OfficeCommunicationAppsLaunchChildProcess = 'disable' + ScriptObfuscatedMacroCodeType = 'userDefined' + ScriptDownloadedPayloadExecutionType = @('userDefined', 'warn') + ProcessCreationType = 'userDefined' + UntrustedUSBProcessType = 'userDefined' + UntrustedExecutableType = 'userDefined' + EmailContentExecutionType = 'userDefined' + GuardMyFoldersType = 'userDefined' } $ExceptionMessage = $null @@ -487,7 +487,7 @@ function Set-TargetResource if (![string]::IsNullOrEmpty($ExceptionMessage)) { - $ExceptionMessage += "Please update your configuration." + $ExceptionMessage += 'Please update your configuration.' Write-Verbose -Message $ExceptionMessage New-M365DSCLogEntry -Message $ExceptionMessage ` @@ -523,7 +523,7 @@ function Set-TargetResource $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/intents' } @@ -557,7 +557,7 @@ function Set-TargetResource #region Assignments $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $currentPolicy.Identity ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $currentPolicy.Identity ` -Targets $assignmentsHash ` -Repository 'deviceManagement/intents' #endregion @@ -773,7 +773,7 @@ function Test-TargetResource if ($testResult) { $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` + -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` -ValuesToCheck $ValuesToCheck.Keys } @@ -929,8 +929,8 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*' -or ` + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.psm1 index b9fc29e2af..096e29a19d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.psm1 @@ -564,7 +564,7 @@ function Test-TargetResource { $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - if ($key -eq "Assignments") + if ($key -eq 'Assignments') { $testResult = Compare-M365DSCIntunePolicyAssignment ` -Source $source ` @@ -740,8 +740,8 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*' -or ` + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy.psm1 index 5ea0434c2c..4e3faa7acd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy.psm1 @@ -92,7 +92,7 @@ function Get-TargetResource { $policy = Get-MgBetaDeviceManagementConfigurationPolicy -All -Filter "Name eq '$DisplayName'" -ErrorAction SilentlyContinue - if(([array]$devicePolicy).Count -gt 1) + if (([array]$devicePolicy).Count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -165,8 +165,8 @@ function Get-TargetResource if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $returnHashtable.Add('Assignments', $returnAssignments) @@ -175,7 +175,7 @@ function Get-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*') { if (Assert-M365DSCIsNonInteractiveShell) { @@ -301,8 +301,8 @@ function Set-TargetResource $createParameters.Add('platforms', $platforms) $createParameters.Add('technologies', $technologies) $createParameters.Add('templateReference', @{ - templateId = $templateReferenceId - }) + templateId = $templateReferenceId + }) $policy = New-MgBetaDeviceManagementConfigurationPolicy -BodyParameter $createParameters #region Assignments @@ -645,8 +645,8 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*' -or ` + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } @@ -678,14 +678,14 @@ function Get-M365DSCIntuneDeviceConfigurationSettings $settingDefinition = 'device_vendor_msft_policy_config_localusersandgroups_configure' $defaultValue = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' 'settingInstance' = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - 'settingDefinitionId' = $settingDefinition - 'groupSettingCollectionValue' = @() + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + 'settingDefinitionId' = $settingDefinition + 'groupSettingCollectionValue' = @() 'settingInstanceTemplateReference' = @{ 'settingInstanceTemplateId' = 'de06bec1-4852-48a0-9799-cf7b85992d45' - } + } } } foreach ($groupConfiguration in $Properties.LocalUserGroupCollection) @@ -698,38 +698,38 @@ function Get-M365DSCIntuneDeviceConfigurationSettings $groupDefaultValue = @{ children = @( @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - 'settingDefinitionId' = $settingDefinition + '_groupconfiguration_accessgroup' - 'groupSettingCollectionValue' = @( + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + 'settingDefinitionId' = $settingDefinition + '_groupconfiguration_accessgroup' + 'groupSettingCollectionValue' = @( @{ 'children' = @( @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' 'settingDefinitionId' = $settingDefinition + '_groupconfiguration_accessgroup_userselectiontype' - 'choiceSettingValue' = @{ + 'choiceSettingValue' = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' - 'value' = $settingDefinition + '_groupconfiguration_accessgroup_userselectiontype_' + $groupConfiguration.UserSelectionType - 'children' = @( + 'value' = $settingDefinition + '_groupconfiguration_accessgroup_userselectiontype_' + $groupConfiguration.UserSelectionType + 'children' = @( @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' - 'settingDefinitionId' = $settingDefinition + '_groupconfiguration_accessgroup_users' + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' + 'settingDefinitionId' = $settingDefinition + '_groupconfiguration_accessgroup_users' 'simpleSettingCollectionValue' = @() } ) } }, @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' 'settingDefinitionId' = $settingDefinition + '_groupconfiguration_accessgroup_action' - 'choiceSettingValue' = @{ + 'choiceSettingValue' = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' - 'value' = $settingDefinition + '_groupconfiguration_accessgroup_action_' + $groupConfiguration.Action - 'children' = @() + 'value' = $settingDefinition + '_groupconfiguration_accessgroup_action_' + $groupConfiguration.Action + 'children' = @() } }, @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingCollectionInstance' - 'settingDefinitionId' = $settingDefinition + '_groupconfiguration_accessgroup_desc' + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingCollectionInstance' + 'settingDefinitionId' = $settingDefinition + '_groupconfiguration_accessgroup_desc' 'choiceSettingCollectionValue' = @() } ) @@ -746,7 +746,7 @@ function Get-M365DSCIntuneDeviceConfigurationSettings { $groupDefaultValue.children[0].groupSettingCollectionValue[0].children[0].choiceSettingValue.children[0].simpleSettingCollectionValue += @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationStringSettingValue' - 'value' = $member + 'value' = $member } } @@ -754,8 +754,8 @@ function Get-M365DSCIntuneDeviceConfigurationSettings { $groupDefaultValue.children[0].groupSettingCollectionValue[0].children[2].choiceSettingCollectionValue += @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' - 'value' = $settingDefinition + '_groupconfiguration_accessgroup_desc_' + $localGroup - 'children' = @() + 'value' = $settingDefinition + '_groupconfiguration_accessgroup_desc_' + $localGroup + 'children' = @() } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/MSFT_IntuneAccountProtectionPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/MSFT_IntuneAccountProtectionPolicy.psm1 index a7d21f2100..c6bb81224f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/MSFT_IntuneAccountProtectionPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/MSFT_IntuneAccountProtectionPolicy.psm1 @@ -148,7 +148,7 @@ function Get-TargetResource { #Retrieve policy general settings - $policy = Get-MgBetaDeviceManagementIntent -DeviceManagementIntentId $Identity -ExpandProperty settings,assignments -ErrorAction SilentlyContinue + $policy = Get-MgBetaDeviceManagementIntent -DeviceManagementIntentId $Identity -ExpandProperty settings, assignments -ErrorAction SilentlyContinue if ($null -eq $policy) { @@ -164,12 +164,12 @@ function Get-TargetResource return $nullResult } - if(([array]$policy).count -gt 1) + if (([array]$policy).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } - $policy = Get-MgBetaDeviceManagementIntent -DeviceManagementIntentId $policy.id -ExpandProperty settings,assignments -ErrorAction SilentlyContinue + $policy = Get-MgBetaDeviceManagementIntent -DeviceManagementIntentId $policy.id -ExpandProperty settings, assignments -ErrorAction SilentlyContinue } @@ -184,7 +184,7 @@ function Get-TargetResource foreach ($setting in $settings) { - $settingName = $setting.definitionId.Split("_")[1] + $settingName = $setting.definitionId.Split('_')[1] $settingValue = $setting.ValueJson | ConvertFrom-Json if ($settingName -eq 'WindowsHelloForBusinessBlocked') @@ -226,7 +226,7 @@ function Get-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*') { if (Assert-M365DSCIsNonInteractiveShell) { @@ -372,7 +372,7 @@ function Set-TargetResource ) Write-Warning -Message "The resource 'IntuneAccountProtectionPolicy' is deprecated. It will be removed in a future release. Please use 'IntuneAccountProtectionPolicyWindows10' instead." - Write-Warning -Message "For more information, please visit https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new#consolidation-of-intune-profiles-for-identity-protection-and-account-protection-" + Write-Warning -Message 'For more information, please visit https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new#consolidation-of-intune-profiles-for-identity-protection-and-account-protection-' $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` -InboundParameters $PSBoundParameters @@ -424,7 +424,7 @@ function Set-TargetResource $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/intents' } @@ -451,7 +451,7 @@ function Set-TargetResource #Update-MgBetaDeviceManagementIntent does not support updating the property settings #Update-MgBetaDeviceManagementIntentSetting only support updating a single setting at a time #Using Rest to reduce the number of calls - + $Uri = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/intents/$($currentPolicy.Identity)/updateSettings" $body = @{'settings' = $settings } Invoke-MgGraphRequest -Method POST -Uri $Uri -Body ($body | ConvertTo-Json -Depth 20) -ContentType 'application/json' 4> $null @@ -459,7 +459,7 @@ function Set-TargetResource #region Assignments $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $currentPolicy.Identity ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $currentPolicy.Identity ` -Targets $assignmentsHash ` -Repository 'deviceManagement/intents' #endregion @@ -797,8 +797,8 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*' -or ` + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } @@ -843,7 +843,7 @@ function Get-M365DSCIntuneDeviceConfigurationSettings $result = @{} $settingType = $setting.AdditionalProperties.'@odata.type' $settingValue = $null - $currentValueKey = $Properties.keys | Where-Object -FilterScript { $_ -eq $setting.DefinitionId.Split("_")[1] } + $currentValueKey = $Properties.keys | Where-Object -FilterScript { $_ -eq $setting.DefinitionId.Split('_')[1] } if ($null -ne $currentValueKey) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicyWindows10/MSFT_IntuneAccountProtectionPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicyWindows10/MSFT_IntuneAccountProtectionPolicyWindows10.psm1 index dce9a3ba73..dbf21af696 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicyWindows10/MSFT_IntuneAccountProtectionPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicyWindows10/MSFT_IntuneAccountProtectionPolicyWindows10.psm1 @@ -90,7 +90,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -363,7 +363,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Account Protection Policy for Windows10 with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -395,7 +395,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Account Protection Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -631,14 +631,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "fcef01f2-439d-4c3f-9184-823fd6e97646_1" + $policyTemplateID = 'fcef01f2-439d-4c3f-9184-823fd6e97646_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -664,16 +664,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -728,16 +728,16 @@ function Export-TargetResource -Credential $Credential if ($Results.DeviceSettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "DeviceSettings" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'DeviceSettings' -IsCIMArray:$True } if ($Results.UserSettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "UserSettings" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'UserSettings' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicyWindows10/settings.json index 7e45256fd1..2215c48275 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicyWindows10/settings.json @@ -1,41 +1,41 @@ { - "resourceName":"IntuneAccountProtectionPolicyWindows10", - "description":"This resource configures an Intune Account Protection Policy for Windows10.", - "permissions":{ - "graph":{ - "delegated":{ - "read":[ + "resourceName": "IntuneAccountProtectionPolicyWindows10", + "description": "This resource configures an Intune Account Protection Policy for Windows10.", + "permissions": { + "graph": { + "delegated": { + "read": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.Read.All" + "name": "DeviceManagementConfiguration.Read.All" } ], - "update":[ + "update": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.ReadWrite.All" + "name": "DeviceManagementConfiguration.ReadWrite.All" } ] }, - "application":{ - "read":[ + "application": { + "read": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.Read.All" + "name": "DeviceManagementConfiguration.Read.All" } ], - "update":[ + "update": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.ReadWrite.All" + "name": "DeviceManagementConfiguration.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAndroidManagedStoreAppConfiguration/MSFT_IntuneAndroidManagedStoreAppConfiguration.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAndroidManagedStoreAppConfiguration/MSFT_IntuneAndroidManagedStoreAppConfiguration.psm1 index 3916bbb6ef..12c7118142 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAndroidManagedStoreAppConfiguration/MSFT_IntuneAndroidManagedStoreAppConfiguration.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAndroidManagedStoreAppConfiguration/MSFT_IntuneAndroidManagedStoreAppConfiguration.psm1 @@ -105,20 +105,23 @@ -CommandName $CommandName ` -Parameters $PSBoundParameters Add-M365DSCTelemetryEvent -Data $data - #endregion + #endregion $nullResult = $PSBoundParameters $nullResult.Ensure = 'Absent' try { - if (-not [string]::IsNullOrWhiteSpace($id)){ $getValue = Get-MgBetaDeviceAppManagementMobileAppConfiguration -ManagedDeviceMobileAppConfigurationId $id -ErrorAction SilentlyContinue } - + if (-not [string]::IsNullOrWhiteSpace($id)) + { + $getValue = Get-MgBetaDeviceAppManagementMobileAppConfiguration -ManagedDeviceMobileAppConfigurationId $id -ErrorAction SilentlyContinue + } + #region resource generator code if ($null -eq $getValue) { $getValue = Get-MgBetaDeviceAppManagementMobileAppConfiguration -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidManagedStoreAppConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidManagedStoreAppConfiguration' ` } } #endregion @@ -138,8 +141,8 @@ $mySettings = @{} $mySettings.Add('permission', $setting['permission']) $mySettings.Add('action', $setting['action']) - - if ($mySettings.values.Where({$null -ne $_}).count -gt 0) + + if ($mySettings.values.Where({ $null -ne $_ }).count -gt 0) { $complexPermissionActions += $mySettings } @@ -147,34 +150,34 @@ $results = @{ #region resource generator code - Id = $getValue.Id - Description = $getValue.Description - DisplayName = $getValue.DisplayName - targetedMobileApps = $getValue.TargetedMobileApps - packageId = $getValue.AdditionalProperties.packageId - payloadJson = $getValue.AdditionalProperties.payloadJson - appSupportsOemConfig = $getValue.AdditionalProperties.appSupportsOemConfig - profileApplicability = $getValue.AdditionalProperties.profileApplicability - connectedAppsEnabled = $getValue.AdditionalProperties.connectedAppsEnabled - permissionActions = $complexPermissionActions - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens - version = $getValue.AdditionalProperties.version + Id = $getValue.Id + Description = $getValue.Description + DisplayName = $getValue.DisplayName + targetedMobileApps = $getValue.TargetedMobileApps + packageId = $getValue.AdditionalProperties.packageId + payloadJson = $getValue.AdditionalProperties.payloadJson + appSupportsOemConfig = $getValue.AdditionalProperties.appSupportsOemConfig + profileApplicability = $getValue.AdditionalProperties.profileApplicability + connectedAppsEnabled = $getValue.AdditionalProperties.connectedAppsEnabled + permissionActions = $complexPermissionActions + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens + version = $getValue.AdditionalProperties.version } - + $assignmentsValues = Get-MgBetaDeviceAppManagementMobileAppConfigurationAssignment -ManagedDeviceMobileAppConfigurationId $Results.Id $assignmentResult = @() if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -196,7 +199,7 @@ function Set-TargetResource { [CmdletBinding()] param - ( + ( #region resource generator code [Parameter()] [System.String] @@ -340,7 +343,7 @@ function Set-TargetResource } $CreateParameters.add('AdditionalProperties', $AdditionalProperties) - + #region resource generator code $policy = New-MgBetaDeviceAppManagementMobileAppConfiguration @CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments @@ -736,13 +739,13 @@ function Export-TargetResource $i++ Write-Host $Global:M365DSCEmojiGreenCheckMark } - + return $dscContent } catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAndroidManagedStoreAppConfiguration/MSFT_IntuneAndroidManagedStoreAppConfiguration.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAndroidManagedStoreAppConfiguration/MSFT_IntuneAndroidManagedStoreAppConfiguration.schema.mof index 55f79afabc..0d19b585e9 100644 Binary files a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAndroidManagedStoreAppConfiguration/MSFT_IntuneAndroidManagedStoreAppConfiguration.schema.mof and b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAndroidManagedStoreAppConfiguration/MSFT_IntuneAndroidManagedStoreAppConfiguration.schema.mof differ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyLinux/MSFT_IntuneAntivirusExclusionsPolicyLinux.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyLinux/MSFT_IntuneAntivirusExclusionsPolicyLinux.psm1 index 37acc5dd48..39eb059aab 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyLinux/MSFT_IntuneAntivirusExclusionsPolicyLinux.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyLinux/MSFT_IntuneAntivirusExclusionsPolicyLinux.psm1 @@ -86,7 +86,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -144,7 +144,7 @@ function Get-TargetResource { $myExclusions.Add('Exclusions_item_isDirectory', $currentExclusions.exclusions_item_isDirectory) } - if ($myExclusions.values.Where({$null -ne $_}).Count -gt 0) + if ($myExclusions.values.Where({ $null -ne $_ }).Count -gt 0) { $complexExclusions += $myExclusions } @@ -279,7 +279,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Antivirus Exclusions Policy Linux with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -310,7 +310,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Antivirus Exclusions Policy Linux with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -541,14 +541,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "8a17a1e5-3df4-4e07-9d20-3878267a79b8_1" + $policyTemplateID = '8a17a1e5-3df4-4e07-9d20-3878267a79b8_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -574,16 +574,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -624,12 +624,12 @@ function Export-TargetResource -Credential $Credential if ($Results.Exclusions) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Exclusions" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Exclusions' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyLinux/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyLinux/settings.json index c1652d31e4..e87220b54e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyLinux/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyLinux/settings.json @@ -1,39 +1,38 @@ { - "resourceName": "IntuneAntivirusExclusionsPolicyLinux", - "description": "This resource configures an Intune Antivirus Exclusions Policy Linux.", - "permissions": { - "graph": { - "application": { - "update": [ - { - "name": "Group.Read.All" - } - ], - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - }, - { - "name": "Group.Read.All" - } - ] - }, - "delegated": { - "update": [ - { - "name": "Group.Read.All" - } - ], - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - }, - { - "name": "Group.Read.All" - } - ] + "resourceName": "IntuneAntivirusExclusionsPolicyLinux", + "description": "This resource configures an Intune Antivirus Exclusions Policy Linux.", + "permissions": { + "graph": { + "application": { + "update": [ + { + "name": "Group.Read.All" + } + ], + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ] + }, + "delegated": { + "update": [ + { + "name": "Group.Read.All" + } + ], + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ] + } } } } - -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyMacOS/MSFT_IntuneAntivirusExclusionsPolicyMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyMacOS/MSFT_IntuneAntivirusExclusionsPolicyMacOS.psm1 index 8875f95e1d..531bbab484 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyMacOS/MSFT_IntuneAntivirusExclusionsPolicyMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyMacOS/MSFT_IntuneAntivirusExclusionsPolicyMacOS.psm1 @@ -86,7 +86,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -144,7 +144,7 @@ function Get-TargetResource { $myExclusions.Add('Exclusions_item_path', $currentExclusions.exclusions_item_path) } - if ($myExclusions.values.Where({$null -ne $_}).Count -gt 0) + if ($myExclusions.values.Where({ $null -ne $_ }).Count -gt 0) { $complexExclusions += $myExclusions } @@ -279,7 +279,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Antivirus Exclusions Policy for macOS with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -310,7 +310,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Antivirus Exclusions Policy for macOS with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -541,14 +541,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "43397174-2244-4006-b5ad-421b369e90d4_1" + $policyTemplateID = '43397174-2244-4006-b5ad-421b369e90d4_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -574,16 +574,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -624,12 +624,12 @@ function Export-TargetResource -Credential $Credential if ($Results.Exclusions) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Exclusions" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Exclusions' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyMacOS/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyMacOS/settings.json index d32d971b67..5757d94eef 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyMacOS/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusExclusionsPolicyMacOS/settings.json @@ -1,45 +1,44 @@ { - "resourceName": "IntuneAntivirusExclusionsPolicyMacOS", - "description": "This resource configures an Intune Antivirus Exclusions Policy for macOS.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - }, - { - "name": "Group.Read.All" - } - ], - "update": [ - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name": "Group.Read.All" - } - ] - }, - "application": { - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - }, - { - "name": "Group.Read.All" - } - ], - "update": [ - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name": "Group.Read.All" - } - ] + "resourceName": "IntuneAntivirusExclusionsPolicyMacOS", + "description": "This resource configures an Intune Antivirus Exclusions Policy for macOS.", + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ] + }, + "application": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ] + } } } } - -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyLinux/MSFT_IntuneAntivirusPolicyLinux.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyLinux/MSFT_IntuneAntivirusPolicyLinux.psm1 index 172c6bede7..cc250b27ab 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyLinux/MSFT_IntuneAntivirusPolicyLinux.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyLinux/MSFT_IntuneAntivirusPolicyLinux.psm1 @@ -197,7 +197,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -261,7 +261,7 @@ function Get-TargetResource { $myExclusions.Add('Exclusions_item_isDirectory', $currentExclusions.exclusions_item_isDirectory) } - if ($myExclusions.values.Where({$null -ne $_}).Count -gt 0) + if ($myExclusions.values.Where({ $null -ne $_ }).Count -gt 0) { $complexExclusions += $myExclusions } @@ -280,7 +280,7 @@ function Get-TargetResource { $myThreatTypeSettings.Add('ThreatTypeSettings_item_value', $currentThreatTypeSettings.threatTypeSettings_item_value) } - if ($myThreatTypeSettings.values.Where({$null -ne $_}).Count -gt 0) + if ($myThreatTypeSettings.values.Where({ $null -ne $_ }).Count -gt 0) { $complexThreatTypeSettings += $myThreatTypeSettings } @@ -528,7 +528,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Antivirus Policy for Linux with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -559,7 +559,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Antivirus Policy for Linux with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -901,14 +901,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "4cfd164c-5e8a-4ea9-b15d-9aa71e4ffff4_1" + $policyTemplateID = '4cfd164c-5e8a-4ea9-b15d-9aa71e4ffff4_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -934,16 +934,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -998,16 +998,16 @@ function Export-TargetResource -Credential $Credential if ($Results.exclusions) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "exclusions" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'exclusions' -IsCIMArray:$True } if ($Results.threatTypeSettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "threatTypeSettings" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'threatTypeSettings' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyLinux/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyLinux/settings.json index 996c1ddb08..4b38a295c6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyLinux/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyLinux/settings.json @@ -1,45 +1,44 @@ { - "resourceName": "IntuneAntivirusPolicyLinux", - "description": "This resource configures an Intune Antivirus Policy Linux.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - }, - { - "name": "Group.Read.All" - } - ], - "update": [ - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name": "Group.Read.All" - } - ] - }, - "application": { - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - }, - { - "name": "Group.Read.All" - } - ], - "update": [ - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name": "Group.Read.All" - } - ] + "resourceName": "IntuneAntivirusPolicyLinux", + "description": "This resource configures an Intune Antivirus Policy Linux.", + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ] + }, + "application": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ] + } } } } - -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyMacOS/MSFT_IntuneAntivirusPolicyMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyMacOS/MSFT_IntuneAntivirusPolicyMacOS.psm1 index 6162f15e24..30829e2aab 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyMacOS/MSFT_IntuneAntivirusPolicyMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyMacOS/MSFT_IntuneAntivirusPolicyMacOS.psm1 @@ -200,7 +200,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -264,7 +264,7 @@ function Get-TargetResource { $myExclusions.Add('Exclusions_item_path', $currentExclusions.exclusions_item_path) } - if ($myExclusions.values.Where({$null -ne $_}).Count -gt 0) + if ($myExclusions.values.Where({ $null -ne $_ }).Count -gt 0) { $complexExclusions += $myExclusions } @@ -277,7 +277,7 @@ function Get-TargetResource $myThreatTypeSettings = @{} $myThreatTypeSettings.Add('ThreatTypeSettings_item_key', $currentThreatTypeSettings.threatTypeSettings_item_key) $myThreatTypeSettings.Add('ThreatTypeSettings_item_value', $currentThreatTypeSettings.threatTypeSettings_item_value) - if ($myThreatTypeSettings.values.Where({$null -ne $_}).Count -gt 0) + if ($myThreatTypeSettings.values.Where({ $null -ne $_ }).Count -gt 0) { $complexThreatTypeSettings += $myThreatTypeSettings } @@ -527,7 +527,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Antivirus Policy for macOS with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -558,7 +558,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Antivirus Policy for macOS with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -903,14 +903,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "2d345ec2-c817-49e5-9156-3ed416dc972a_1" + $policyTemplateID = '2d345ec2-c817-49e5-9156-3ed416dc972a_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -936,16 +936,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -1000,16 +1000,16 @@ function Export-TargetResource -Credential $Credential if ($Results.exclusions) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "exclusions" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'exclusions' -IsCIMArray:$True } if ($Results.threatTypeSettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "threatTypeSettings" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'threatTypeSettings' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyMacOS/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyMacOS/settings.json index ce5391c1db..0814555984 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyMacOS/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyMacOS/settings.json @@ -1,44 +1,44 @@ { - "resourceName":"IntuneAntivirusPolicyMacOS", - "description":"This resource configures an Intune Antivirus Policy for macOS.", - "permissions":{ - "graph":{ - "application":{ - "read":[ - { - "name":"DeviceManagementConfiguration.Read.All" - }, - { - "name":"Group.Read.All" - } - ], - "update":[ - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name":"Group.Read.All" - } - ] - }, - "delegated":{ - "read":[ - { - "name":"DeviceManagementConfiguration.Read.All" - }, - { - "name":"Group.Read.All" - } - ], - "update":[ - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name":"Group.Read.All" - } - ] - } - } - } -} \ No newline at end of file + "resourceName": "IntuneAntivirusPolicyMacOS", + "description": "This resource configures an Intune Antivirus Policy for macOS.", + "permissions": { + "graph": { + "application": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ] + }, + "delegated": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ] + } + } + } +} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 index 4175e16dca..3ca3c511c6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 @@ -320,7 +320,7 @@ function Get-TargetResource $RandomizeScheduleTaskTimes, [Parameter()] - [ValidateRange(1,23)] + [ValidateRange(1, 23)] [System.Int32] $SchedulerRandomizationTime, @@ -442,7 +442,7 @@ function Get-TargetResource $nullResult = $PSBoundParameters $nullResult.Ensure = 'Absent' - $templateReferences = "d948ff9b-99cb-4ee0-8012-1fbc09685377_1", "e3f74c5a-a6de-411d-aef6-eb15628f3a0a_1", "45fea5e9-280d-4da1-9792-fb5736da0ca9_1","804339ad-1553-4478-a742-138fb5807418_1" + $templateReferences = 'd948ff9b-99cb-4ee0-8012-1fbc09685377_1', 'e3f74c5a-a6de-411d-aef6-eb15628f3a0a_1', '45fea5e9-280d-4da1-9792-fb5736da0ca9_1', '804339ad-1553-4478-a742-138fb5807418_1' #Retrieve policy general settings $policy = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Identity -ErrorAction SilentlyContinue @@ -458,8 +458,8 @@ function Get-TargetResource -Filter "Name eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -in $templateReferences - } + $_.TemplateReference.TemplateId -in $templateReferences + } } } @@ -513,8 +513,8 @@ function Get-TargetResource if ($graphAssignments.Count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $returnHashtable.Add('Assignments', $returnAssignments) @@ -537,8 +537,8 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential - $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult - return $nullResult + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult + return $nullResult } } @@ -863,7 +863,7 @@ function Set-TargetResource $RandomizeScheduleTaskTimes, [Parameter()] - [ValidateRange(1,23)] + [ValidateRange(1, 23)] [System.Int32] $SchedulerRandomizationTime, @@ -1016,12 +1016,12 @@ function Set-TargetResource -TemplateId $templateReferenceId $createParameters = @{ - Name = $DisplayName - Description = $Description - TemplateReference = @{ templateId = $templateReferenceId } - Platforms = $platforms - Technologies = $technologies - Settings = $settings + Name = $DisplayName + Description = $Description + TemplateReference = @{ templateId = $templateReferenceId } + Platforms = $platforms + Technologies = $technologies + Settings = $settings } $policy = New-MgBetaDeviceManagementConfigurationPolicy -BodyParameter $createParameters @@ -1389,7 +1389,7 @@ function Test-TargetResource $RandomizeScheduleTaskTimes, [Parameter()] - [ValidateRange(1,23)] + [ValidateRange(1, 23)] [System.Int32] $SchedulerRandomizationTime, @@ -1629,12 +1629,12 @@ function Export-TargetResource try { $templateFamily = 'endpointSecurityAntivirus' - $templateReferences = "d948ff9b-99cb-4ee0-8012-1fbc09685377_1", "e3f74c5a-a6de-411d-aef6-eb15628f3a0a_1", "45fea5e9-280d-4da1-9792-fb5736da0ca9_1","804339ad-1553-4478-a742-138fb5807418_1" + $templateReferences = 'd948ff9b-99cb-4ee0-8012-1fbc09685377_1', 'e3f74c5a-a6de-411d-aef6-eb15628f3a0a_1', '45fea5e9-280d-4da1-9792-fb5736da0ca9_1', '804339ad-1553-4478-a742-138fb5807418_1' [array]$policies = Get-MgBetaDeviceManagementConfigurationPolicy -Filter $Filter -All:$true ` -ErrorAction Stop | Where-Object -FilterScript { - $_.TemplateReference.TemplateFamily -eq $templateFamily -and - $_.TemplateReference.TemplateId -in $templateReferences - } + $_.TemplateReference.TemplateFamily -eq $templateFamily -and + $_.TemplateReference.TemplateId -in $templateReferences + } if ($policies.Length -eq 0) { @@ -1698,7 +1698,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -1713,7 +1713,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10.psm1 index 7e2b0d7ead..6428046d92 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10.psm1 @@ -170,7 +170,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -412,7 +412,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune App And Browser Isolation Policy for Windows10 with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -443,7 +443,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune App And Browser Isolation Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -758,14 +758,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "9f667e40-8f3c-4f88-80d8-457f16906315_1" + $policyTemplateID = '9f667e40-8f3c-4f88-80d8-457f16906315_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -791,16 +791,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -828,7 +828,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10/settings.json index 6f8ca8d487..17a3c28af2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10/settings.json @@ -1,45 +1,44 @@ { - "resourceName": "IntuneAppAndBrowserIsolationPolicyWindows10", - "description": "This resource configures an Intune App And Browser Isolation Policy for Windows10.", - "permissions": { - "graph": { - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] + "resourceName": "IntuneAppAndBrowserIsolationPolicyWindows10", + "description": "This resource configures an Intune App And Browser Isolation Policy for Windows10.", + "permissions": { + "graph": { + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } } } } - -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr.psm1 index c16f87a0b1..30ee290d10 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr.psm1 @@ -170,7 +170,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -412,7 +412,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune App And Browser Isolation Policy for Windows10 Config Mgr with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -443,7 +443,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune App And Browser Isolation Policy for Windows10 Config Mgr with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -758,14 +758,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "e373ebb7-c1c5-4ffb-9ce0-698f1834fd9d_1" + $policyTemplateID = 'e373ebb7-c1c5-4ffb-9ce0-698f1834fd9d_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -791,16 +791,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -828,7 +828,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr/settings.json index 2bed23cd76..fbd63af993 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr/settings.json @@ -1,33 +1,32 @@ { - "resourceName": "IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr", - "description": "This resource configures an Intune App And Browser Isolation Policy for Windows10 Config Mgr.", - "permissions": { - "graph": { - "application": { - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "delegated": { - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] + "resourceName": "IntuneAppAndBrowserIsolationPolicyWindows10ConfigMgr", + "description": "This resource configures an Intune App And Browser Isolation Policy for Windows10 Config Mgr.", + "permissions": { + "graph": { + "application": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "delegated": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } } } } - -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppCategory/MSFT_IntuneAppCategory.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppCategory/MSFT_IntuneAppCategory.psm1 index 58f5f94a9d..a1cedf2a18 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppCategory/MSFT_IntuneAppCategory.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppCategory/MSFT_IntuneAppCategory.psm1 @@ -73,7 +73,7 @@ function Get-TargetResource $instance = $null if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } if ($null -eq $instance) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/MSFT_IntuneAppConfigurationDevicePolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/MSFT_IntuneAppConfigurationDevicePolicy.psm1 index 40e6da6888..1be31cd697 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/MSFT_IntuneAppConfigurationDevicePolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/MSFT_IntuneAppConfigurationDevicePolicy.psm1 @@ -22,7 +22,7 @@ function Get-TargetResource $PermissionActions, [Parameter()] - [ValidateSet('default','androidWorkProfile','androidDeviceOwner')] + [ValidateSet('default', 'androidWorkProfile', 'androidDeviceOwner')] [System.String] $ProfileApplicability, @@ -117,7 +117,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceAppManagementMobileAppConfiguration -ManagedDeviceMobileAppConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceAppManagementMobileAppConfiguration -ManagedDeviceMobileAppConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -150,7 +150,7 @@ function Get-TargetResource $mypermissionActions.Add('Action', $currentpermissionActions.action.toString()) } $mypermissionActions.Add('Permission', $currentpermissionActions.permission) - if ($mypermissionActions.values.Where({$null -ne $_}).count -gt 0) + if ($mypermissionActions.values.Where({ $null -ne $_ }).count -gt 0) { $complexPermissionActions += $mypermissionActions } @@ -166,7 +166,7 @@ function Get-TargetResource $mysettings.Add('AppConfigKeyType', $currentsettings.appConfigKeyType.toString()) } $mysettings.Add('AppConfigKeyValue', $currentsettings.appConfigKeyValue) - if ($mysettings.values.Where({$null -ne $_}).count -gt 0) + if ($mysettings.values.Where({ $null -ne $_ }).count -gt 0) { $complexSettings += $mysettings } @@ -276,7 +276,7 @@ function Set-TargetResource $PermissionActions, [Parameter()] - [ValidateSet('default','androidWorkProfile','androidDeviceOwner')] + [ValidateSet('default', 'androidWorkProfile', 'androidDeviceOwner')] [System.String] $ProfileApplicability, @@ -394,7 +394,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune App Configuration Device Policy with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -433,7 +433,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune App Configuration Device Policy with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -501,7 +501,7 @@ function Test-TargetResource $PermissionActions, [Parameter()] - [ValidateSet('default','androidWorkProfile','androidDeviceOwner')] + [ValidateSet('default', 'androidWorkProfile', 'androidDeviceOwner')] [System.String] $ProfileApplicability, @@ -609,7 +609,10 @@ function Test-TargetResource -Source ($source) ` -Target ($target) - if (-not $testResult) { break } + if (-not $testResult) + { + break + } $ValuesToCheck.Remove($key) | Out-Null } @@ -722,7 +725,7 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ Id = $config.Id - DisplayName = $config.DisplayName + DisplayName = $config.DisplayName Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId @@ -783,15 +786,15 @@ function Export-TargetResource -Credential $Credential if ($Results.PermissionActions) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "PermissionActions" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'PermissionActions' -IsCIMArray:$True } if ($Results.Settings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Settings" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Settings' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/readme.md index 4b94a974b9..85cf9b00a5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/readme.md +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/readme.md @@ -3,6 +3,6 @@ ## Description -Intune App Configuration Device Policy. +Intune App Configuration Device Policy. Please note: A policy can only contain settings of its platform type and the platform type cannot be changed after creation. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/settings.json index 57be974d43..fe3c38c0d1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationDevicePolicy/settings.json @@ -1,45 +1,44 @@ { - "resourceName": "IntuneAppConfigurationDevicePolicy", - "description": "This resource configures an Intune App Configuration Device Policy.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementApps.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementApps.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementApps.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementApps.ReadWrite.All" - } - ] + "resourceName": "IntuneAppConfigurationDevicePolicy", + "description": "This resource configures an Intune App Configuration Device Policy.", + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementApps.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementApps.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementApps.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementApps.ReadWrite.All" + } + ] + } } } } - -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 index 2a138b5bb1..e1d3cc0d52 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 @@ -79,11 +79,13 @@ function Get-TargetResource try { - try { + try + { $configPolicy = Get-MgBetaDeviceAppManagementTargetedManagedAppConfiguration -TargetedManagedAppConfigurationId $Id ` -ErrorAction Stop } - catch { + catch + { $configPolicy = $null } @@ -106,7 +108,7 @@ function Get-TargetResource Write-Verbose -Message "No App Configuration Policy with DisplayName {$DisplayName} was found" return $nullResult } - if(([array]$configPolicy).count -gt 1) + if (([array]$configPolicy).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -133,8 +135,8 @@ function Get-TargetResource if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $returnHashtable.Add('Assignments', $returnAssignments) @@ -563,7 +565,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/MSFT_IntuneAppProtectionPolicyAndroid.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/MSFT_IntuneAppProtectionPolicyAndroid.psm1 index 3c9cdb0c46..f2b2e9d031 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/MSFT_IntuneAppProtectionPolicyAndroid.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/MSFT_IntuneAppProtectionPolicyAndroid.psm1 @@ -252,7 +252,7 @@ function Get-TargetResource Write-Verbose -Message "Searching for Policy using DisplayName {$DisplayName}" $policyInfoArray = Get-MgBetaDeviceAppManagementAndroidManagedAppProtection -ExpandProperty Apps, assignments ` -ErrorAction Stop -All:$true - $policyInfo = $policyInfoArray | Where-Object -FilterScript {$_.displayName -eq $DisplayName} + $policyInfo = $policyInfoArray | Where-Object -FilterScript { $_.displayName -eq $DisplayName } } if ($null -eq $policyInfo) { @@ -1005,14 +1005,14 @@ function Test-TargetResource Write-Verbose -Message ('Unspecified Parameter in Config: ' + $param + ' Current Value Will be retained: ' + $CurrentValues.$param) } } - Write-Verbose -Message "Starting Assignments Check" + Write-Verbose -Message 'Starting Assignments Check' # handle complex parameters - manually for now if ($PSBoundParameters.keys -contains 'Assignments' ) { $targetvalues.add('Assignments', $psboundparameters.Assignments) } - Write-Verbose -Message "Starting Exluded Groups Check" + Write-Verbose -Message 'Starting Exluded Groups Check' if ($PSBoundParameters.keys -contains 'ExcludedGroups' ) { $targetvalues.add('ExcludedGroups', $psboundparameters.ExcludedGroups) @@ -1164,7 +1164,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/MSFT_IntuneAppProtectionPolicyiOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/MSFT_IntuneAppProtectionPolicyiOS.psm1 index 8771eaf045..d0fbc61d7e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/MSFT_IntuneAppProtectionPolicyiOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/MSFT_IntuneAppProtectionPolicyiOS.psm1 @@ -773,7 +773,7 @@ function Set-TargetResource Update-IntuneAppProtectionPolicyiOSApp -IosManagedAppProtectionId $policy.id -Apps $myApps - Write-Verbose -Message "Updating policy assignments" + Write-Verbose -Message 'Updating policy assignments' Update-IntuneAppProtectionPolicyiOSAssignment -IosManagedAppProtectionId $policy.id -Assignments $myAssignments } elseif ($Ensure -eq 'Present' -and $currentPolicy.Ensure -eq 'Present') @@ -1234,7 +1234,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } @@ -1293,7 +1293,7 @@ function Get-IntuneAppProtectionPolicyiOSAssignmentToHashtable foreach ($assignment in $Parameters.Assignments) { $assignmentValue = $assignment - if (-not [System.Guid]::TryParse($assignment,[System.Management.Automation.PSReference]$ObjectGuid)) + if (-not [System.Guid]::TryParse($assignment, [System.Management.Automation.PSReference]$ObjectGuid)) { $groupInfo = Get-MgGroup -Filter "DisplayName eq '$assignment'" $assignmentValue = $groupInfo.Id @@ -1308,7 +1308,7 @@ function Get-IntuneAppProtectionPolicyiOSAssignmentToHashtable foreach ($exclusion in $Parameters.Exclusions) { $assignmentValue = $exclusion - if (-not [System.Guid]::TryParse($exclusion,[System.Management.Automation.PSReference]$ObjectGuid)) + if (-not [System.Guid]::TryParse($exclusion, [System.Management.Automation.PSReference]$ObjectGuid)) { $groupInfo = Get-MgGroup -Filter "DisplayName eq '$exclusion'" $assignmentValue = $groupInfo.Id @@ -1336,7 +1336,7 @@ function Get-IntuneAppProtectionPolicyiOSAssignment try { - $Url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceAppManagement/iosManagedAppProtections('$IosManagedAppProtectionId')/assignments" + $Url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceAppManagement/iosManagedAppProtections('$IosManagedAppProtectionId')/assignments" $response = Invoke-MgGraphRequest -Method Get ` -Uri $Url return $response.value @@ -1367,7 +1367,7 @@ function Update-IntuneAppProtectionPolicyiOSAssignment ) try { - $Url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceAppManagement/iosManagedAppProtections('$IosManagedAppProtectionId')/assign" + $Url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceAppManagement/iosManagedAppProtections('$IosManagedAppProtectionId')/assign" $body = ($Assignments | ConvertTo-Json -Depth 20 -Compress) Write-Verbose -Message "Group Assignment for iOS App Protection policy with JSON payload {$Url}: `r`n$body" Invoke-MgGraphRequest -Method POST ` @@ -1401,7 +1401,7 @@ function Update-IntuneAppProtectionPolicyiOSApp try { - $Url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceAppManagement/iosManagedAppProtections('$IosManagedAppProtectionId')/targetApps" + $Url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceAppManagement/iosManagedAppProtections('$IosManagedAppProtectionId')/targetApps" # Write-Verbose -Message "Group Assignment for iOS App Protection policy with JSON payload: `r`n$JSONContent" Invoke-MgGraphRequest -Method POST ` -Uri $Url ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppleMDMPushNotificationCertificate/MSFT_IntuneAppleMDMPushNotificationCertificate.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppleMDMPushNotificationCertificate/MSFT_IntuneAppleMDMPushNotificationCertificate.psm1 index 73e8ef6abe..c5b4c9199c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppleMDMPushNotificationCertificate/MSFT_IntuneAppleMDMPushNotificationCertificate.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppleMDMPushNotificationCertificate/MSFT_IntuneAppleMDMPushNotificationCertificate.psm1 @@ -81,7 +81,7 @@ function Get-TargetResource $instance = $null if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } if ($null -eq $instance) @@ -91,34 +91,36 @@ function Get-TargetResource if ($null -eq $instance) { - Write-Verbose -Message "Apple push notification certificate." + Write-Verbose -Message 'Apple push notification certificate.' return $nullResult } } $results = @{ - Id = $instance.Id - AppleIdentifier = $instance.AppleIdentifier - - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Id = $instance.Id + AppleIdentifier = $instance.AppleIdentifier + + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } - if (-not [String]::IsNullOrEmpty($instance.Certificate)) { + if (-not [String]::IsNullOrEmpty($instance.Certificate)) + { $results.Add('Certificate', $instance.Certificate) } - else { - $results.Add('Certificate', "") + else + { + $results.Add('Certificate', '') } # Get the value of Data sharing consent between Intune and Apple. The id is hardcoded to "appleMDMPushCertificate". - $consentInstance = Get-MgBetaDeviceManagementDataSharingConsent -DataSharingConsentId "appleMDMPushCertificate" + $consentInstance = Get-MgBetaDeviceManagementDataSharingConsent -DataSharingConsentId 'appleMDMPushCertificate' $results.Add('DataSharingConsetGranted', $consentInstance.Granted) return [System.Collections.Hashtable] $results @@ -220,11 +222,13 @@ function Set-TargetResource # Post data sharing consent as granted between Intune and Apple. NOTE: It's a one-way operation. Once agreed, it can't be revoked. # so first check if it is $false, then make a post call to agree to the consent, this set the DataSharingConsetGranted to $true. - $consentInstance = Get-MgBetaDeviceManagementDataSharingConsent -DataSharingConsentId "appleMDMPushCertificate" - If($consentInstance.Granted -eq $False) { - Invoke-MgGraphRequest -Method POST -Uri ($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/dataSharingConsents/appleMDMPushCertificate/consentToDataSharing") -Headers @{ "Content-Type" = "application/json" } + $consentInstance = Get-MgBetaDeviceManagementDataSharingConsent -DataSharingConsentId 'appleMDMPushCertificate' + If ($consentInstance.Granted -eq $False) + { + Invoke-MgGraphRequest -Method POST -Uri ($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/deviceManagement/dataSharingConsents/appleMDMPushCertificate/consentToDataSharing') -Headers @{ 'Content-Type' = 'application/json' } } - else { + else + { Write-Host "Data sharing conset is already granted, so it can't be revoked." } @@ -244,8 +248,8 @@ function Set-TargetResource # There is only PATCH request hence using Update cmdlet to remove the certificate by passing empty certificate as param. $params = @{ - appleIdentifier = "" - certificate = "" + appleIdentifier = '' + certificate = '' } Update-MgBetaDeviceManagementApplePushNotificationCertificate -BodyParameter $params } @@ -424,22 +428,22 @@ function Export-TargetResource Write-Host " |---[$i/$($Script:exportedInstances.Count)] $displayedKey" -NoNewline $Params = @{ - Id = $config.Id - AppleIdentifier = $config.AppleIdentifier - Certificate = $config.Certificate - - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Id = $config.Id + AppleIdentifier = $config.AppleIdentifier + Certificate = $config.Certificate + + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } # Get the value of Data sharing consent between Intune and Apple. The id is hardcoded to "appleMDMPushCertificate". - $consentInstance = Get-MgBetaDeviceManagementDataSharingConsent -DataSharingConsentId "appleMDMPushCertificate" + $consentInstance = Get-MgBetaDeviceManagementDataSharingConsent -DataSharingConsentId 'appleMDMPushCertificate' $Params.Add('DataSharingConsetGranted', $consentInstance.Granted) $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/MSFT_IntuneApplicationControlPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/MSFT_IntuneApplicationControlPolicyWindows10.psm1 index 3e8c8e1133..6882d2819b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/MSFT_IntuneApplicationControlPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/MSFT_IntuneApplicationControlPolicyWindows10.psm1 @@ -88,7 +88,7 @@ function Get-TargetResource #Retrieve policy general settings $policy = Get-MgBetaDeviceManagementIntent -All -Filter "displayName eq '$DisplayName'" -ErrorAction Stop | Where-Object -FilterScript { $_.TemplateId -eq '63be6324-e3c9-4c97-948a-e7f4b96f0f20' } - if(([array]$policy).count -gt 1) + if (([array]$policy).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -248,7 +248,7 @@ function Set-TargetResource $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/intents' } @@ -285,7 +285,7 @@ function Set-TargetResource #region Assignments $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $appControlPolicy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $appControlPolicy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/intents' #endregion @@ -555,8 +555,8 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*' -or ` + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAttackSurfaceReductionRulesPolicyWindows10ConfigManager/MSFT_IntuneAttackSurfaceReductionRulesPolicyWindows10ConfigManager.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAttackSurfaceReductionRulesPolicyWindows10ConfigManager/MSFT_IntuneAttackSurfaceReductionRulesPolicyWindows10ConfigManager.psm1 index 4f0ffe06c4..ff70777c6c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAttackSurfaceReductionRulesPolicyWindows10ConfigManager/MSFT_IntuneAttackSurfaceReductionRulesPolicyWindows10ConfigManager.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAttackSurfaceReductionRulesPolicyWindows10ConfigManager/MSFT_IntuneAttackSurfaceReductionRulesPolicyWindows10ConfigManager.psm1 @@ -224,8 +224,8 @@ function Get-TargetResource if ($graphAssignments.Count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $returnHashtable.Add('Assignments', $returnAssignments) @@ -860,8 +860,8 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*' -or ` + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDerivedCredential/MSFT_IntuneDerivedCredential.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDerivedCredential/MSFT_IntuneDerivedCredential.psm1 index 7ab10b8752..80a3b01f9c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDerivedCredential/MSFT_IntuneDerivedCredential.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDerivedCredential/MSFT_IntuneDerivedCredential.psm1 @@ -1,4 +1,5 @@ -function Get-TargetResource { +function Get-TargetResource +{ [CmdletBinding()] [OutputType([System.Collections.Hashtable])] param ( @@ -91,7 +92,7 @@ function Get-TargetResource { $instance = $null if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } if ($null -eq $instance) @@ -119,20 +120,20 @@ function Get-TargetResource { } $results = @{ - Ensure = 'Present' - Id = $instance.Id - DisplayName = $instance.DisplayName - HelpUrl = $instance.HelpUrl - Issuer = $instance.Issuer.ToString() - NotificationType = $instance.NotificationType.ToString() - RenewalThresholdPercentage = $instance.RenewalThresholdPercentage - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Ensure = 'Present' + Id = $instance.Id + DisplayName = $instance.DisplayName + HelpUrl = $instance.HelpUrl + Issuer = $instance.Issuer.ToString() + NotificationType = $instance.NotificationType.ToString() + RenewalThresholdPercentage = $instance.RenewalThresholdPercentage + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results @@ -150,7 +151,8 @@ function Get-TargetResource { } } -function Set-TargetResource { +function Set-TargetResource +{ [CmdletBinding()] param ( @@ -187,7 +189,7 @@ function Set-TargetResource { [Parameter()] [ValidateSet('Present', 'Absent')] [System.String] - $Ensure='Present', + $Ensure = 'Present', [Parameter()] [System.Management.Automation.PSCredential] @@ -252,7 +254,8 @@ function Set-TargetResource { } } -function Test-TargetResource { +function Test-TargetResource +{ [CmdletBinding()] [OutputType([System.Boolean])] param ( @@ -361,7 +364,8 @@ function Test-TargetResource { return $testResult } -function Export-TargetResource { +function Export-TargetResource +{ [CmdletBinding()] [OutputType([System.String])] param ( @@ -431,7 +435,7 @@ function Export-TargetResource { ) $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` - -InboundParameters $PSBoundParameters + -InboundParameters $PSBoundParameters #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -466,20 +470,20 @@ function Export-TargetResource { Write-Host " |---[$i/$($Script:exportedInstances.Count)] $displayedKey" -NoNewline $params = @{ - Ensure = 'Present' - Id = $config.Id - DisplayName = $config.DisplayName - HelpUrl = $config.HelpUrl - Issuer = $config.Issuer.ToString() - NotificationType = $config.NotificationType.ToString() - RenewalThresholdPercentage = $config.RenewalThresholdPercentage - Credential = $Credential - AccessTokens = $AccessTokens - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent + Ensure = 'Present' + Id = $config.Id + DisplayName = $config.DisplayName + HelpUrl = $config.HelpUrl + Issuer = $config.Issuer.ToString() + NotificationType = $config.NotificationType.ToString() + RenewalThresholdPercentage = $config.RenewalThresholdPercentage + Credential = $Credential + AccessTokens = $AccessTokens + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDerivedCredential/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDerivedCredential/settings.json index 488bd5b384..c6b0993445 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDerivedCredential/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDerivedCredential/settings.json @@ -1,21 +1,16 @@ { - "resourceName": "IntuneDerivedCredential", - "description": "Use this resource to create new navigation property to derivedCredentials for device Management in Intune.", - - "permissions": { - "graph": { - "delegated": { - "read": [ - ], - "update": [ - ] - }, - "application": { - "read": [ - ], - "update": [ - ] - } + "resourceName": "IntuneDerivedCredential", + "description": "Use this resource to create new navigation property to derivedCredentials for device Management in Intune.", + "permissions": { + "graph": { + "delegated": { + "read": [], + "update": [] + }, + "application": { + "read": [], + "update": [] } } } +} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceAndAppManagementAssignmentFilter/MSFT_IntuneDeviceAndAppManagementAssignmentFilter.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceAndAppManagementAssignmentFilter/MSFT_IntuneDeviceAndAppManagementAssignmentFilter.psm1 index 050cf4c1c9..d5503714c8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceAndAppManagementAssignmentFilter/MSFT_IntuneDeviceAndAppManagementAssignmentFilter.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceAndAppManagementAssignmentFilter/MSFT_IntuneDeviceAndAppManagementAssignmentFilter.psm1 @@ -416,7 +416,7 @@ function Export-TargetResource { if (-not [string]::IsNullOrEmpty($Filter)) { - Write-Warning -Message "Microsoft Graph filter is only supported for the platform on this resource. Other filters are only supported using startswith, endswith and contains and done by best-effort." + Write-Warning -Message 'Microsoft Graph filter is only supported for the platform on this resource. Other filters are only supported using startswith, endswith and contains and done by best-effort.' $complexFunctions = Get-ComplexFunctionsFromFilterQuery -FilterQuery $Filter $Filter = Remove-ComplexFunctionsFromFilterQuery -FilterQuery $Filter } @@ -477,7 +477,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCategory/MSFT_IntuneDeviceCategory.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCategory/MSFT_IntuneDeviceCategory.psm1 index 15fef57b4f..a7d57c5dec 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCategory/MSFT_IntuneDeviceCategory.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCategory/MSFT_IntuneDeviceCategory.psm1 @@ -370,7 +370,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCleanupRule/MSFT_IntuneDeviceCleanupRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCleanupRule/MSFT_IntuneDeviceCleanupRule.psm1 index b833981d34..8f3ac88c57 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCleanupRule/MSFT_IntuneDeviceCleanupRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCleanupRule/MSFT_IntuneDeviceCleanupRule.psm1 @@ -57,7 +57,7 @@ function Get-TargetResource throw [System.ArgumentException]::new('DeviceInactivityBeforeRetirementInDays must be greater than 30 and less than 270 when Enabled is set to true.') } - Write-Verbose -Message "Checking for the Intune Device Cleanup Rule" + Write-Verbose -Message 'Checking for the Intune Device Cleanup Rule' $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` -InboundParameters $PSBoundParameters @@ -78,20 +78,20 @@ function Get-TargetResource try { - $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/managedDeviceCleanupSettings" + $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/deviceManagement/managedDeviceCleanupSettings' $cleanupRule = Invoke-MgGraphRequest -Method GET -Uri $url -ErrorAction Stop $return = @{ - Enabled = $cleanupRule.deviceInactivityBeforeRetirementInDays -gt 0 - IsSingleInstance = 'Yes' - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Enabled = $cleanupRule.deviceInactivityBeforeRetirementInDays -gt 0 + IsSingleInstance = 'Yes' + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } if ($return.Enabled) @@ -171,7 +171,7 @@ function Set-TargetResource throw [System.ArgumentException]::new('DeviceInactivityBeforeRetirementInDays must be greater than 30 and less than 270 when Enabled is set to true.') } - Write-Verbose -Message "Updating Device Cleanup Rule" + Write-Verbose -Message 'Updating Device Cleanup Rule' $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` -InboundParameters $PSBoundParameters @@ -188,7 +188,7 @@ function Set-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/managedDeviceCleanupSettings" + $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/deviceManagement/managedDeviceCleanupSettings' $body = @{ DeviceInactivityBeforeRetirementInDays = "$(if ($Enabled) { $DeviceInactivityBeforeRetirementInDays } else { 0 })" } @@ -265,7 +265,7 @@ function Test-TargetResource -Parameters $PSBoundParameters Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Testing configuration of Device Cleanup Rule" + Write-Verbose -Message 'Testing configuration of Device Cleanup Rule' $CurrentValues = Get-TargetResource @PSBoundParameters @@ -274,7 +274,8 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - if ($CurrentValues.Enabled -eq $false) { + if ($CurrentValues.Enabled -eq $false) + { $ValuesToCheck.Remove('DeviceInactivityBeforeRetirementInDays') | Out-Null } @@ -339,7 +340,7 @@ function Export-TargetResource try { - $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/managedDeviceCleanupSettings" + $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/deviceManagement/managedDeviceCleanupSettings' [array]$cleanupRules = Invoke-MgGraphRequest -Method GET -Uri $url -ErrorAction Stop $i = 1 $dscContent = '' @@ -361,19 +362,20 @@ function Export-TargetResource Write-Host " |---[$i/$($cleanupRules.Count)] Cleanup Rule" -NoNewline $params = @{ - Enabled = $cleanupRule.deviceInactivityBeforeRetirementInDays -gt 0 - Ensure = 'Present' - IsSingleInstance = 'Yes' - Credential = $Credential - ApplicationId = $ApplicationId - ApplicationSecret = $ApplicationSecret - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Enabled = $cleanupRule.deviceInactivityBeforeRetirementInDays -gt 0 + Ensure = 'Present' + IsSingleInstance = 'Yes' + Credential = $Credential + ApplicationId = $ApplicationId + ApplicationSecret = $ApplicationSecret + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } - if ($params.Enabled) { + if ($params.Enabled) + { $params.Add('DeviceInactivityBeforeRetirementInDays', $cleanupRule.deviceInactivityBeforeRetirementInDays) } @@ -395,10 +397,10 @@ function Export-TargetResource } catch { - if ($_.Exception -like "*401*" -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or - $_.Exception -like "* Unauthorized*" -or ` - $_.Exception -like "*Request not applicable to target tenant*" -or ` - $_.Exception -like "*BadRequest*") + if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or + $_.Exception -like '* Unauthorized*' -or ` + $_.Exception -like '*Request not applicable to target tenant*' -or ` + $_.Exception -like '*BadRequest*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 index 298d4a4d6d..5d039b9697 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 @@ -190,7 +190,7 @@ function Get-TargetResource -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidCompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } - if(([array]$devicePolicy).count -gt 1) + if (([array]$devicePolicy).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -243,12 +243,12 @@ function Get-TargetResource } $returnAssignments = @() - $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $results.Add('Assignments', $returnAssignments) @@ -487,7 +487,7 @@ function Set-TargetResource $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceCompliancePolicies' } @@ -513,7 +513,7 @@ function Set-TargetResource #region Assignments $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $configDeviceAndroidPolicy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $configDeviceAndroidPolicy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceCompliancePolicies' #endregion @@ -896,7 +896,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner.psm1 index 32b98e183f..6b3e74cfb3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner.psm1 @@ -144,7 +144,7 @@ function Get-TargetResource $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidDeviceOwnerCompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } - if(([array]$devicePolicy).count -gt 1) + if (([array]$devicePolicy).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -185,12 +185,12 @@ function Get-TargetResource } $returnAssignments = @() - $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $results.Add('Assignments', $returnAssignments) @@ -382,7 +382,7 @@ function Set-TargetResource $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceCompliancePolicies' } @@ -410,7 +410,7 @@ function Set-TargetResource #region Assignments $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $configDeviceAndroidPolicy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $configDeviceAndroidPolicy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceCompliancePolicies' #endregion @@ -750,7 +750,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 index decf7d703b..22db00a858 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 @@ -180,7 +180,7 @@ function Get-TargetResource -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidWorkProfileCompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } - if(([array]$devicePolicy).count -gt 1) + if (([array]$devicePolicy).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -231,12 +231,12 @@ function Get-TargetResource } $returnAssignments = @() - $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $results.Add('Assignments', $returnAssignments) @@ -464,7 +464,7 @@ function Set-TargetResource $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceCompliancePolicies' } @@ -489,7 +489,7 @@ function Set-TargetResource #region Assignments $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $configDeviceAndroidPolicy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $configDeviceAndroidPolicy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceCompliancePolicies' #endregion @@ -859,7 +859,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 index bb853754a6..c7127f5894 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 @@ -163,7 +163,7 @@ function Get-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.macOSCompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } - if(([array]$devicePolicy).count -gt 1) + if (([array]$devicePolicy).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -209,12 +209,12 @@ function Get-TargetResource } $returnAssignments = @() - $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $results.Add('Assignments', $returnAssignments) @@ -428,7 +428,7 @@ function Set-TargetResource $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceCompliancePolicies' } @@ -453,7 +453,7 @@ function Set-TargetResource #region Assignments $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $configDevicePolicy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $configDevicePolicy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceCompliancePolicies' #endregion @@ -812,7 +812,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 index 0d91d29151..c22933a470 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 @@ -205,7 +205,7 @@ function Get-TargetResource -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10CompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } - if(([array]$devicePolicy).count -gt 1) + if (([array]$devicePolicy).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -231,7 +231,7 @@ function Get-TargetResource { $myValidOperatingSystemBuildRanges.Add('Description', $currentValidOperatingSystemBuildRanges.description) } - if ($myValidOperatingSystemBuildRanges.values.Where({$null -ne $_}).Count -gt 0) + if ($myValidOperatingSystemBuildRanges.values.Where({ $null -ne $_ }).Count -gt 0) { $complexValidOperatingSystemBuildRanges += $myValidOperatingSystemBuildRanges } @@ -284,12 +284,12 @@ function Get-TargetResource } $returnAssignments = @() - $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id if ($graphAssignments.Count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $results.Add('Assignments', $returnAssignments) @@ -991,7 +991,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 index 211ae080d5..da86e30460 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 @@ -154,7 +154,7 @@ function Get-TargetResource -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.iosCompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } - if(([array]$devicePolicy).count -gt 1) + if (([array]$devicePolicy).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -198,12 +198,12 @@ function Get-TargetResource } $returnAssignments = @() - $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $results.Add('Assignments', $returnAssignments) @@ -412,7 +412,7 @@ function Set-TargetResource $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceCompliancePolicies' } @@ -442,7 +442,7 @@ function Set-TargetResource -DeviceCompliancePolicyId $configDevicePolicy.Id #region Assignments $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $configDevicePolicy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $configDevicePolicy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceCompliancePolicies' #endregion @@ -813,7 +813,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.psm1 index 46671eae5f..0d5fa40465 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.psm1 @@ -104,7 +104,7 @@ function Get-TargetResource Write-Verbose -Message "Could not find an Intune Device Configuration Administrative Template Policy for Windows10 with DisplayName {$DisplayName}" return $nullResult } - if(([array]$getValue).count -gt 1) + if (([array]$getValue).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -243,8 +243,8 @@ function Get-TargetResource if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $results.Add('Assignments', $returnAssignments) @@ -253,7 +253,7 @@ function Get-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*') { if (Assert-M365DSCIsNonInteractiveShell) { @@ -851,7 +851,7 @@ function Export-TargetResource ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent - AccessTokens` = $AccessTokens + AccessTokens = $AccessTokens } $Results = Get-TargetResource @params @@ -937,7 +937,7 @@ function Export-TargetResource $currentDSCBlock = $currentDSCBlock.replace( " ,`r`n" , " `r`n" ) $currentDSCBlock = $currentDSCBlock.replace( "`r`n;`r`n" , "`r`n" ) $currentDSCBlock = $currentDSCBlock.replace( "`r`n,`r`n" , "`r`n" ) - $currentDSCBlock = $currentDSCBlock.Replace("} Enabled = `$","}`r`n Enabled = `$") + $currentDSCBlock = $currentDSCBlock.Replace("} Enabled = `$", "}`r`n Enabled = `$") $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` @@ -950,8 +950,8 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*' -or ` + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/settings.json index 88bde5e09c..dc5ce1c1bd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10", "description": "This resource configures an Intune Device Configuration Administrative Template Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10.psm1 index 6ba0b67424..51e53f4a99 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10.psm1 @@ -86,7 +86,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -99,15 +99,15 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows10CustomConfiguration" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10CustomConfiguration' ` + } if ($null -eq $getValue) { Write-Verbose -Message "Could not find an Intune Device Configuration Custom Policy for Windows10 with DisplayName {$DisplayName}" return $nullResult } - if(([array]$getValue).count -gt 1) + if (([array]$getValue).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -153,7 +153,7 @@ function Get-TargetResource { $myomaSettings.Add('odataType', $currentomaSettings.'@odata.type'.toString()) } - if ($myomaSettings.values.Where({$null -ne $_}).count -gt 0) + if ($myomaSettings.values.Where({ $null -ne $_ }).count -gt 0) { $complexOmaSettings += $myomaSettings } @@ -183,8 +183,8 @@ function Get-TargetResource if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $results.Add('Assignments', $returnAssignments) @@ -198,8 +198,8 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential - $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult - return $nullResult + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult + return $nullResult } } @@ -294,7 +294,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Custom Policy for Windows10 with DisplayName {$DisplayName}" - $PSBoundParameters.Remove("Assignments") | Out-Null + $PSBoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$PSBoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -303,13 +303,13 @@ function Set-TargetResource $keys = (([Hashtable]$CreateParameters).clone()).Keys foreach ($key in $keys) { - if ($null -ne $CreateParameters.$key -and $CreateParameters.$key.getType().Name -like "*cimInstance*") + if ($null -ne $CreateParameters.$key -and $CreateParameters.$key.getType().Name -like '*cimInstance*') { $CreateParameters.$key = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $CreateParameters.$key } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows10CustomConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows10CustomConfiguration') foreach ($omaSetting in $CreateParameters.OmaSettings) { if ($omaSetting.'@odata.type' -ne '#microsoft.graph.omaSettingInteger') @@ -328,7 +328,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -337,7 +337,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Custom Policy for Windows10 with Id {$($currentInstance.Id)}" - $PSBoundParameters.Remove("Assignments") | Out-Null + $PSBoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$PSBoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -347,13 +347,13 @@ function Set-TargetResource $keys = (([Hashtable]$UpdateParameters).clone()).Keys foreach ($key in $keys) { - if ($null -ne $UpdateParameters.$key -and $UpdateParameters.$key.getType().Name -like "*cimInstance*") + if ($null -ne $UpdateParameters.$key -and $UpdateParameters.$key.getType().Name -like '*cimInstance*') { $UpdateParameters.$key = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $UpdateParameters.$key } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows10CustomConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows10CustomConfiguration') foreach ($omaSetting in $UpdateParameters.OmaSettings) { @@ -502,7 +502,7 @@ function Test-TargetResource } } - $ValuesToCheck.remove("Id") | Out-Null + $ValuesToCheck.remove('Id') | Out-Null Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" @@ -581,7 +581,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10CustomConfiguration' ` - } + } #endregion $i = 1 @@ -662,11 +662,11 @@ function Export-TargetResource if ($Results.OmaSettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "OmaSettings" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'OmaSettings' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` @@ -679,7 +679,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/settings.json index 1309114462..c8d6a7d4d5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationCustomPolicyWindows10", "description": "This resource configures an Intune Device Configuration Custom Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.psm1 index 2a5ed2aabd..fc55b2aea2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.psm1 @@ -106,7 +106,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -119,14 +119,14 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windowsDefenderAdvancedThreatProtectionConfiguration" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windowsDefenderAdvancedThreatProtectionConfiguration' ` + } if ($null -eq $getValue) { Write-Verbose -Message "Could not find an Intune Device Configuration Defender For Endpoint Onboarding Policy for Windows10 with DisplayName {$DisplayName}" return $nullResult } - if(([array]$getValue).count -gt 1) + if (([array]$getValue).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -164,8 +164,8 @@ function Get-TargetResource if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $results.Add('Assignments', $returnAssignments) @@ -287,13 +287,13 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Defender For Endpoint Onboarding Policy for Windows10 with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters if ($AdvancedThreatProtectionAutoPopulateOnboardingBlob -and ` - $PSBoundParameters.AdvancedThreatProtectionAutoPopulateOnboardingBlob) + $PSBoundParameters.AdvancedThreatProtectionAutoPopulateOnboardingBlob) { $CreateParameters.Remove('AdvancedThreatProtectionOnboardingBlob') | Out-Null } @@ -309,13 +309,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windowsDefenderAdvancedThreatProtectionConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windowsDefenderAdvancedThreatProtectionConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -324,13 +324,13 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Defender For Endpoint Onboarding Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters if ($AdvancedThreatProtectionAutoPopulateOnboardingBlob -and ` - $PSBoundParameters.AdvancedThreatProtectionAutoPopulateOnboardingBlob) + $PSBoundParameters.AdvancedThreatProtectionAutoPopulateOnboardingBlob) { $UpdateParameters.Remove('AdvancedThreatProtectionOnboardingBlob') | Out-Null } @@ -346,7 +346,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windowsDefenderAdvancedThreatProtectionConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windowsDefenderAdvancedThreatProtectionConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -505,7 +505,7 @@ function Test-TargetResource $ValuesToCheck.remove('Id') | Out-Null if ($AdvancedThreatProtectionAutoPopulateOnboardingBlob -and ` - $PSBoundParameters.AdvancedThreatProtectionAutoPopulateOnboardingBlob) + $PSBoundParameters.AdvancedThreatProtectionAutoPopulateOnboardingBlob) { $ValuesToCheck.Remove('AdvancedThreatProtectionOnboardingBlob') | Out-Null } @@ -587,7 +587,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windowsDefenderAdvancedThreatProtectionConfiguration' ` - } + } #endregion $i = 1 @@ -615,7 +615,7 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ Id = $config.Id - DisplayName = $config.DisplayName + DisplayName = $config.DisplayName Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId @@ -653,7 +653,7 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -667,7 +667,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/settings.json index a9710165fc..77c265bb50 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10", "description": "This resource configures an Intune Device Configuration Defender For Endpoint Onboarding Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.psm1 index 895103e1f0..9d52eeba74 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.psm1 @@ -153,7 +153,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -171,7 +171,7 @@ function Get-TargetResource Write-Verbose -Message "Could not find an Intune Device Configuration Delivery Optimization Policy for Windows10 with DisplayName {$DisplayName}" return $nullResult } - if(([array]$getValue).count -gt 1) + if (([array]$getValue).count -gt 1) { throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" } @@ -305,8 +305,8 @@ function Get-TargetResource if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $results.Add('Assignments', $returnAssignments) return [System.Collections.Hashtable] $results @@ -488,7 +488,7 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windowsDeliveryOptimizationConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windowsDeliveryOptimizationConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments @@ -519,7 +519,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windowsDeliveryOptimizationConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windowsDeliveryOptimizationConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -956,7 +956,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10.psm1 index 56288fa130..2e55eef151 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10.psm1 @@ -98,7 +98,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -111,17 +111,17 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windowsDomainJoinConfiguration" ` - } - if ($null -eq $getValue) - { - Write-Verbose -Message "Could not find an Intune Device Configuration Domain Join Policy for Windows10 with DisplayName {$DisplayName}" - return $nullResult - } - if(([array]$getValue).count -gt 1) - { - throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windowsDomainJoinConfiguration' ` + } + if ($null -eq $getValue) + { + Write-Verbose -Message "Could not find an Intune Device Configuration Domain Join Policy for Windows10 with DisplayName {$DisplayName}" + return $nullResult + } + if (([array]$getValue).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } } } #endregion @@ -154,8 +154,8 @@ function Get-TargetResource if ($graphAssignments.count -gt 0) { $returnAssignments += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($graphAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } $results.Add('Assignments', $returnAssignments) @@ -169,8 +169,8 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential - $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult - return $nullResult + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult + return $nullResult } } @@ -269,7 +269,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Domain Join Policy for Windows10 with DisplayName {$DisplayName}" - $PSBoundParameters.Remove("Assignments") | Out-Null + $PSBoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$PSBoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -284,13 +284,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windowsDomainJoinConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windowsDomainJoinConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -299,7 +299,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Domain Join Policy for Windows10 with Id {$($currentInstance.Id)}" - $PSBoundParameters.Remove("Assignments") | Out-Null + $PSBoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$PSBoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -315,7 +315,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windowsDomainJoinConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windowsDomainJoinConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -542,7 +542,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windowsDomainJoinConfiguration' ` - } + } #endregion $i = 1 @@ -569,15 +569,15 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent + Managedidentity = $ManagedIdentity.IsPresent AccessTokens = $AccessTokens } @@ -608,7 +608,7 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -622,7 +622,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/settings.json index 7f3828149e..48831c8e53 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/settings.json @@ -1,42 +1,41 @@ { "resourceName": "IntuneDeviceConfigurationDomainJoinPolicyWindows10", "description": "This resource configures an Intune Device Configuration Domain Join Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.psm1 index ae45306b9f..aa2de10ce6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.psm1 @@ -1060,7 +1060,7 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10EndpointProtectionConfiguration' + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10EndpointProtectionConfiguration' } if ($null -eq $getValue) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10.psm1 index 9328f6575a..795ff7ce4a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10.psm1 @@ -6,107 +6,107 @@ function Get-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Bluetooth, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $BootFromBuiltInNetworkAdapters, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $BootFromExternalMedia, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Cameras, [Parameter()] - [ValidateSet('notConfiguredOnly','none')] + [ValidateSet('notConfiguredOnly', 'none')] [System.String] $ChangeUefiSettingsPermission, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $FrontCamera, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $InfraredCamera, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Microphone, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $MicrophonesAndSpeakers, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $NearFieldCommunication, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Radios, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $RearCamera, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $SdCard, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $SimultaneousMultiThreading, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $UsbTypeAPort, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $VirtualizationOfCpuAndIO, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WakeOnLAN, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WakeOnPower, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WiFi, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WindowsPlatformBinaryTable, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WirelessWideAreaNetwork, @@ -187,7 +187,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -200,8 +200,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows10DeviceFirmwareConfigurationInterface" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10DeviceFirmwareConfigurationInterface' ` + } } } #endregion @@ -384,8 +384,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -410,107 +410,107 @@ function Set-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Bluetooth, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $BootFromBuiltInNetworkAdapters, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $BootFromExternalMedia, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Cameras, [Parameter()] - [ValidateSet('notConfiguredOnly','none')] + [ValidateSet('notConfiguredOnly', 'none')] [System.String] $ChangeUefiSettingsPermission, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $FrontCamera, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $InfraredCamera, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Microphone, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $MicrophonesAndSpeakers, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $NearFieldCommunication, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Radios, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $RearCamera, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $SdCard, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $SimultaneousMultiThreading, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $UsbTypeAPort, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $VirtualizationOfCpuAndIO, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WakeOnLAN, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WakeOnPower, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WiFi, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WindowsPlatformBinaryTable, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WirelessWideAreaNetwork, @@ -587,7 +587,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Firmware Interface Policy for Windows10 with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -602,13 +602,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows10DeviceFirmwareConfigurationInterface") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows10DeviceFirmwareConfigurationInterface') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -617,7 +617,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Firmware Interface Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -633,7 +633,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows10DeviceFirmwareConfigurationInterface") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows10DeviceFirmwareConfigurationInterface') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -661,107 +661,107 @@ function Test-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Bluetooth, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $BootFromBuiltInNetworkAdapters, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $BootFromExternalMedia, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Cameras, [Parameter()] - [ValidateSet('notConfiguredOnly','none')] + [ValidateSet('notConfiguredOnly', 'none')] [System.String] $ChangeUefiSettingsPermission, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $FrontCamera, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $InfraredCamera, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Microphone, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $MicrophonesAndSpeakers, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $NearFieldCommunication, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $Radios, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $RearCamera, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $SdCard, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $SimultaneousMultiThreading, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $UsbTypeAPort, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $VirtualizationOfCpuAndIO, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WakeOnLAN, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WakeOnPower, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WiFi, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WindowsPlatformBinaryTable, [Parameter()] - [ValidateSet('notConfigured','enabled','disabled')] + [ValidateSet('notConfigured', 'enabled', 'disabled')] [System.String] $WirelessWideAreaNetwork, @@ -944,7 +944,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10DeviceFirmwareConfigurationInterface' ` - } + } #endregion $i = 1 @@ -971,16 +971,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -1005,7 +1005,7 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -1019,7 +1019,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/settings.json index 9e4b185543..6e88575954 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10", "description": "This resource configures an Intune Device Configuration Firmware Interface Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.psm1 index c851d3e943..8cac254daf 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.psm1 @@ -96,7 +96,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -159,8 +159,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -287,7 +287,7 @@ function Set-TargetResource } $CreateParameters.ConfigDeviceHealthMonitoringScope = [String[]]$CreateParameters.ConfigDeviceHealthMonitoringScope -join ',' #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windowsHealthMonitoringConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windowsHealthMonitoringConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments @@ -319,7 +319,7 @@ function Set-TargetResource } $UpdateParameters.ConfigDeviceHealthMonitoringScope = [String[]]$UpdateParameters.ConfigDeviceHealthMonitoringScope -join ',' #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windowsHealthMonitoringConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windowsHealthMonitoringConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -614,7 +614,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.psm1 index 4433d7a31c..d398679977 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.psm1 @@ -141,7 +141,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -221,8 +221,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -361,7 +361,7 @@ function Set-TargetResource ) Write-Warning -Message "The resource 'IntuneDeviceConfigurationIdentityProtectionPolicyWindows10' is deprecated. It will be removed in a future release. Please use 'IntuneAccountProtectionPolicyWindows10' instead." - Write-Warning -Message "For more information, please visit https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new#consolidation-of-intune-profiles-for-identity-protection-and-account-protection-" + Write-Warning -Message 'For more information, please visit https://learn.microsoft.com/en-us/mem/intune/fundamentals/whats-new#consolidation-of-intune-profiles-for-identity-protection-and-account-protection-' #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -396,7 +396,7 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windowsIdentityProtectionConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windowsIdentityProtectionConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments @@ -427,7 +427,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windowsIdentityProtectionConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windowsIdentityProtectionConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -767,7 +767,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10.psm1 index 65c3e07e15..e0b433829b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10.psm1 @@ -6,12 +6,12 @@ function Get-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('unassigned','smimeEncryption','smimeSigning','vpn','wifi')] + [ValidateSet('unassigned', 'smimeEncryption', 'smimeSigning', 'vpn', 'wifi')] [System.String] $IntendedPurpose, [Parameter()] - [ValidateSet('days','months','years')] + [ValidateSet('days', 'months', 'years')] [System.String] $CertificateValidityPeriodScale, @@ -20,7 +20,7 @@ function Get-TargetResource $CertificateValidityPeriodValue, [Parameter()] - [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp','useTpmKspOtherwiseFail','usePassportForWorkKspOtherwiseFail','useSoftwareKsp')] + [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp', 'useTpmKspOtherwiseFail', 'usePassportForWorkKspOtherwiseFail', 'useSoftwareKsp')] [System.String] $KeyStorageProvider, @@ -29,12 +29,12 @@ function Get-TargetResource $RenewalThresholdPercentage, [Parameter()] - [ValidateSet('none','emailAddress','userPrincipalName','customAzureADAttribute','domainNameService','universalResourceIdentifier')] + [ValidateSet('none', 'emailAddress', 'userPrincipalName', 'customAzureADAttribute', 'domainNameService', 'universalResourceIdentifier')] [System.String] $SubjectAlternativeNameType, [Parameter()] - [ValidateSet('commonName','commonNameIncludingEmail','commonNameAsEmail','custom','commonNameAsIMEI','commonNameAsSerialNumber','commonNameAsAadDeviceId','commonNameAsIntuneDeviceId','commonNameAsDurableDeviceId')] + [ValidateSet('commonName', 'commonNameIncludingEmail', 'commonNameAsEmail', 'custom', 'commonNameAsIMEI', 'commonNameAsSerialNumber', 'commonNameAsAadDeviceId', 'commonNameAsIntuneDeviceId', 'commonNameAsDurableDeviceId')] [System.String] $SubjectNameFormat, @@ -111,7 +111,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -124,8 +124,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows10ImportedPFXCertificateProfile" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10ImportedPFXCertificateProfile' ` + } } } #endregion @@ -197,8 +197,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -223,12 +223,12 @@ function Set-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('unassigned','smimeEncryption','smimeSigning','vpn','wifi')] + [ValidateSet('unassigned', 'smimeEncryption', 'smimeSigning', 'vpn', 'wifi')] [System.String] $IntendedPurpose, [Parameter()] - [ValidateSet('days','months','years')] + [ValidateSet('days', 'months', 'years')] [System.String] $CertificateValidityPeriodScale, @@ -237,7 +237,7 @@ function Set-TargetResource $CertificateValidityPeriodValue, [Parameter()] - [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp','useTpmKspOtherwiseFail','usePassportForWorkKspOtherwiseFail','useSoftwareKsp')] + [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp', 'useTpmKspOtherwiseFail', 'usePassportForWorkKspOtherwiseFail', 'useSoftwareKsp')] [System.String] $KeyStorageProvider, @@ -246,12 +246,12 @@ function Set-TargetResource $RenewalThresholdPercentage, [Parameter()] - [ValidateSet('none','emailAddress','userPrincipalName','customAzureADAttribute','domainNameService','universalResourceIdentifier')] + [ValidateSet('none', 'emailAddress', 'userPrincipalName', 'customAzureADAttribute', 'domainNameService', 'universalResourceIdentifier')] [System.String] $SubjectAlternativeNameType, [Parameter()] - [ValidateSet('commonName','commonNameIncludingEmail','commonNameAsEmail','custom','commonNameAsIMEI','commonNameAsSerialNumber','commonNameAsAadDeviceId','commonNameAsIntuneDeviceId','commonNameAsDurableDeviceId')] + [ValidateSet('commonName', 'commonNameIncludingEmail', 'commonNameAsEmail', 'custom', 'commonNameAsIMEI', 'commonNameAsSerialNumber', 'commonNameAsAadDeviceId', 'commonNameAsIntuneDeviceId', 'commonNameAsDurableDeviceId')] [System.String] $SubjectNameFormat, @@ -324,7 +324,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Imported Pfx Certificate Policy for Windows10 with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -339,13 +339,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows10ImportedPFXCertificateProfile") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows10ImportedPFXCertificateProfile') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -354,7 +354,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Imported Pfx Certificate Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -370,7 +370,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows10ImportedPFXCertificateProfile") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows10ImportedPFXCertificateProfile') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -398,12 +398,12 @@ function Test-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('unassigned','smimeEncryption','smimeSigning','vpn','wifi')] + [ValidateSet('unassigned', 'smimeEncryption', 'smimeSigning', 'vpn', 'wifi')] [System.String] $IntendedPurpose, [Parameter()] - [ValidateSet('days','months','years')] + [ValidateSet('days', 'months', 'years')] [System.String] $CertificateValidityPeriodScale, @@ -412,7 +412,7 @@ function Test-TargetResource $CertificateValidityPeriodValue, [Parameter()] - [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp','useTpmKspOtherwiseFail','usePassportForWorkKspOtherwiseFail','useSoftwareKsp')] + [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp', 'useTpmKspOtherwiseFail', 'usePassportForWorkKspOtherwiseFail', 'useSoftwareKsp')] [System.String] $KeyStorageProvider, @@ -421,12 +421,12 @@ function Test-TargetResource $RenewalThresholdPercentage, [Parameter()] - [ValidateSet('none','emailAddress','userPrincipalName','customAzureADAttribute','domainNameService','universalResourceIdentifier')] + [ValidateSet('none', 'emailAddress', 'userPrincipalName', 'customAzureADAttribute', 'domainNameService', 'universalResourceIdentifier')] [System.String] $SubjectAlternativeNameType, [Parameter()] - [ValidateSet('commonName','commonNameIncludingEmail','commonNameAsEmail','custom','commonNameAsIMEI','commonNameAsSerialNumber','commonNameAsAadDeviceId','commonNameAsIntuneDeviceId','commonNameAsDurableDeviceId')] + [ValidateSet('commonName', 'commonNameIncludingEmail', 'commonNameAsEmail', 'custom', 'commonNameAsIMEI', 'commonNameAsSerialNumber', 'commonNameAsAadDeviceId', 'commonNameAsIntuneDeviceId', 'commonNameAsDurableDeviceId')] [System.String] $SubjectNameFormat, @@ -605,7 +605,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10ImportedPFXCertificateProfile' ` - } + } #endregion $i = 1 @@ -632,16 +632,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -666,7 +666,7 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -680,7 +680,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/settings.json index 7bc21f184f..f89e74a38f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10", "description": "This resource configures an Intune Device Configuration Imported Pfx Certificate Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10.psm1 index 98e04fdc6b..9bae201594 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10.psm1 @@ -118,7 +118,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -131,8 +131,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windowsKioskConfiguration" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windowsKioskConfiguration' ` + } } } #endregion @@ -183,12 +183,12 @@ function Get-TargetResource { $myApps.Add('odataType', $currentApps.'@odata.type'.toString()) } - if ($myApps.values.Where({$null -ne $_}).count -gt 0) + if ($myApps.values.Where({ $null -ne $_ }).count -gt 0) { $complexApps += $myApps } } - $complexAppConfiguration.Add('Apps',$complexApps) + $complexAppConfiguration.Add('Apps', $complexApps) $complexAppConfiguration.Add('DisallowDesktopApps', $currentkioskProfiles.appConfiguration.disallowDesktopApps) $complexAppConfiguration.Add('ShowTaskBar', $currentkioskProfiles.appConfiguration.showTaskBar) $complexAppConfiguration.Add('StartMenuLayoutXml', $currentkioskProfiles.appConfiguration.startMenuLayoutXml) @@ -221,11 +221,11 @@ function Get-TargetResource { $complexUwpApp.Add('odataType', $currentkioskProfiles.appConfiguration.uwpApp.'@odata.type'.toString()) } - if ($complexUwpApp.values.Where({$null -ne $_}).count -eq 0) + if ($complexUwpApp.values.Where({ $null -ne $_ }).count -eq 0) { $complexUwpApp = $null } - $complexAppConfiguration.Add('UwpApp',$complexUwpApp) + $complexAppConfiguration.Add('UwpApp', $complexUwpApp) $complexWin32App = @{} $complexWin32App.Add('ClassicAppPath', $currentkioskProfiles.appConfiguration.win32App.classicAppPath) $complexWin32App.Add('EdgeKiosk', $currentkioskProfiles.appConfiguration.win32App.edgeKiosk) @@ -255,20 +255,20 @@ function Get-TargetResource { $complexWin32App.Add('odataType', $currentkioskProfiles.appConfiguration.win32App.'@odata.type'.toString()) } - if ($complexWin32App.values.Where({$null -ne $_}).count -eq 0) + if ($complexWin32App.values.Where({ $null -ne $_ }).count -eq 0) { $complexWin32App = $null } - $complexAppConfiguration.Add('Win32App',$complexWin32App) + $complexAppConfiguration.Add('Win32App', $complexWin32App) if ($null -ne $currentkioskProfiles.appConfiguration.'@odata.type') { $complexAppConfiguration.Add('odataType', $currentkioskProfiles.appConfiguration.'@odata.type'.toString()) } - if ($complexAppConfiguration.values.Where({$null -ne $_}).count -eq 0) + if ($complexAppConfiguration.values.Where({ $null -ne $_ }).count -eq 0) { $complexAppConfiguration = $null } - $mykioskProfiles.Add('AppConfiguration',$complexAppConfiguration) + $mykioskProfiles.Add('AppConfiguration', $complexAppConfiguration) $mykioskProfiles.Add('ProfileId', $currentkioskProfiles.profileId) $mykioskProfiles.Add('ProfileName', $currentkioskProfiles.profileName) $complexUserAccountsConfiguration = @() @@ -285,13 +285,13 @@ function Get-TargetResource { $myUserAccountsConfiguration.Add('odataType', $currentUserAccountsConfiguration.'@odata.type'.toString()) } - if ($myUserAccountsConfiguration.values.Where({$null -ne $_}).count -gt 0) + if ($myUserAccountsConfiguration.values.Where({ $null -ne $_ }).count -gt 0) { $complexUserAccountsConfiguration += $myUserAccountsConfiguration } } - $mykioskProfiles.Add('UserAccountsConfiguration',$complexUserAccountsConfiguration) - if ($mykioskProfiles.values.Where({$null -ne $_}).count -gt 0) + $mykioskProfiles.Add('UserAccountsConfiguration', $complexUserAccountsConfiguration) + if ($mykioskProfiles.values.Where({ $null -ne $_ }).count -gt 0) { $complexKioskProfiles += $mykioskProfiles } @@ -312,7 +312,7 @@ function Get-TargetResource { $complexWindowsKioskForceUpdateSchedule.Add('StartDateTime', ([DateTimeOffset]$getValue.AdditionalProperties.windowsKioskForceUpdateSchedule.startDateTime).ToString('o')) } - if ($complexWindowsKioskForceUpdateSchedule.values.Where({$null -ne $_}).count -eq 0) + if ($complexWindowsKioskForceUpdateSchedule.values.Where({ $null -ne $_ }).count -eq 0) { $complexWindowsKioskForceUpdateSchedule = $null } @@ -349,8 +349,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -483,7 +483,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Kiosk Policy for Windows10 with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -498,13 +498,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windowsKioskConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windowsKioskConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -513,7 +513,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Kiosk Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -529,7 +529,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windowsKioskConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windowsKioskConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -771,7 +771,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windowsKioskConfiguration' ` - } + } #endregion $i = 1 @@ -798,16 +798,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -817,34 +817,34 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'KioskProfiles' + Name = 'KioskProfiles' CimInstanceName = 'MicrosoftGraphWindowsKioskProfile' - IsRequired = $False + IsRequired = $False } @{ - Name = 'AppConfiguration' + Name = 'AppConfiguration' CimInstanceName = 'MicrosoftGraphWindowsKioskAppConfiguration' - IsRequired = $False + IsRequired = $False } @{ - Name = 'Apps' + Name = 'Apps' CimInstanceName = 'MicrosoftGraphWindowsKioskAppBase' - IsRequired = $False + IsRequired = $False } @{ - Name = 'UwpApp' + Name = 'UwpApp' CimInstanceName = 'MicrosoftGraphWindowsKioskUWPApp' - IsRequired = $False + IsRequired = $False } @{ - Name = 'Win32App' + Name = 'Win32App' CimInstanceName = 'MicrosoftGraphWindowsKioskWin32App' - IsRequired = $False + IsRequired = $False } @{ - Name = 'UserAccountsConfiguration' + Name = 'UserAccountsConfiguration' CimInstanceName = 'MicrosoftGraphWindowsKioskUser' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -894,15 +894,15 @@ function Export-TargetResource -Credential $Credential if ($Results.KioskProfiles) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "KioskProfiles" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'KioskProfiles' -IsCIMArray:$True } if ($Results.WindowsKioskForceUpdateSchedule) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "WindowsKioskForceUpdateSchedule" -isCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'WindowsKioskForceUpdateSchedule' -IsCIMArray:$False } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` @@ -915,7 +915,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/settings.json index 4b9ef1bb53..20347270af 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationKioskPolicyWindows10", "description": "This resource configures an Intune Device Configuration Kiosk Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.psm1 index b9c640d5de..fe0180b9b4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.psm1 @@ -98,7 +98,7 @@ function Get-TargetResource -All ` -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10NetworkBoundaryConfiguration' + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10NetworkBoundaryConfiguration' } } } @@ -177,8 +177,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -533,7 +533,7 @@ function Export-TargetResource [array]$getValue = Get-MgBetaDeviceManagementDeviceConfiguration -Filter $Filter -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10NetworkBoundaryConfiguration' + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10NetworkBoundaryConfiguration' } #endregion @@ -648,7 +648,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10.psm1 index 9be4dcca02..b8c8708958 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10.psm1 @@ -6,7 +6,7 @@ function Get-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('user','machine')] + [ValidateSet('user', 'machine')] [System.String] $CertificateStore, @@ -39,7 +39,7 @@ function Get-TargetResource $SubjectNameFormatString, [Parameter()] - [ValidateSet('days','months','years')] + [ValidateSet('days', 'months', 'years')] [System.String] $CertificateValidityPeriodScale, @@ -48,7 +48,7 @@ function Get-TargetResource $CertificateValidityPeriodValue, [Parameter()] - [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp','useTpmKspOtherwiseFail','usePassportForWorkKspOtherwiseFail','useSoftwareKsp')] + [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp', 'useTpmKspOtherwiseFail', 'usePassportForWorkKspOtherwiseFail', 'useSoftwareKsp')] [System.String] $KeyStorageProvider, @@ -57,12 +57,12 @@ function Get-TargetResource $RenewalThresholdPercentage, [Parameter()] - [ValidateSet('none','emailAddress','userPrincipalName','customAzureADAttribute','domainNameService','universalResourceIdentifier')] + [ValidateSet('none', 'emailAddress', 'userPrincipalName', 'customAzureADAttribute', 'domainNameService', 'universalResourceIdentifier')] [System.String] $SubjectAlternativeNameType, [Parameter()] - [ValidateSet('commonName','commonNameIncludingEmail','commonNameAsEmail','custom','commonNameAsIMEI','commonNameAsSerialNumber','commonNameAsAadDeviceId','commonNameAsIntuneDeviceId','commonNameAsDurableDeviceId')] + [ValidateSet('commonName', 'commonNameIncludingEmail', 'commonNameAsEmail', 'custom', 'commonNameAsIMEI', 'commonNameAsSerialNumber', 'commonNameAsAadDeviceId', 'commonNameAsIntuneDeviceId', 'commonNameAsDurableDeviceId')] [System.String] $SubjectNameFormat, @@ -139,7 +139,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -152,8 +152,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows10PkcsCertificateProfile" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10PkcsCertificateProfile' ` + } } } #endregion @@ -175,7 +175,7 @@ function Get-TargetResource { $mycustomSubjectAlternativeNames.Add('SanType', $currentcustomSubjectAlternativeNames.sanType.toString()) } - if ($mycustomSubjectAlternativeNames.values.Where({$null -ne $_}).count -gt 0) + if ($mycustomSubjectAlternativeNames.values.Where({ $null -ne $_ }).count -gt 0) { $complexCustomSubjectAlternativeNames += $mycustomSubjectAlternativeNames } @@ -187,7 +187,7 @@ function Get-TargetResource $myextendedKeyUsages = @{} $myextendedKeyUsages.Add('Name', $currentextendedKeyUsages.name) $myextendedKeyUsages.Add('ObjectIdentifier', $currentextendedKeyUsages.objectIdentifier) - if ($myextendedKeyUsages.values.Where({$null -ne $_}).count -gt 0) + if ($myextendedKeyUsages.values.Where({ $null -ne $_ }).count -gt 0) { $complexExtendedKeyUsages += $myextendedKeyUsages } @@ -261,8 +261,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -287,7 +287,7 @@ function Set-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('user','machine')] + [ValidateSet('user', 'machine')] [System.String] $CertificateStore, @@ -320,7 +320,7 @@ function Set-TargetResource $SubjectNameFormatString, [Parameter()] - [ValidateSet('days','months','years')] + [ValidateSet('days', 'months', 'years')] [System.String] $CertificateValidityPeriodScale, @@ -329,7 +329,7 @@ function Set-TargetResource $CertificateValidityPeriodValue, [Parameter()] - [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp','useTpmKspOtherwiseFail','usePassportForWorkKspOtherwiseFail','useSoftwareKsp')] + [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp', 'useTpmKspOtherwiseFail', 'usePassportForWorkKspOtherwiseFail', 'useSoftwareKsp')] [System.String] $KeyStorageProvider, @@ -338,12 +338,12 @@ function Set-TargetResource $RenewalThresholdPercentage, [Parameter()] - [ValidateSet('none','emailAddress','userPrincipalName','customAzureADAttribute','domainNameService','universalResourceIdentifier')] + [ValidateSet('none', 'emailAddress', 'userPrincipalName', 'customAzureADAttribute', 'domainNameService', 'universalResourceIdentifier')] [System.String] $SubjectAlternativeNameType, [Parameter()] - [ValidateSet('commonName','commonNameIncludingEmail','commonNameAsEmail','custom','commonNameAsIMEI','commonNameAsSerialNumber','commonNameAsAadDeviceId','commonNameAsIntuneDeviceId','commonNameAsDurableDeviceId')] + [ValidateSet('commonName', 'commonNameIncludingEmail', 'commonNameAsEmail', 'custom', 'commonNameAsIMEI', 'commonNameAsSerialNumber', 'commonNameAsAadDeviceId', 'commonNameAsIntuneDeviceId', 'commonNameAsDurableDeviceId')] [System.String] $SubjectNameFormat, @@ -416,7 +416,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Pkcs Certificate Policy for Windows10 with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -431,13 +431,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows10PkcsCertificateProfile") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows10PkcsCertificateProfile') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -446,7 +446,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Pkcs Certificate Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -462,7 +462,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows10PkcsCertificateProfile") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows10PkcsCertificateProfile') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -490,7 +490,7 @@ function Test-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('user','machine')] + [ValidateSet('user', 'machine')] [System.String] $CertificateStore, @@ -523,7 +523,7 @@ function Test-TargetResource $SubjectNameFormatString, [Parameter()] - [ValidateSet('days','months','years')] + [ValidateSet('days', 'months', 'years')] [System.String] $CertificateValidityPeriodScale, @@ -532,7 +532,7 @@ function Test-TargetResource $CertificateValidityPeriodValue, [Parameter()] - [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp','useTpmKspOtherwiseFail','usePassportForWorkKspOtherwiseFail','useSoftwareKsp')] + [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp', 'useTpmKspOtherwiseFail', 'usePassportForWorkKspOtherwiseFail', 'useSoftwareKsp')] [System.String] $KeyStorageProvider, @@ -541,12 +541,12 @@ function Test-TargetResource $RenewalThresholdPercentage, [Parameter()] - [ValidateSet('none','emailAddress','userPrincipalName','customAzureADAttribute','domainNameService','universalResourceIdentifier')] + [ValidateSet('none', 'emailAddress', 'userPrincipalName', 'customAzureADAttribute', 'domainNameService', 'universalResourceIdentifier')] [System.String] $SubjectAlternativeNameType, [Parameter()] - [ValidateSet('commonName','commonNameIncludingEmail','commonNameAsEmail','custom','commonNameAsIMEI','commonNameAsSerialNumber','commonNameAsAadDeviceId','commonNameAsIntuneDeviceId','commonNameAsDurableDeviceId')] + [ValidateSet('commonName', 'commonNameIncludingEmail', 'commonNameAsEmail', 'custom', 'commonNameAsIMEI', 'commonNameAsSerialNumber', 'commonNameAsAadDeviceId', 'commonNameAsIntuneDeviceId', 'commonNameAsDurableDeviceId')] [System.String] $SubjectNameFormat, @@ -725,7 +725,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10PkcsCertificateProfile' ` - } + } #endregion $i = 1 @@ -752,16 +752,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -814,15 +814,15 @@ function Export-TargetResource -Credential $Credential if ($Results.CustomSubjectAlternativeNames) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "CustomSubjectAlternativeNames" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'CustomSubjectAlternativeNames' -IsCIMArray:$True } if ($Results.ExtendedKeyUsages) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "ExtendedKeyUsages" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'ExtendedKeyUsages' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` @@ -835,7 +835,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/settings.json index a89fd6923c..8bf0629651 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationPkcsCertificatePolicyWindows10", "description": "This resource configures an Intune Device Configuration Pkcs Certificate Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS.psm1 index 6bff4042fa..4c90f2ae55 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS.psm1 @@ -34,7 +34,7 @@ function Get-TargetResource $RoleScopeTagIds, [Parameter()] - [ValidateSet('system','user')] + [ValidateSet('system', 'user')] [System.String] $RunAsAccount, @@ -109,7 +109,7 @@ function Get-TargetResource #region resource generator code $getValue = Get-MgBetaDeviceManagementDeviceShellScript ` -DeviceShellScriptId $Id ` - -ExpandProperty "assignments" ` + -ExpandProperty 'assignments' ` -ErrorAction SilentlyContinue if ($null -eq $getValue) @@ -121,11 +121,11 @@ function Get-TargetResource $getValue = Get-MgBetaDeviceManagementDeviceShellScript ` -All ` -Filter "DisplayName eq '$DisplayName'" ` - -ExpandProperty "assignments" ` + -ExpandProperty 'assignments' ` -ErrorAction SilentlyContinue if ($null -ne $getValue) { - $getValue = Get-MgBetaDeviceManagementDeviceShellScript -DeviceShellScriptId $getValue.Id -ExpandProperty "assignments" + $getValue = Get-MgBetaDeviceManagementDeviceShellScript -DeviceShellScriptId $getValue.Id -ExpandProperty 'assignments' } } } @@ -175,8 +175,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -229,7 +229,7 @@ function Set-TargetResource $RoleScopeTagIds, [Parameter()] - [ValidateSet('system','user')] + [ValidateSet('system', 'user')] [System.String] $RunAsAccount, @@ -298,7 +298,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Platform Script MacOS with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -315,13 +315,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.DeviceShellScript") + $CreateParameters.Add('@odata.type', '#microsoft.graph.DeviceShellScript') $policy = New-MgBetaDeviceManagementDeviceShellScript -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.Id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.Id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.Id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceShellScripts' ` -RootIdentifier 'deviceManagementScriptAssignments' @@ -331,7 +331,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Platform Script MacOS with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -349,7 +349,7 @@ function Set-TargetResource } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.DeviceShellScript") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.DeviceShellScript') Update-MgBetaDeviceManagementDeviceShellScript ` -DeviceShellScriptId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -406,7 +406,7 @@ function Test-TargetResource $RoleScopeTagIds, [Parameter()] - [ValidateSet('system','user')] + [ValidateSet('system', 'user')] [System.String] $RunAsAccount, @@ -611,16 +611,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -645,7 +645,7 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS/settings.json index 2e66e44c69..b08a848e79 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptMacOS/settings.json @@ -1,57 +1,56 @@ { - "resourceName": "IntuneDeviceConfigurationPlatformScriptMacOS", - "description": "This resource configures an Intune Device Configuration Platform Script MacOS.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - }, - { - "name": "DeviceManagementManagedDevices.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name": "DeviceManagementManagedDevices.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - }, - { - "name": "DeviceManagementManagedDevices.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name": "DeviceManagementManagedDevices.ReadWrite.All" - } - ] + "resourceName": "IntuneDeviceConfigurationPlatformScriptMacOS", + "description": "This resource configures an Intune Device Configuration Platform Script MacOS.", + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "DeviceManagementManagedDevices.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "DeviceManagementManagedDevices.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "DeviceManagementManagedDevices.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "DeviceManagementManagedDevices.ReadWrite.All" + } + ] + } } } } - -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptWindows/MSFT_IntuneDeviceConfigurationPlatformScriptWindows.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptWindows/MSFT_IntuneDeviceConfigurationPlatformScriptWindows.psm1 index 4af1d514f8..1c5729302c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptWindows/MSFT_IntuneDeviceConfigurationPlatformScriptWindows.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptWindows/MSFT_IntuneDeviceConfigurationPlatformScriptWindows.psm1 @@ -30,7 +30,7 @@ function Get-TargetResource $RunAs32Bit, [Parameter()] - [ValidateSet('system','user')] + [ValidateSet('system', 'user')] [System.String] $RunAsAccount, @@ -166,8 +166,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -216,7 +216,7 @@ function Set-TargetResource $RunAs32Bit, [Parameter()] - [ValidateSet('system','user')] + [ValidateSet('system', 'user')] [System.String] $RunAsAccount, @@ -285,7 +285,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Platform Script Windows with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -302,13 +302,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.DeviceManagementScript") + $CreateParameters.Add('@odata.type', '#microsoft.graph.DeviceManagementScript') $policy = New-MgBetaDeviceManagementScript -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.Id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.Id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.Id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceManagementScripts' ` -RootIdentifier 'deviceManagementScriptAssignments' @@ -318,7 +318,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Platform Script Windows with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -335,7 +335,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.DeviceManagementScript") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.DeviceManagementScript') Update-MgBetaDeviceManagementScript ` -DeviceManagementScriptId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -388,7 +388,7 @@ function Test-TargetResource $RunAs32Bit, [Parameter()] - [ValidateSet('system','user')] + [ValidateSet('system', 'user')] [System.String] $RunAsAccount, @@ -593,16 +593,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -627,7 +627,7 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptWindows/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptWindows/settings.json index 070e75b660..d509afdf19 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptWindows/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPlatformScriptWindows/settings.json @@ -1,17 +1,16 @@ { - "resourceName": "IntuneDeviceConfigurationPlatformScriptWindows", - "description": "This resource configures an Intune Device Configuration Platform Script Windows.", - "permissions": { - "graph": { - "delegated": { - "read": [], - "update": [] - }, - "application": { - "read": [], - "update": [] + "resourceName": "IntuneDeviceConfigurationPlatformScriptWindows", + "description": "This resource configures an Intune Device Configuration Platform Script Windows.", + "permissions": { + "graph": { + "delegated": { + "read": [], + "update": [] + }, + "application": { + "read": [], + "update": [] + } } } } - -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 index f5a331ed67..97fdb3ab42 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 @@ -299,8 +299,8 @@ function Get-TargetResource if ($null -eq $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidGeneralDeviceConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidGeneralDeviceConfiguration' ` } } #endregion @@ -308,14 +308,14 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.appsHideList if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0 ) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{} - $currentHash.add('AppId',$currentValue.appid) - $currentHash.add('Publisher',$currentValue.publisher) - $currentHash.add('AppStoreUrl',$currentValue.appStoreUrl) - $currentHash.add('Name',$currentValue.name) - $currentHash.add('oDataType',$currentValue.'@odata.type') + $currentHash.add('AppId', $currentValue.appid) + $currentHash.add('Publisher', $currentValue.publisher) + $currentHash.add('AppStoreUrl', $currentValue.appStoreUrl) + $currentHash.add('Name', $currentValue.name) + $currentHash.add('oDataType', $currentValue.'@odata.type') $complexAppsHideList += $currentHash } } @@ -323,14 +323,14 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.appsLaunchBlockList if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0 ) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{} - $currentHash.add('AppId',$currentValue.appid) - $currentHash.add('Publisher',$currentValue.publisher) - $currentHash.add('AppStoreUrl',$currentValue.appStoreUrl) - $currentHash.add('Name',$currentValue.name) - $currentHash.add('oDataType',$currentValue.'@odata.type') + $currentHash.add('AppId', $currentValue.appid) + $currentHash.add('Publisher', $currentValue.publisher) + $currentHash.add('AppStoreUrl', $currentValue.appStoreUrl) + $currentHash.add('Name', $currentValue.name) + $currentHash.add('oDataType', $currentValue.'@odata.type') $complexAppsLaunchBlockList += $currentHash } } @@ -338,14 +338,14 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.appsInstallAllowList if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0 ) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{} - $currentHash.add('AppId',$currentValue.appid) - $currentHash.add('Publisher',$currentValue.publisher) - $currentHash.add('AppStoreUrl',$currentValue.appStoreUrl) - $currentHash.add('Name',$currentValue.name) - $currentHash.add('oDataType',$currentValue.'@odata.type') + $currentHash.add('AppId', $currentValue.appid) + $currentHash.add('Publisher', $currentValue.publisher) + $currentHash.add('AppStoreUrl', $currentValue.appStoreUrl) + $currentHash.add('Name', $currentValue.name) + $currentHash.add('oDataType', $currentValue.'@odata.type') $complexAppsInstallAllowList += $currentHash } } @@ -353,14 +353,14 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.compliantAppsList if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0 ) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{} - $currentHash.add('AppId',$currentValue.appid) - $currentHash.add('Publisher',$currentValue.publisher) - $currentHash.add('AppStoreUrl',$currentValue.appStoreUrl) - $currentHash.add('Name',$currentValue.name) - $currentHash.add('oDataType',$currentValue.'@odata.type') + $currentHash.add('AppId', $currentValue.appid) + $currentHash.add('Publisher', $currentValue.publisher) + $currentHash.add('AppStoreUrl', $currentValue.appStoreUrl) + $currentHash.add('Name', $currentValue.name) + $currentHash.add('oDataType', $currentValue.'@odata.type') $complexCompliantAppsList += $currentHash } } @@ -368,14 +368,14 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.kioskModeApps if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0 ) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{} - $currentHash.add('AppId',$currentValue.appid) - $currentHash.add('Publisher',$currentValue.publisher) - $currentHash.add('AppStoreUrl',$currentValue.appStoreUrl) - $currentHash.add('Name',$currentValue.name) - $currentHash.add('oDataType',$currentValue.'@odata.type') + $currentHash.add('AppId', $currentValue.appid) + $currentHash.add('Publisher', $currentValue.publisher) + $currentHash.add('AppStoreUrl', $currentValue.appStoreUrl) + $currentHash.add('Name', $currentValue.name) + $currentHash.add('oDataType', $currentValue.'@odata.type') $complexKioskModeApps += $currentHash } } @@ -464,8 +464,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -817,7 +817,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -1169,7 +1169,7 @@ function Test-TargetResource { $testResult = Compare-M365DSCComplexObject ` -Source ($source) ` - -Target ($target) -verbose + -Target ($target) -Verbose if (-Not $testResult) { @@ -1446,7 +1446,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner.psm1 index 147fbec312..20bfc55b21 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner.psm1 @@ -651,8 +651,8 @@ function Get-TargetResource if (-not $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidDeviceOwnerGeneralDeviceConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidDeviceOwnerGeneralDeviceConfiguration' ` } } #endregion @@ -669,7 +669,7 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.azureAdSharedDeviceDataClearApps if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{ appId = $currentValue.appId @@ -691,10 +691,10 @@ function Get-TargetResource $currentValueArray = $currentValue.localizedMessages if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0) { - foreach($currentChildValue in $currentValueArray) + foreach ($currentChildValue in $currentValueArray) { $currentHash = @{ - Name = $currentChildValue.name + Name = $currentChildValue.name Value = $currentChildValue.value } $complexLocalizedMessages += $currentHash @@ -712,10 +712,10 @@ function Get-TargetResource $currentValueArray = $currentValue.localizedMessages if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0) { - foreach($currentChildValue in $currentValueArray) + foreach ($currentChildValue in $currentValueArray) { $currentHash = @{ - Name = $currentChildValue.name + Name = $currentChildValue.name Value = $currentChildValue.value } $complexLocalizedMessages += $currentHash @@ -739,7 +739,7 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.kioskModeApps if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{} $currentHash.add('AppId', $currentValue.appid) @@ -755,7 +755,7 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.personalProfilePersonalApplications if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{} $currentHash.add('AppId', $currentValue.appid) @@ -776,10 +776,10 @@ function Get-TargetResource $currentValueArray = $currentValue.localizedMessages if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0) { - foreach($currentChildValue in $currentValueArray) + foreach ($currentChildValue in $currentValueArray) { $currentHash = @{ - Name = $currentChildValue.name + Name = $currentChildValue.name Value = $currentChildValue.value } $complexLocalizedMessages += $currentHash @@ -792,7 +792,7 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.systemUpdateFreezePeriods if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{} $currentHash.Add('StartDay', $currentValue.startDay) @@ -958,13 +958,13 @@ function Get-TargetResource AccessTokens = $AccessTokens } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $getValue.Id + $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $getValue.Id $assignmentResult = @() if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -972,7 +972,7 @@ function Get-TargetResource } catch { - write-verbose $_ + Write-Verbose $_ New-M365DSCLogEntry -Message 'Error retrieving data:' ` -Exception $_ ` -Source $($MyInvocation.MyCommand.Source) ` @@ -1678,7 +1678,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -2394,7 +2394,7 @@ function Test-TargetResource { $testResult = Compare-M365DSCComplexObject ` -Source ($source) ` - -Target ($target) -verbose + -Target ($target) -Verbose if (-Not $testResult) { @@ -2859,7 +2859,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 index cfd134a772..a1af645dd3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 @@ -152,8 +152,8 @@ function Get-TargetResource if ($null -eq $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.aospDeviceOwnerDeviceConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.aospDeviceOwnerDeviceConfiguration' ` } } #endregion @@ -208,8 +208,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -414,7 +414,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -800,7 +800,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile.psm1 index 7690798080..204910d7c5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile.psm1 @@ -331,13 +331,13 @@ function Get-TargetResource AccessTokens = $AccessTokens } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $policy.Id + $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $policy.Id $assignmentResult = @() if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -634,7 +634,7 @@ function Set-TargetResource $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -645,8 +645,8 @@ function Set-TargetResource Write-Verbose -Message "Updating existing Device Configuration Policy {$DisplayName}" $configDevicePolicy = Get-MgBetaDeviceManagementDeviceConfiguration -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration' - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration' + } $PSBoundParameters.Remove('DisplayName') | Out-Null $PSBoundParameters.Remove('Description') | Out-Null @@ -670,8 +670,8 @@ function Set-TargetResource Write-Verbose -Message "Removing Device Configuration Policy {$DisplayName}" $configDevicePolicy = Get-MgBetaDeviceManagementDeviceConfiguration -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration' ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration' ` + } Remove-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $configDevicePolicy.Id } @@ -1115,7 +1115,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 index 7e9fb16810..ca2c35fb20 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 @@ -340,8 +340,8 @@ function Get-TargetResource if ($null -eq $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.macOSGeneralDeviceConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.macOSGeneralDeviceConfiguration' ` } } @@ -440,8 +440,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -810,7 +810,7 @@ function Set-TargetResource { $CreateParameters.add('AdditionalProperties', $AdditionalProperties) }#> - $CreateParameters.Add('@odata.type','#microsoft.graph.macOSGeneralDeviceConfiguration') + $CreateParameters.Add('@odata.type', '#microsoft.graph.macOSGeneralDeviceConfiguration') #region resource generator code $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters @@ -818,7 +818,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -857,7 +857,7 @@ function Set-TargetResource { $UpdateParameters.add('AdditionalProperties', $AdditionalProperties) }#> - $UpdateParameters.add('@odata.type','#microsoft.graph.macOSGeneralDeviceConfiguration') + $UpdateParameters.add('@odata.type', '#microsoft.graph.macOSGeneralDeviceConfiguration') #$UpdateParameters.remove('emailInDomainSuffixes') #$UpdateParameters.remove('updateDelayPolicy') @@ -1313,7 +1313,7 @@ function Export-TargetResource [array]$getValue = Get-MgBetaDeviceManagementDeviceConfiguration -Filter $Filter -All ` -ErrorAction Stop | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -like "#microsoft.graph.macOS*" ` + $_.AdditionalProperties.'@odata.type' -like '#microsoft.graph.macOS*' ` } #endregion @@ -1436,7 +1436,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationPolicyWindows10.psm1 index 0917511f3f..992362c18e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationPolicyWindows10.psm1 @@ -1262,7 +1262,7 @@ function Get-TargetResource { $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -1984,9 +1984,9 @@ function Get-TargetResource } $rawAssignments = @() - $rawAssignments = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id -All + $rawAssignments = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id -All $assignmentResult = @() - if($null -ne $rawAssignments -and $rawAssignments.count -gt 0) + if ($null -ne $rawAssignments -and $rawAssignments.count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment -Assignments $rawAssignments } @@ -3287,14 +3287,14 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows10GeneralConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows10GeneralConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters #endregion #region new Intune assignment management if ($policy.id) { $intuneAssignments = @() - if($null -ne $Assignments -and $Assignments.count -gt 0) + if ($null -ne $Assignments -and $Assignments.count -gt 0) { $intuneAssignments += ConvertTo-IntunePolicyAssignment -Assignments $Assignments } @@ -3326,7 +3326,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows10GeneralConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows10GeneralConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -3336,13 +3336,13 @@ function Set-TargetResource $currentAssignments += Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $currentInstance.id $intuneAssignments = @() - if($null -ne $Assignments -and $Assignments.count -gt 0) + if ($null -ne $Assignments -and $Assignments.count -gt 0) { $intuneAssignments += ConvertTo-IntunePolicyAssignment -Assignments $Assignments } foreach ($assignment in $intuneAssignments) { - if ( $null -eq ($currentAssignments | Where-Object { $_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties."@odata.type" -eq $assignment.Target.'@odata.type' })) + if ( $null -eq ($currentAssignments | Where-Object { $_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties.'@odata.type' -eq $assignment.Target.'@odata.type' })) { New-MgBetaDeviceManagementDeviceConfigurationAssignment ` -DeviceConfigurationId $currentInstance.id ` @@ -3350,10 +3350,10 @@ function Set-TargetResource } else { - $currentAssignments = $currentAssignments | Where-Object { -not ($_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties."@odata.type" -eq $assignment.Target.'@odata.type') } + $currentAssignments = $currentAssignments | Where-Object { -not ($_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties.'@odata.type' -eq $assignment.Target.'@odata.type') } } } - if($currentAssignments.count -gt 0) + if ($currentAssignments.count -gt 0) { foreach ($assignment in $currentAssignments) { @@ -4893,7 +4893,7 @@ function Export-TargetResource #removing trailing commas and semi colons between items of an array of cim instances added by Convert-DSCStringParamToVariable $currentDSCBlock = $currentDSCBlock.Replace(" ,`r`n" , " `r`n" ) $currentDSCBlock = $currentDSCBlock.Replace("`r`n;`r`n" , "`r`n" ) - $currentDSCBlock = $currentDSCBlock.Replace(",`r`n",'') + $currentDSCBlock = $currentDSCBlock.Replace(",`r`n", '') $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` -FileName $Global:PartialExportFileName @@ -4905,7 +4905,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 index 662f14afe6..56f354bbd8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 @@ -844,8 +844,8 @@ function Get-TargetResource if (-not $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.iosGeneralDeviceConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.iosGeneralDeviceConfiguration' ` } } #endregion @@ -1050,31 +1050,31 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.appsSingleAppModeList if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{} - $currentHash.add('AppId',$currentValue.appid) - $currentHash.add('Publisher',$currentValue.publisher) - $currentHash.add('AppStoreUrl',$currentValue.appStoreUrl) - $currentHash.add('Name',$currentValue.name) - $currentHash.add('oDataType',$currentValue.'@odata.type') + $currentHash.add('AppId', $currentValue.appid) + $currentHash.add('Publisher', $currentValue.publisher) + $currentHash.add('AppStoreUrl', $currentValue.appStoreUrl) + $currentHash.add('Name', $currentValue.name) + $currentHash.add('oDataType', $currentValue.'@odata.type') $complexAppsSingleAppModeList += $currentHash } } $results.Add('AppsSingleAppModeList', $complexAppsSingleAppModeList) - $complexAppsVisibilityList= @() + $complexAppsVisibilityList = @() $currentValueArray = $getValue.AdditionalProperties.appsVisibilityList if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{} - $currentHash.add('AppId',$currentValue.appid) - $currentHash.add('Publisher',$currentValue.publisher) - $currentHash.add('AppStoreUrl',$currentValue.appStoreUrl) - $currentHash.add('Name',$currentValue.name) - $currentHash.add('oDataType',$currentValue.'@odata.type') + $currentHash.add('AppId', $currentValue.appid) + $currentHash.add('Publisher', $currentValue.publisher) + $currentHash.add('AppStoreUrl', $currentValue.appStoreUrl) + $currentHash.add('Name', $currentValue.name) + $currentHash.add('oDataType', $currentValue.'@odata.type') $complexAppsVisibilityList += $currentHash } } @@ -1084,14 +1084,14 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.compliantAppsList if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentHash = @{} - $currentHash.add('AppId',$currentValue.appid) - $currentHash.add('Publisher',$currentValue.publisher) - $currentHash.add('AppStoreUrl',$currentValue.appStoreUrl) - $currentHash.add('Name',$currentValue.name) - $currentHash.add('oDataType',$currentValue.'@odata.type') + $currentHash.add('AppId', $currentValue.appid) + $currentHash.add('Publisher', $currentValue.publisher) + $currentHash.add('AppStoreUrl', $currentValue.appStoreUrl) + $currentHash.add('Name', $currentValue.name) + $currentHash.add('oDataType', $currentValue.'@odata.type') $complexCompliantAppsList += $currentHash } } @@ -1110,12 +1110,12 @@ function Get-TargetResource ) foreach ($country in $ratingCountries) { - $complexMediaContentRating= @{} + $complexMediaContentRating = @{} $currentValue = $getValue.AdditionalProperties."mediaContentRating$country" if ($null -ne $currentValue) { - $complexMediaContentRating.Add('MovieRating',$currentValue.movieRating.toString()) - $complexMediaContentRating.Add('TvRating',$currentValue.tvRating.toString()) + $complexMediaContentRating.Add('MovieRating', $currentValue.movieRating.toString()) + $complexMediaContentRating.Add('TvRating', $currentValue.tvRating.toString()) } $results.Add("MediaContentRating$country", $complexMediaContentRating) } @@ -1132,27 +1132,27 @@ function Get-TargetResource $currentValueArray = $getValue.AdditionalProperties.networkUsageRules if ($null -ne $currentValueArray -and $currentValueArray.count -gt 0) { - foreach($currentValue in $currentValueArray) + foreach ($currentValue in $currentValueArray) { $currentValueHash = @{} - $currentValueHash.Add('CellularDataBlocked',$currentValue.cellularDataBlocked) - $currentValueHash.Add('CellularDataBlockWhenRoaming',$currentValue.cellularDataBlockWhenRoaming) + $currentValueHash.Add('CellularDataBlocked', $currentValue.cellularDataBlocked) + $currentValueHash.Add('CellularDataBlockWhenRoaming', $currentValue.cellularDataBlockWhenRoaming) $complexManagedApps = @() $currentValueChildArray = $currentValue.managedApps if ($null -ne $currentValueChildArray -and $currentValueChildArray.count -gt 0) { - foreach($currentChildValue in $currentValueChildArray) + foreach ($currentChildValue in $currentValueChildArray) { $currentHash = @{} - $currentHash.add('AppId',$currentValue.appid) - $currentHash.add('Publisher',$currentValue.publisher) - $currentHash.add('AppStoreUrl',$currentValue.appStoreUrl) - $currentHash.add('Name',$currentValue.name) - $currentHash.add('oDataType',$currentValue.'@odata.type') + $currentHash.add('AppId', $currentValue.appid) + $currentHash.add('Publisher', $currentValue.publisher) + $currentHash.add('AppStoreUrl', $currentValue.appStoreUrl) + $currentHash.add('Name', $currentValue.name) + $currentHash.add('oDataType', $currentValue.'@odata.type') $complexManagedApps += $currentHash } } - $currentValueHash.Add('ManagedApps',$complexManagedApps) + $currentValueHash.Add('ManagedApps', $complexManagedApps) $complexNetworkUsageRules += $currentValueHash } } @@ -1163,8 +1163,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -2061,7 +2061,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -2960,7 +2960,7 @@ function Test-TargetResource { $testResult = Compare-M365DSCComplexObject ` -Source ($source) ` - -Target ($target) -verbose + -Target ($target) -Verbose if (-Not $testResult) { @@ -3365,7 +3365,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10.psm1 index 6e478c8b13..e68a3d86bf 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10.psm1 @@ -6,22 +6,22 @@ function Get-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('user','machine')] + [ValidateSet('user', 'machine')] [System.String] $CertificateStore, [Parameter()] - [ValidateSet('sha1','sha2')] + [ValidateSet('sha1', 'sha2')] [System.String] $HashAlgorithm, [Parameter()] - [ValidateSet('size1024','size2048','size4096')] + [ValidateSet('size1024', 'size2048', 'size4096')] [System.String] $KeySize, [Parameter()] - [ValidateSet('keyEncipherment','digitalSignature')] + [ValidateSet('keyEncipherment', 'digitalSignature')] [System.String[]] $KeyUsage, @@ -46,7 +46,7 @@ function Get-TargetResource $ExtendedKeyUsages, [Parameter()] - [ValidateSet('days','months','years')] + [ValidateSet('days', 'months', 'years')] [System.String] $CertificateValidityPeriodScale, @@ -55,7 +55,7 @@ function Get-TargetResource $CertificateValidityPeriodValue, [Parameter()] - [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp','useTpmKspOtherwiseFail','usePassportForWorkKspOtherwiseFail','useSoftwareKsp')] + [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp', 'useTpmKspOtherwiseFail', 'usePassportForWorkKspOtherwiseFail', 'useSoftwareKsp')] [System.String] $KeyStorageProvider, @@ -64,12 +64,12 @@ function Get-TargetResource $RenewalThresholdPercentage, [Parameter()] - [ValidateSet('none','emailAddress','userPrincipalName','customAzureADAttribute','domainNameService','universalResourceIdentifier')] + [ValidateSet('none', 'emailAddress', 'userPrincipalName', 'customAzureADAttribute', 'domainNameService', 'universalResourceIdentifier')] [System.String] $SubjectAlternativeNameType, [Parameter()] - [ValidateSet('commonName','commonNameIncludingEmail','commonNameAsEmail','custom','commonNameAsIMEI','commonNameAsSerialNumber','commonNameAsAadDeviceId','commonNameAsIntuneDeviceId','commonNameAsDurableDeviceId')] + [ValidateSet('commonName', 'commonNameIncludingEmail', 'commonNameAsEmail', 'custom', 'commonNameAsIMEI', 'commonNameAsSerialNumber', 'commonNameAsAadDeviceId', 'commonNameAsIntuneDeviceId', 'commonNameAsDurableDeviceId')] [System.String] $SubjectNameFormat, @@ -154,7 +154,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -167,8 +167,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81SCEPCertificateProfile" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows81SCEPCertificateProfile' ` + } } } #endregion @@ -190,7 +190,7 @@ function Get-TargetResource { $mycustomSubjectAlternativeNames.Add('SanType', $currentcustomSubjectAlternativeNames.sanType.toString()) } - if ($mycustomSubjectAlternativeNames.values.Where({$null -ne $_}).count -gt 0) + if ($mycustomSubjectAlternativeNames.values.Where({ $null -ne $_ }).count -gt 0) { $complexCustomSubjectAlternativeNames += $mycustomSubjectAlternativeNames } @@ -202,7 +202,7 @@ function Get-TargetResource $myextendedKeyUsages = @{} $myextendedKeyUsages.Add('Name', $currentextendedKeyUsages.name) $myextendedKeyUsages.Add('ObjectIdentifier', $currentextendedKeyUsages.objectIdentifier) - if ($myextendedKeyUsages.values.Where({$null -ne $_}).count -gt 0) + if ($myextendedKeyUsages.values.Where({ $null -ne $_ }).count -gt 0) { $complexExtendedKeyUsages += $myextendedKeyUsages } @@ -301,8 +301,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -327,22 +327,22 @@ function Set-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('user','machine')] + [ValidateSet('user', 'machine')] [System.String] $CertificateStore, [Parameter()] - [ValidateSet('sha1','sha2')] + [ValidateSet('sha1', 'sha2')] [System.String] $HashAlgorithm, [Parameter()] - [ValidateSet('size1024','size2048','size4096')] + [ValidateSet('size1024', 'size2048', 'size4096')] [System.String] $KeySize, [Parameter()] - [ValidateSet('keyEncipherment','digitalSignature')] + [ValidateSet('keyEncipherment', 'digitalSignature')] [System.String[]] $KeyUsage, @@ -367,7 +367,7 @@ function Set-TargetResource $ExtendedKeyUsages, [Parameter()] - [ValidateSet('days','months','years')] + [ValidateSet('days', 'months', 'years')] [System.String] $CertificateValidityPeriodScale, @@ -376,7 +376,7 @@ function Set-TargetResource $CertificateValidityPeriodValue, [Parameter()] - [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp','useTpmKspOtherwiseFail','usePassportForWorkKspOtherwiseFail','useSoftwareKsp')] + [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp', 'useTpmKspOtherwiseFail', 'usePassportForWorkKspOtherwiseFail', 'useSoftwareKsp')] [System.String] $KeyStorageProvider, @@ -385,12 +385,12 @@ function Set-TargetResource $RenewalThresholdPercentage, [Parameter()] - [ValidateSet('none','emailAddress','userPrincipalName','customAzureADAttribute','domainNameService','universalResourceIdentifier')] + [ValidateSet('none', 'emailAddress', 'userPrincipalName', 'customAzureADAttribute', 'domainNameService', 'universalResourceIdentifier')] [System.String] $SubjectAlternativeNameType, [Parameter()] - [ValidateSet('commonName','commonNameIncludingEmail','commonNameAsEmail','custom','commonNameAsIMEI','commonNameAsSerialNumber','commonNameAsAadDeviceId','commonNameAsIntuneDeviceId','commonNameAsDurableDeviceId')] + [ValidateSet('commonName', 'commonNameIncludingEmail', 'commonNameAsEmail', 'custom', 'commonNameAsIMEI', 'commonNameAsSerialNumber', 'commonNameAsAadDeviceId', 'commonNameAsIntuneDeviceId', 'commonNameAsDurableDeviceId')] [System.String] $SubjectNameFormat, @@ -473,7 +473,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Scep Certificate Policy for Windows10 with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $BoundParameters.Remove('RootCertificateId') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() @@ -494,8 +494,8 @@ function Set-TargetResource -DeviceConfigurationId $RootCertificateId ` -ErrorAction SilentlyContinue | ` Where-Object -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows81TrustedRootCertificate' + } if ($null -eq $RootCertificate) { @@ -505,8 +505,8 @@ function Set-TargetResource -Filter "DisplayName eq '$RootCertificateDisplayName'" ` -ErrorAction SilentlyContinue | ` Where-Object -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows81TrustedRootCertificate' + } $RootCertificateId = $RootCertificate.Id if ($null -eq $RootCertificate) @@ -522,14 +522,14 @@ function Set-TargetResource } #region resource generator code - $CreateParameters.Add("rootCertificate@odata.bind", "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$RootCertificateId')") - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows81SCEPCertificateProfile") + $CreateParameters.Add('rootCertificate@odata.bind', "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$RootCertificateId')") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows81SCEPCertificateProfile') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -538,7 +538,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Scep Certificate Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $BoundParameters.Remove('RootCertificateId') | Out-Null $BoundParameters.Remove('RootCertificateDisplayName') | Out-Null @@ -557,7 +557,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows81SCEPCertificateProfile") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows81SCEPCertificateProfile') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -572,8 +572,8 @@ function Set-TargetResource -DeviceConfigurationId $RootCertificateId ` -ErrorAction SilentlyContinue | ` Where-Object -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows81TrustedRootCertificate' + } if ($null -eq $RootCertificate) { @@ -583,8 +583,8 @@ function Set-TargetResource -Filter "DisplayName eq '$RootCertificateDisplayName'" ` -ErrorAction SilentlyContinue | ` Where-Object -FilterScript { - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows81TrustedRootCertificate' + } $RootCertificateId = $RootCertificate.Id if ($null -eq $RootCertificate) @@ -620,22 +620,22 @@ function Test-TargetResource ( #region resource generator code [Parameter()] - [ValidateSet('user','machine')] + [ValidateSet('user', 'machine')] [System.String] $CertificateStore, [Parameter()] - [ValidateSet('sha1','sha2')] + [ValidateSet('sha1', 'sha2')] [System.String] $HashAlgorithm, [Parameter()] - [ValidateSet('size1024','size2048','size4096')] + [ValidateSet('size1024', 'size2048', 'size4096')] [System.String] $KeySize, [Parameter()] - [ValidateSet('keyEncipherment','digitalSignature')] + [ValidateSet('keyEncipherment', 'digitalSignature')] [System.String[]] $KeyUsage, @@ -660,7 +660,7 @@ function Test-TargetResource $ExtendedKeyUsages, [Parameter()] - [ValidateSet('days','months','years')] + [ValidateSet('days', 'months', 'years')] [System.String] $CertificateValidityPeriodScale, @@ -669,7 +669,7 @@ function Test-TargetResource $CertificateValidityPeriodValue, [Parameter()] - [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp','useTpmKspOtherwiseFail','usePassportForWorkKspOtherwiseFail','useSoftwareKsp')] + [ValidateSet('useTpmKspOtherwiseUseSoftwareKsp', 'useTpmKspOtherwiseFail', 'usePassportForWorkKspOtherwiseFail', 'useSoftwareKsp')] [System.String] $KeyStorageProvider, @@ -678,12 +678,12 @@ function Test-TargetResource $RenewalThresholdPercentage, [Parameter()] - [ValidateSet('none','emailAddress','userPrincipalName','customAzureADAttribute','domainNameService','universalResourceIdentifier')] + [ValidateSet('none', 'emailAddress', 'userPrincipalName', 'customAzureADAttribute', 'domainNameService', 'universalResourceIdentifier')] [System.String] $SubjectAlternativeNameType, [Parameter()] - [ValidateSet('commonName','commonNameIncludingEmail','commonNameAsEmail','custom','commonNameAsIMEI','commonNameAsSerialNumber','commonNameAsAadDeviceId','commonNameAsIntuneDeviceId','commonNameAsDurableDeviceId')] + [ValidateSet('commonName', 'commonNameIncludingEmail', 'commonNameAsEmail', 'custom', 'commonNameAsIMEI', 'commonNameAsSerialNumber', 'commonNameAsAadDeviceId', 'commonNameAsIntuneDeviceId', 'commonNameAsDurableDeviceId')] [System.String] $SubjectNameFormat, @@ -874,7 +874,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows81SCEPCertificateProfile' ` - } + } #endregion $i = 1 @@ -901,16 +901,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -963,15 +963,15 @@ function Export-TargetResource -Credential $Credential if ($Results.CustomSubjectAlternativeNames) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "CustomSubjectAlternativeNames" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'CustomSubjectAlternativeNames' -IsCIMArray:$True } if ($Results.ExtendedKeyUsages) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "ExtendedKeyUsages" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'ExtendedKeyUsages' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` @@ -984,7 +984,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } @@ -1037,7 +1037,7 @@ function Update-DeviceConfigurationPolicyRootCertificateId '@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/deviceConfigurations('$RootCertificateId')" } - Invoke-MgGraphRequest -Method PUT -Uri $Uri -Body ($ref|ConvertTo-Json) -ErrorAction Stop + Invoke-MgGraphRequest -Method PUT -Uri $Uri -Body ($ref | ConvertTo-Json) -ErrorAction Stop } Export-ModuleMember -Function *-TargetResource diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/settings.json index 85b689c6d5..fbec56293e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationScepCertificatePolicyWindows10", "description": "This resource configures an Intune Device Configuration Scep Certificate Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10.psm1 index 1f0f010d8b..c69bfe70c8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10.psm1 @@ -26,7 +26,7 @@ function Get-TargetResource $ConfigurationAccount, [Parameter()] - [ValidateSet('azureADAccount','domainAccount','localAccount','localGuestAccount')] + [ValidateSet('azureADAccount', 'domainAccount', 'localAccount', 'localGuestAccount')] [System.String] $ConfigurationAccountType, @@ -111,7 +111,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -124,8 +124,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows10SecureAssessmentConfiguration" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10SecureAssessmentConfiguration' ` + } } } #endregion @@ -174,8 +174,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -220,7 +220,7 @@ function Set-TargetResource $ConfigurationAccount, [Parameter()] - [ValidateSet('azureADAccount','domainAccount','localAccount','localGuestAccount')] + [ValidateSet('azureADAccount', 'domainAccount', 'localAccount', 'localGuestAccount')] [System.String] $ConfigurationAccountType, @@ -301,7 +301,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Secure Assessment Policy for Windows10 with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -316,13 +316,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows10SecureAssessmentConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows10SecureAssessmentConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -331,7 +331,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Secure Assessment Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -347,7 +347,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows10SecureAssessmentConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows10SecureAssessmentConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -395,7 +395,7 @@ function Test-TargetResource $ConfigurationAccount, [Parameter()] - [ValidateSet('azureADAccount','domainAccount','localAccount','localGuestAccount')] + [ValidateSet('azureADAccount', 'domainAccount', 'localAccount', 'localGuestAccount')] [System.String] $ConfigurationAccountType, @@ -582,7 +582,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10SecureAssessmentConfiguration' ` - } + } #endregion $i = 1 @@ -609,16 +609,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -643,7 +643,7 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -657,7 +657,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/settings.json index 8812b2ccd2..987076826e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationSecureAssessmentPolicyWindows10", "description": "This resource configures an Intune Device Configuration Secure Assessment Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10.psm1 index 79edae4207..41ae7f82e6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10.psm1 @@ -293,8 +293,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -897,7 +897,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/settings.json index db1d9e82e6..af0d67c121 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10", "description": "This resource configures an Intune Device Configuration Shared Multi Device Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10.psm1 index 66719c16c1..8b948dc3c8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10.psm1 @@ -10,7 +10,7 @@ function Get-TargetResource $CertFileName, [Parameter()] - [ValidateSet('computerCertStoreRoot','computerCertStoreIntermediate','userCertStoreIntermediate')] + [ValidateSet('computerCertStoreRoot', 'computerCertStoreIntermediate', 'userCertStoreIntermediate')] [System.String] $DestinationStore, @@ -91,7 +91,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -104,8 +104,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows81TrustedRootCertificate' ` + } } } #endregion @@ -149,8 +149,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -179,7 +179,7 @@ function Set-TargetResource $CertFileName, [Parameter()] - [ValidateSet('computerCertStoreRoot','computerCertStoreIntermediate','userCertStoreIntermediate')] + [ValidateSet('computerCertStoreRoot', 'computerCertStoreIntermediate', 'userCertStoreIntermediate')] [System.String] $DestinationStore, @@ -256,7 +256,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Trusted Certificate Policy for Windows10 with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -271,13 +271,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows81TrustedRootCertificate") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows81TrustedRootCertificate') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -286,7 +286,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Trusted Certificate Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -302,7 +302,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows81TrustedRootCertificate") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows81TrustedRootCertificate') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -334,7 +334,7 @@ function Test-TargetResource $CertFileName, [Parameter()] - [ValidateSet('computerCertStoreRoot','computerCertStoreIntermediate','userCertStoreIntermediate')] + [ValidateSet('computerCertStoreRoot', 'computerCertStoreIntermediate', 'userCertStoreIntermediate')] [System.String] $DestinationStore, @@ -517,7 +517,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows81TrustedRootCertificate' ` - } + } #endregion $i = 1 @@ -544,16 +544,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -578,7 +578,7 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -592,7 +592,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/settings.json index 052b0d3143..f0b5956e3d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationTrustedCertificatePolicyWindows10", "description": "This resource configures an Intune Device Configuration Trusted Certificate Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10.psm1 index eb4017a22d..81fd5f7ace 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10.psm1 @@ -10,12 +10,12 @@ function Get-TargetResource $AssociatedApps, [Parameter()] - [ValidateSet('certificate','usernameAndPassword','customEapXml','derivedCredential')] + [ValidateSet('certificate', 'usernameAndPassword', 'customEapXml', 'derivedCredential')] [System.String] $AuthenticationMethod, [Parameter()] - [ValidateSet('pulseSecure','f5EdgeClient','dellSonicWallMobileConnect','checkPointCapsuleVpn','automatic','ikEv2','l2tp','pptp','citrix','paloAltoGlobalProtect','ciscoAnyConnect','unknownFutureValue','microsoftTunnel')] + [ValidateSet('pulseSecure', 'f5EdgeClient', 'dellSonicWallMobileConnect', 'checkPointCapsuleVpn', 'automatic', 'ikEv2', 'l2tp', 'pptp', 'citrix', 'paloAltoGlobalProtect', 'ciscoAnyConnect', 'unknownFutureValue', 'microsoftTunnel')] [System.String] $ConnectionType, @@ -68,7 +68,7 @@ function Get-TargetResource $OnlyAssociatedAppsCanUseConnection, [Parameter()] - [ValidateSet('user','device','autoPilotDevice')] + [ValidateSet('user', 'device', 'autoPilotDevice')] [System.String] $ProfileTarget, @@ -189,7 +189,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -202,8 +202,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows10VpnConfiguration" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10VpnConfiguration' ` + } } } #endregion @@ -225,7 +225,7 @@ function Get-TargetResource $myassociatedApps.Add('AppType', $currentassociatedApps.appType.toString()) } $myassociatedApps.Add('Identifier', $currentassociatedApps.identifier) - if ($myassociatedApps.values.Where({$null -ne $_}).count -gt 0) + if ($myassociatedApps.values.Where({ $null -ne $_ }).count -gt 0) { $complexAssociatedApps += $myassociatedApps } @@ -256,7 +256,7 @@ function Get-TargetResource { $complexCryptographySuite.Add('PfsGroup', $getValue.AdditionalProperties.cryptographySuite.pfsGroup.toString()) } - if ($complexCryptographySuite.values.Where({$null -ne $_}).count -eq 0) + if ($complexCryptographySuite.values.Where({ $null -ne $_ }).count -eq 0) { $complexCryptographySuite = $null } @@ -270,7 +270,7 @@ function Get-TargetResource $mydnsRules.Add('Persistent', $currentdnsRules.persistent) $mydnsRules.Add('ProxyServerUri', $currentdnsRules.proxyServerUri) $mydnsRules.Add('Servers', $currentdnsRules.servers) - if ($mydnsRules.values.Where({$null -ne $_}).count -gt 0) + if ($mydnsRules.values.Where({ $null -ne $_ }).count -gt 0) { $complexDnsRules += $mydnsRules } @@ -286,7 +286,7 @@ function Get-TargetResource { $complexProxyServer.Add('odataType', $getValue.AdditionalProperties.proxyServer.'@odata.type'.toString()) } - if ($complexProxyServer.values.Where({$null -ne $_}).count -eq 0) + if ($complexProxyServer.values.Where({ $null -ne $_ }).count -eq 0) { $complexProxyServer = $null } @@ -297,7 +297,7 @@ function Get-TargetResource $myroutes = @{} $myroutes.Add('DestinationPrefix', $currentroutes.destinationPrefix) $myroutes.Add('PrefixSize', $currentroutes.prefixSize) - if ($myroutes.values.Where({$null -ne $_}).count -gt 0) + if ($myroutes.values.Where({ $null -ne $_ }).count -gt 0) { $complexRoutes += $myroutes } @@ -306,7 +306,7 @@ function Get-TargetResource $complexSingleSignOnEku = @{} $complexSingleSignOnEku.Add('Name', $getValue.AdditionalProperties.singleSignOnEku.name) $complexSingleSignOnEku.Add('ObjectIdentifier', $getValue.AdditionalProperties.singleSignOnEku.objectIdentifier) - if ($complexSingleSignOnEku.values.Where({$null -ne $_}).count -eq 0) + if ($complexSingleSignOnEku.values.Where({ $null -ne $_ }).count -eq 0) { $complexSingleSignOnEku = $null } @@ -332,24 +332,24 @@ function Get-TargetResource { $myLocalAddressRanges.Add('odataType', $currentLocalAddressRanges.'@odata.type'.toString()) } - if ($myLocalAddressRanges.values.Where({$null -ne $_}).count -gt 0) + if ($myLocalAddressRanges.values.Where({ $null -ne $_ }).count -gt 0) { $complexLocalAddressRanges += $myLocalAddressRanges } } - $mytrafficRules.Add('LocalAddressRanges',$complexLocalAddressRanges) + $mytrafficRules.Add('LocalAddressRanges', $complexLocalAddressRanges) $complexLocalPortRanges = @() foreach ($currentLocalPortRanges in $currenttrafficRules.localPortRanges) { $myLocalPortRanges = @{} $myLocalPortRanges.Add('LowerNumber', $currentLocalPortRanges.lowerNumber) $myLocalPortRanges.Add('UpperNumber', $currentLocalPortRanges.upperNumber) - if ($myLocalPortRanges.values.Where({$null -ne $_}).count -gt 0) + if ($myLocalPortRanges.values.Where({ $null -ne $_ }).count -gt 0) { $complexLocalPortRanges += $myLocalPortRanges } } - $mytrafficRules.Add('LocalPortRanges',$complexLocalPortRanges) + $mytrafficRules.Add('LocalPortRanges', $complexLocalPortRanges) $mytrafficRules.Add('Name', $currenttrafficRules.name) $mytrafficRules.Add('Protocols', $currenttrafficRules.protocols) $complexRemoteAddressRanges = @() @@ -363,24 +363,24 @@ function Get-TargetResource { $myRemoteAddressRanges.Add('odataType', $currentRemoteAddressRanges.'@odata.type'.toString()) } - if ($myRemoteAddressRanges.values.Where({$null -ne $_}).count -gt 0) + if ($myRemoteAddressRanges.values.Where({ $null -ne $_ }).count -gt 0) { $complexRemoteAddressRanges += $myRemoteAddressRanges } } - $mytrafficRules.Add('RemoteAddressRanges',$complexRemoteAddressRanges) + $mytrafficRules.Add('RemoteAddressRanges', $complexRemoteAddressRanges) $complexRemotePortRanges = @() foreach ($currentRemotePortRanges in $currenttrafficRules.remotePortRanges) { $myRemotePortRanges = @{} $myRemotePortRanges.Add('LowerNumber', $currentRemotePortRanges.lowerNumber) $myRemotePortRanges.Add('UpperNumber', $currentRemotePortRanges.upperNumber) - if ($myRemotePortRanges.values.Where({$null -ne $_}).count -gt 0) + if ($myRemotePortRanges.values.Where({ $null -ne $_ }).count -gt 0) { $complexRemotePortRanges += $myRemotePortRanges } } - $mytrafficRules.Add('RemotePortRanges',$complexRemotePortRanges) + $mytrafficRules.Add('RemotePortRanges', $complexRemotePortRanges) if ($null -ne $currenttrafficRules.routingPolicyType) { $mytrafficRules.Add('RoutingPolicyType', $currenttrafficRules.routingPolicyType.toString()) @@ -389,7 +389,7 @@ function Get-TargetResource { $mytrafficRules.Add('VpnTrafficDirection', $currenttrafficRules.vpnTrafficDirection.toString()) } - if ($mytrafficRules.values.Where({$null -ne $_}).count -gt 0) + if ($mytrafficRules.values.Where({ $null -ne $_ }).count -gt 0) { $complexTrafficRules += $mytrafficRules } @@ -402,7 +402,7 @@ function Get-TargetResource $myservers.Add('Address', $currentservers.address) $myservers.Add('Description', $currentservers.description) $myservers.Add('IsDefaultServer', $currentservers.isDefaultServer) - if ($myservers.values.Where({$null -ne $_}).count -gt 0) + if ($myservers.values.Where({ $null -ne $_ }).count -gt 0) { $complexServers += $myservers } @@ -477,8 +477,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -507,12 +507,12 @@ function Set-TargetResource $AssociatedApps, [Parameter()] - [ValidateSet('certificate','usernameAndPassword','customEapXml','derivedCredential')] + [ValidateSet('certificate', 'usernameAndPassword', 'customEapXml', 'derivedCredential')] [System.String] $AuthenticationMethod, [Parameter()] - [ValidateSet('pulseSecure','f5EdgeClient','dellSonicWallMobileConnect','checkPointCapsuleVpn','automatic','ikEv2','l2tp','pptp','citrix','paloAltoGlobalProtect','ciscoAnyConnect','unknownFutureValue','microsoftTunnel')] + [ValidateSet('pulseSecure', 'f5EdgeClient', 'dellSonicWallMobileConnect', 'checkPointCapsuleVpn', 'automatic', 'ikEv2', 'l2tp', 'pptp', 'citrix', 'paloAltoGlobalProtect', 'ciscoAnyConnect', 'unknownFutureValue', 'microsoftTunnel')] [System.String] $ConnectionType, @@ -565,7 +565,7 @@ function Set-TargetResource $OnlyAssociatedAppsCanUseConnection, [Parameter()] - [ValidateSet('user','device','autoPilotDevice')] + [ValidateSet('user', 'device', 'autoPilotDevice')] [System.String] $ProfileTarget, @@ -680,13 +680,13 @@ function Set-TargetResource $BoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters $keyToRename = @{ - 'odataType' = '@odata.type' + 'odataType' = '@odata.type' 'ServerCollection' = 'servers' } if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Vpn Policy for Windows10 with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters -KeyMapping $keyToRename @@ -701,13 +701,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows10VpnConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows10VpnConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -716,7 +716,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Vpn Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters -KeyMapping $keyToRename @@ -732,7 +732,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows10VpnConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows10VpnConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -764,12 +764,12 @@ function Test-TargetResource $AssociatedApps, [Parameter()] - [ValidateSet('certificate','usernameAndPassword','customEapXml','derivedCredential')] + [ValidateSet('certificate', 'usernameAndPassword', 'customEapXml', 'derivedCredential')] [System.String] $AuthenticationMethod, [Parameter()] - [ValidateSet('pulseSecure','f5EdgeClient','dellSonicWallMobileConnect','checkPointCapsuleVpn','automatic','ikEv2','l2tp','pptp','citrix','paloAltoGlobalProtect','ciscoAnyConnect','unknownFutureValue','microsoftTunnel')] + [ValidateSet('pulseSecure', 'f5EdgeClient', 'dellSonicWallMobileConnect', 'checkPointCapsuleVpn', 'automatic', 'ikEv2', 'l2tp', 'pptp', 'citrix', 'paloAltoGlobalProtect', 'ciscoAnyConnect', 'unknownFutureValue', 'microsoftTunnel')] [System.String] $ConnectionType, @@ -822,7 +822,7 @@ function Test-TargetResource $OnlyAssociatedAppsCanUseConnection, [Parameter()] - [ValidateSet('user','device','autoPilotDevice')] + [ValidateSet('user', 'device', 'autoPilotDevice')] [System.String] $ProfileTarget, @@ -1045,7 +1045,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10VpnConfiguration' ` - } + } #endregion $i = 1 @@ -1072,16 +1072,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -1175,29 +1175,29 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'TrafficRules' + Name = 'TrafficRules' CimInstanceName = 'MicrosoftGraphVpnTrafficRule' - IsRequired = $False + IsRequired = $False } @{ - Name = 'LocalAddressRanges' + Name = 'LocalAddressRanges' CimInstanceName = 'MicrosoftGraphIPv4Range' - IsRequired = $False + IsRequired = $False } @{ - Name = 'LocalPortRanges' + Name = 'LocalPortRanges' CimInstanceName = 'MicrosoftGraphNumberRange' - IsRequired = $False + IsRequired = $False } @{ - Name = 'RemoteAddressRanges' + Name = 'RemoteAddressRanges' CimInstanceName = 'MicrosoftGraphIPv4Range' - IsRequired = $False + IsRequired = $False } @{ - Name = 'RemotePortRanges' + Name = 'RemotePortRanges' CimInstanceName = 'MicrosoftGraphNumberRange' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -1247,39 +1247,39 @@ function Export-TargetResource -Credential $Credential if ($Results.AssociatedApps) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "AssociatedApps" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'AssociatedApps' -IsCIMArray:$True } if ($Results.CryptographySuite) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "CryptographySuite" -isCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'CryptographySuite' -IsCIMArray:$False } if ($Results.DnsRules) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "DnsRules" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'DnsRules' -IsCIMArray:$True } if ($Results.ProxyServer) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "ProxyServer" -isCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'ProxyServer' -IsCIMArray:$False } if ($Results.Routes) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Routes" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Routes' -IsCIMArray:$True } if ($Results.SingleSignOnEku) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "SingleSignOnEku" -isCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'SingleSignOnEku' -IsCIMArray:$False } if ($Results.TrafficRules) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "TrafficRules" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'TrafficRules' -IsCIMArray:$True } if ($Results.ServerCollection) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "ServerCollection" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'ServerCollection' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` @@ -1292,7 +1292,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } @@ -1311,4 +1311,4 @@ function Export-TargetResource } } -Export-ModuleMember -Function *-TargetResource,* +Export-ModuleMember -Function *-TargetResource, * diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/settings.json index 68a260efb4..93d32b9db2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationVpnPolicyWindows10", "description": "This resource configures an Intune Device Configuration Vpn Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10.psm1 index 8bc1deb336..96758bfbf8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10.psm1 @@ -38,7 +38,7 @@ function Get-TargetResource $MiracastBlocked, [Parameter()] - [ValidateSet('userDefined','one','two','three','four','five','six','seven','eight','nine','ten','eleven','thirtySix','forty','fortyFour','fortyEight','oneHundredFortyNine','oneHundredFiftyThree','oneHundredFiftySeven','oneHundredSixtyOne','oneHundredSixtyFive')] + [ValidateSet('userDefined', 'one', 'two', 'three', 'four', 'five', 'six', 'seven', 'eight', 'nine', 'ten', 'eleven', 'thirtySix', 'forty', 'fortyFour', 'fortyEight', 'oneHundredFortyNine', 'oneHundredFiftyThree', 'oneHundredFiftySeven', 'oneHundredSixtyOne', 'oneHundredSixtyFive')] [System.String] $MiracastChannel, @@ -83,7 +83,7 @@ function Get-TargetResource $WelcomeScreenBlockAutomaticWakeUp, [Parameter()] - [ValidateSet('userDefined','showOrganizerAndTimeOnly','showOrganizerAndTimeAndSubject')] + [ValidateSet('userDefined', 'showOrganizerAndTimeOnly', 'showOrganizerAndTimeAndSubject')] [System.String] $WelcomeScreenMeetingInformation, @@ -164,7 +164,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -177,8 +177,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows10TeamGeneralConfiguration" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10TeamGeneralConfiguration' ` + } } } #endregion @@ -254,8 +254,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -312,7 +312,7 @@ function Set-TargetResource $MiracastBlocked, [Parameter()] - [ValidateSet('userDefined','one','two','three','four','five','six','seven','eight','nine','ten','eleven','thirtySix','forty','fortyFour','fortyEight','oneHundredFortyNine','oneHundredFiftyThree','oneHundredFiftySeven','oneHundredSixtyOne','oneHundredSixtyFive')] + [ValidateSet('userDefined', 'one', 'two', 'three', 'four', 'five', 'six', 'seven', 'eight', 'nine', 'ten', 'eleven', 'thirtySix', 'forty', 'fortyFour', 'fortyEight', 'oneHundredFortyNine', 'oneHundredFiftyThree', 'oneHundredFiftySeven', 'oneHundredSixtyOne', 'oneHundredSixtyFive')] [System.String] $MiracastChannel, @@ -357,7 +357,7 @@ function Set-TargetResource $WelcomeScreenBlockAutomaticWakeUp, [Parameter()] - [ValidateSet('userDefined','showOrganizerAndTimeOnly','showOrganizerAndTimeAndSubject')] + [ValidateSet('userDefined', 'showOrganizerAndTimeOnly', 'showOrganizerAndTimeAndSubject')] [System.String] $WelcomeScreenMeetingInformation, @@ -434,7 +434,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Windows Team Policy for Windows10 with DisplayName {$DisplayName}" - $PSBoundParameters.Remove("Assignments") | Out-Null + $PSBoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$PSBoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -449,13 +449,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows10TeamGeneralConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows10TeamGeneralConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -464,7 +464,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Windows Team Policy for Windows10 with Id {$($currentInstance.Id)}" - $PSBoundParameters.Remove("Assignments") | Out-Null + $PSBoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$PSBoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -480,7 +480,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows10TeamGeneralConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows10TeamGeneralConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -540,7 +540,7 @@ function Test-TargetResource $MiracastBlocked, [Parameter()] - [ValidateSet('userDefined','one','two','three','four','five','six','seven','eight','nine','ten','eleven','thirtySix','forty','fortyFour','fortyEight','oneHundredFortyNine','oneHundredFiftyThree','oneHundredFiftySeven','oneHundredSixtyOne','oneHundredSixtyFive')] + [ValidateSet('userDefined', 'one', 'two', 'three', 'four', 'five', 'six', 'seven', 'eight', 'nine', 'ten', 'eleven', 'thirtySix', 'forty', 'fortyFour', 'fortyEight', 'oneHundredFortyNine', 'oneHundredFiftyThree', 'oneHundredFiftySeven', 'oneHundredSixtyOne', 'oneHundredSixtyFive')] [System.String] $MiracastChannel, @@ -585,7 +585,7 @@ function Test-TargetResource $WelcomeScreenBlockAutomaticWakeUp, [Parameter()] - [ValidateSet('userDefined','showOrganizerAndTimeOnly','showOrganizerAndTimeAndSubject')] + [ValidateSet('userDefined', 'showOrganizerAndTimeOnly', 'showOrganizerAndTimeAndSubject')] [System.String] $WelcomeScreenMeetingInformation, @@ -768,7 +768,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10TeamGeneralConfiguration' ` - } + } #endregion $i = 1 @@ -795,16 +795,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -829,7 +829,7 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -843,7 +843,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/settings.json index e5bc5b667d..24fb9c88af 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationWindowsTeamPolicyWindows10", "description": "This resource configures an Intune Device Configuration Windows Team Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10.psm1 index 8e4c4b36a7..28a61c850c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10.psm1 @@ -257,11 +257,11 @@ function Get-TargetResource } #endregion - $rootCertificateForClientValidation = Get-DeviceConfigurationPolicyCertificate -DeviceConfigurationPolicyId $getValue.Id -CertificateName rootCertificateForClientValidation - $rootCertificatesForServerValidation = Get-DeviceConfigurationPolicyCertificate -DeviceConfigurationPolicyId $getValue.Id -CertificateName rootCertificatesForServerValidation - $identityCertificateForClientAuthentication = Get-DeviceConfigurationPolicyCertificate -DeviceConfigurationPolicyId $getValue.Id -CertificateName identityCertificateForClientAuthentication + $rootCertificateForClientValidation = Get-DeviceConfigurationPolicyCertificate -DeviceConfigurationPolicyId $getValue.Id -CertificateName rootCertificateForClientValidation + $rootCertificatesForServerValidation = Get-DeviceConfigurationPolicyCertificate -DeviceConfigurationPolicyId $getValue.Id -CertificateName rootCertificatesForServerValidation + $identityCertificateForClientAuthentication = Get-DeviceConfigurationPolicyCertificate -DeviceConfigurationPolicyId $getValue.Id -CertificateName identityCertificateForClientAuthentication $secondaryIdentityCertificateForClientAuthentication = Get-DeviceConfigurationPolicyCertificate -DeviceConfigurationPolicyId $getValue.Id -CertificateName secondaryIdentityCertificateForClientAuthentication - $secondaryRootCertificateForClientValidation = Get-DeviceConfigurationPolicyCertificate -DeviceConfigurationPolicyId $getValue.Id -CertificateName secondaryRootCertificateForClientValidation + $secondaryRootCertificateForClientValidation = Get-DeviceConfigurationPolicyCertificate -DeviceConfigurationPolicyId $getValue.Id -CertificateName secondaryRootCertificateForClientValidation $results = @{ #region resource generator code @@ -313,8 +313,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -578,7 +578,7 @@ function Set-TargetResource '#microsoft.graph.windows81SCEPCertificateProfile', ` '#microsoft.graph.windows81TrustedRootCertificate', ` '#microsoft.graph.windows10PkcsCertificateProfile' ` - ) + ) $ref = "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')" $CreateParameters.Add('identityCertificateForClientAuthentication@odata.bind', $ref) } @@ -592,7 +592,7 @@ function Set-TargetResource '#microsoft.graph.windows81SCEPCertificateProfile', ` '#microsoft.graph.windows81TrustedRootCertificate', ` '#microsoft.graph.windows10PkcsCertificateProfile' ` - ) + ) $ref = "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')" $CreateParameters.Add('secondaryIdentityCertificateForClientAuthentication@odata.bind', $ref) } @@ -712,7 +712,7 @@ function Set-TargetResource '#microsoft.graph.windows81SCEPCertificateProfile', ` '#microsoft.graph.windows81TrustedRootCertificate', ` '#microsoft.graph.windows10PkcsCertificateProfile' ` - ) + ) Update-DeviceConfigurationPolicyCertificateId -DeviceConfigurationPolicyId $currentInstance.Id ` -CertificateIds $IdentityCertificateForClientAuthenticationId ` -CertificateName identityCertificateForClientAuthentication @@ -730,7 +730,7 @@ function Set-TargetResource '#microsoft.graph.windows81SCEPCertificateProfile', ` '#microsoft.graph.windows81TrustedRootCertificate', ` '#microsoft.graph.windows10PkcsCertificateProfile' ` - ) + ) Update-DeviceConfigurationPolicyCertificateId -DeviceConfigurationPolicyId $currentInstance.Id ` -CertificateIds $SecondaryIdentityCertificateForClientAuthenticationId ` -CertificateName secondaryIdentityCertificateForClientAuthentication @@ -1155,8 +1155,8 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Message: Location header not present in redirection response.*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Message: Location header not present in redirection response.*' -or ` + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } @@ -1195,13 +1195,13 @@ function Get-DeviceConfigurationPolicyCertificate $result = Invoke-MgGraphRequest -Method Get -Uri $Uri 4>$null return $(if ($result.value) - { - $result.value - } - else - { - $result - }) + { + $result.value + } + else + { + $result + }) } catch { @@ -1296,8 +1296,8 @@ function Get-IntuneDeviceConfigurationCertificateId -DeviceConfigurationId $CertificateId ` -ErrorAction SilentlyContinue | ` Where-Object -FilterScript { - $_.AdditionalProperties.'@odata.type' -in $OdataTypes - } + $_.AdditionalProperties.'@odata.type' -in $OdataTypes + } if ($null -eq $Certificate) { @@ -1307,8 +1307,8 @@ function Get-IntuneDeviceConfigurationCertificateId -Filter "DisplayName eq '$CertificateDisplayName'" ` -ErrorAction SilentlyContinue | ` Where-Object -FilterScript { - $_.AdditionalProperties.'@odata.type' -in $OdataTypes - } + $_.AdditionalProperties.'@odata.type' -in $OdataTypes + } if ($null -eq $Certificate) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/settings.json index 905ce1cdc7..33e5bf10e9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneDeviceConfigurationWiredNetworkPolicyWindows10", "description": "This resource configures an Intune Device Configuration Wired Network Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceControlPolicyWindows10/MSFT_IntuneDeviceControlPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceControlPolicyWindows10/MSFT_IntuneDeviceControlPolicyWindows10.psm1 index a845f318f3..cefaba98a3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceControlPolicyWindows10/MSFT_IntuneDeviceControlPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceControlPolicyWindows10/MSFT_IntuneDeviceControlPolicyWindows10.psm1 @@ -256,7 +256,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -296,10 +296,10 @@ function Get-TargetResource foreach ($currentEntry in $currentPolicyRule.entry) { $complexEntry += @{ - Type = $currentEntry.Type - Options = $currentEntry.Options - Sid = $currentEntry.Sid - AccessMask = $currentEntry.AccessMask + Type = $currentEntry.Type + Options = $currentEntry.Options + Sid = $currentEntry.Sid + AccessMask = $currentEntry.AccessMask ComputerSid = $currentEntry.ComputerSid } } @@ -610,7 +610,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Control Policy for Windows10 with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -641,7 +641,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Control Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -1042,14 +1042,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "0f2034c6-3cd6-4ee1-bd37-f3c0693e9548_1" + $policyTemplateID = '0f2034c6-3cd6-4ee1-bd37-f3c0693e9548_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -1075,16 +1075,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -1094,14 +1094,14 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'PolicyRule' + Name = 'PolicyRule' CimInstanceName = 'MicrosoftGraphIntuneSettingsCatalogPolicyRule' - IsRequired = $False + IsRequired = $False } @{ - Name = 'Entry' + Name = 'Entry' CimInstanceName = 'MicrosoftGraphIntuneSettingsCatalogPolicyRuleEntry' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -1139,12 +1139,12 @@ function Export-TargetResource -Credential $Credential if ($Results.PolicyRule) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "PolicyRule" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'PolicyRule' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceControlPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceControlPolicyWindows10/settings.json index 942c440c54..1b9a0b3493 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceControlPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceControlPolicyWindows10/settings.json @@ -1,44 +1,44 @@ { - "resourceName":"IntuneDeviceControlPolicyWindows10", - "description":"This resource configures an Intune Device Control Policy for Windows10.", - "permissions":{ - "graph":{ - "delegated":{ - "read":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.Read.All" - } - ], - "update":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application":{ - "read":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.Read.All" - } - ], - "update":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } - } + "resourceName": "IntuneDeviceControlPolicyWindows10", + "description": "This resource configures an Intune Device Control Policy for Windows10.", + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentLimitRestriction/MSFT_IntuneDeviceEnrollmentLimitRestriction.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentLimitRestriction/MSFT_IntuneDeviceEnrollmentLimitRestriction.psm1 index ecd2b03243..de2fe908c7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentLimitRestriction/MSFT_IntuneDeviceEnrollmentLimitRestriction.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentLimitRestriction/MSFT_IntuneDeviceEnrollmentLimitRestriction.psm1 @@ -397,7 +397,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentPlatformRestriction/MSFT_IntuneDeviceEnrollmentPlatformRestriction.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentPlatformRestriction/MSFT_IntuneDeviceEnrollmentPlatformRestriction.psm1 index e29b5fa2e0..f3e30f625a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentPlatformRestriction/MSFT_IntuneDeviceEnrollmentPlatformRestriction.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentPlatformRestriction/MSFT_IntuneDeviceEnrollmentPlatformRestriction.psm1 @@ -117,7 +117,7 @@ function Get-TargetResource $keys = (([Hashtable]$PSBoundParameters).Clone()).Keys foreach ($key in $keys) { - if ($null -ne $PSBoundParameters.$key -and $PSBoundParameters.$key.getType().Name -like '*cimInstance*' -and $key -like "*Restriction") + if ($null -ne $PSBoundParameters.$key -and $PSBoundParameters.$key.getType().Name -like '*cimInstance*' -and $key -like '*Restriction') { if ($DeviceEnrollmentConfigurationType -eq 'singlePlatformRestriction' ) { @@ -129,10 +129,12 @@ function Get-TargetResource try { - try { + try + { $config = Get-MgBetaDeviceManagementDeviceEnrollmentConfiguration -DeviceEnrollmentConfigurationId $Identity -ErrorAction Stop } - catch { + catch + { $config = $null } @@ -141,9 +143,16 @@ function Get-TargetResource Write-Verbose -Message "Could not find an Intune Device Enrollment Platform Restriction with Id {$Identity}" $config = Get-MgBetaDeviceManagementDeviceEnrollmentConfiguration -All -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object -FilterScript { - $_.AdditionalProperties.'@odata.type' -like "#microsoft.graph.deviceEnrollmentPlatformRestriction*Configuration" -and - $(if ($null -ne $_.AdditionalProperties.platformType) { $_.AdditionalProperties.platformType -eq $PlatformType } else { $true }) - } + $_.AdditionalProperties.'@odata.type' -like '#microsoft.graph.deviceEnrollmentPlatformRestriction*Configuration' -and + $(if ($null -ne $_.AdditionalProperties.platformType) + { + $_.AdditionalProperties.platformType -eq $PlatformType + } + else + { + $true + }) + } if ($null -eq $config) { @@ -181,8 +190,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -311,7 +320,8 @@ function Set-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - if ($Ensure -eq 'Absent' -and $Identity -like '*_DefaultPlatformRestrictions') { + if ($Ensure -eq 'Absent' -and $Identity -like '*_DefaultPlatformRestrictions') + { throw 'Cannot delete the default platform restriction policy.' } @@ -383,7 +393,7 @@ function Set-TargetResource if ($PriorityPresent -and $Priority -ne $policy.Priority) { - $Uri = "/beta/deviceManagement/deviceEnrollmentConfigurations/{0}/setPriority" -f $policy.Id + $Uri = '/beta/deviceManagement/deviceEnrollmentConfigurations/{0}/setPriority' -f $policy.Id $Body = @{ priority = $Priority } @@ -448,7 +458,7 @@ function Set-TargetResource if ($PriorityPresent -and $Priority -ne $currentInstance.Priority) { - $Uri = "/beta/deviceManagement/deviceEnrollmentConfigurations/{0}/setPriority" -f $currentInstance.Identity + $Uri = '/beta/deviceManagement/deviceEnrollmentConfigurations/{0}/setPriority' -f $currentInstance.Identity $Body = @{ priority = $Priority } @@ -623,7 +633,7 @@ function Test-TargetResource #Compare basic parameters if ($testResult) { - Write-Verbose -Message "Comparing the current values with the desired ones" + Write-Verbose -Message 'Comparing the current values with the desired ones' $testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -912,7 +922,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.psm1 index 8d5aec841c..f5a9a6e758 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.psm1 @@ -142,7 +142,7 @@ function Get-TargetResource $getValue = $null #region resource generator code $getValue = Get-MgBetaDeviceManagementDeviceEnrollmentConfiguration -DeviceEnrollmentConfigurationId $Id -ErrorAction SilentlyContinue ` - | Where-Object -FilterScript {$null -ne $_.DisplayName} + | Where-Object -FilterScript { $null -ne $_.DisplayName } if ($null -eq $getValue) { @@ -156,7 +156,7 @@ function Get-TargetResource -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10EnrollmentCompletionPageConfiguration' ` - } | Where-Object -FilterScript {$null -ne $_.DisplayName} + } | Where-Object -FilterScript { $null -ne $_.DisplayName } } } #endregion @@ -166,7 +166,7 @@ function Get-TargetResource return $nullResult } - if($getValue -is [Array] -and $getValue.Length -gt 1) + if ($getValue -is [Array] -and $getValue.Length -gt 1) { Throw "The DisplayName {$DisplayName} returned multiple policies, make sure DisplayName is unique." } @@ -208,8 +208,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -406,11 +406,11 @@ function Set-TargetResource $policy = New-MgBetaDeviceManagementDeviceEnrollmentConfiguration -BodyParameter $CreateParameters $intuneAssignments = @() - if($null -ne $Assignments -and $Assignments.count -gt 0) + if ($null -ne $Assignments -and $Assignments.count -gt 0) { $intuneAssignments += ConvertTo-IntunePolicyAssignment -Assignments $Assignments } - $body = @{'enrollmentConfigurationAssignments' = $intuneAssignments} | ConvertTo-Json -Depth 100 + $body = @{'enrollmentConfigurationAssignments' = $intuneAssignments } | ConvertTo-Json -Depth 100 $Uri = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/deviceEnrollmentConfigurations/$($policy.Id)/assign" Invoke-MgGraphRequest -Method POST -Uri $Uri -Body $body -ErrorAction Stop @@ -444,11 +444,11 @@ function Set-TargetResource if ($currentInstance.Id -notlike '*_DefaultWindows10EnrollmentCompletionPageConfiguration') { $intuneAssignments = @() - if($null -ne $Assignments -and $Assignments.count -gt 0) + if ($null -ne $Assignments -and $Assignments.count -gt 0) { $intuneAssignments += ConvertTo-IntunePolicyAssignment -Assignments $Assignments } - $body = @{'enrollmentConfigurationAssignments' = $intuneAssignments} | ConvertTo-Json -Depth 100 + $body = @{'enrollmentConfigurationAssignments' = $intuneAssignments } | ConvertTo-Json -Depth 100 $Uri = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/deviceEnrollmentConfigurations/$($currentInstance.Id)/assign" Invoke-MgGraphRequest -Method POST -Uri $Uri -Body $body -ErrorAction Stop @@ -793,7 +793,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagementComplianceSettings/MSFT_IntuneDeviceManagementComplianceSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagementComplianceSettings/MSFT_IntuneDeviceManagementComplianceSettings.psm1 index 8fc3e91fd8..4768ea03b2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagementComplianceSettings/MSFT_IntuneDeviceManagementComplianceSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagementComplianceSettings/MSFT_IntuneDeviceManagementComplianceSettings.psm1 @@ -46,7 +46,7 @@ function Get-TargetResource $AccessTokens ) - Write-Verbose -Message "Checking for the Intune Device Management Compliance Settings" + Write-Verbose -Message 'Checking for the Intune Device Management Compliance Settings' $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` -InboundParameters $PSBoundParameters @@ -142,7 +142,7 @@ function Set-TargetResource $AccessTokens ) - Write-Verbose -Message "Updating the Intune Device Management Compliance Settings" + Write-Verbose -Message 'Updating the Intune Device Management Compliance Settings' $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` -InboundParameters $PSBoundParameters @@ -226,7 +226,7 @@ function Test-TargetResource #endregion $ValuesToCheck = $PSBoundParameters - Write-Verbose -Message "Testing configuration of Intune Device Management Compliance Settings" + Write-Verbose -Message 'Testing configuration of Intune Device Management Compliance Settings' $CurrentValues = Get-TargetResource @PSBoundParameters Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" @@ -308,16 +308,16 @@ function Export-TargetResource } $Results = Get-TargetResource @params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results + -Results $Results $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` - -ConnectionMode $ConnectionMode ` - -ModulePath $PSScriptRoot ` - -Results $Results ` - -Credential $Credential + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $Results ` + -Credential $Credential Save-M365DSCPartialExport -Content $currentDSCBlock ` - -FileName $Global:PartialExportFileName + -FileName $Global:PartialExportFileName Write-Host $Global:M365DSCEmojiGreenCheckMark return $currentDSCBlock @@ -325,7 +325,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagementEnrollmentAndroidGooglePlay/MSFT_IntuneDeviceManagementEnrollmentAndroidGooglePlay.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagementEnrollmentAndroidGooglePlay/MSFT_IntuneDeviceManagementEnrollmentAndroidGooglePlay.psm1 index 8f861afc3d..d5274b53e4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagementEnrollmentAndroidGooglePlay/MSFT_IntuneDeviceManagementEnrollmentAndroidGooglePlay.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagementEnrollmentAndroidGooglePlay/MSFT_IntuneDeviceManagementEnrollmentAndroidGooglePlay.psm1 @@ -92,27 +92,28 @@ function Get-TargetResource $allSettings = Get-MgBetaDeviceManagementAndroidManagedStoreAccountEnterpriseSetting $specificSetting = $allSettings | Where-Object { $_.id -eq $Id } - if (-not $specificSetting) { + if (-not $specificSetting) + { Write-Verbose "No Android Managed Store Account Enterprise Setting found with Id $Id." return $nullResult } $result = @{ - Id = $specificSetting.id - BindStatus = $specificSetting.bindStatus + Id = $specificSetting.id + BindStatus = $specificSetting.bindStatus # OwnerUserPrincipalName = $specificSetting.ownerUserPrincipalName # OwnerOrganizationName = $specificSetting.ownerOrganizationName # EnrollmentTarget = $specificSetting.enrollmentTarget # DeviceOwnerManagementEnabled = $specificSetting.deviceOwnerManagementEnabled # AndroidDeviceOwnerFullyManagedEnrollmentEnabled = $specificSetting.androidDeviceOwnerFullyManagedEnrollmentEnabled - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return $result @@ -224,10 +225,10 @@ function Set-TargetResource $dataSharingConsent = Get-MgBetaDeviceManagementDataSharingConsent -DataSharingConsentId 'androidManagedStore' if ($dataSharingConsent.granted -eq $false) { - Write-Verbose -Message "Consent not granted, requesting consent..." - $consentResult = Invoke-MgGraphRequest -Uri ($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/dataSharingConsents/androidManagedStore/consentToDataSharing") -Method 'POST' -Body @{ - DataSharingConsentId = "androidManagedStore" - } -ContentType "application/json" + Write-Verbose -Message 'Consent not granted, requesting consent...' + $consentResult = Invoke-MgGraphRequest -Uri ($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/deviceManagement/dataSharingConsents/androidManagedStore/consentToDataSharing') -Method 'POST' -Body @{ + DataSharingConsentId = 'androidManagedStore' + } -ContentType 'application/json' } # Request enrollment signup URL if necessary @@ -242,13 +243,13 @@ function Set-TargetResource # hostName = "intune.microsoft.com" # } -ContentType "application/json" - # return $nullResult + # return $nullResult # } } elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { - Write-Host "Remove the Intune Device Management Android Google Play Enrollment with Id {$($currentInstance.Id)}" - $unbindResult = Invoke-MgGraphRequest -Uri ($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/androidManagedStoreAccountEnterpriseSettings/unbind") -Method 'POST' -Body @{} -ContentType "application/json" + Write-Host "Remove the Intune Device Management Android Google Play Enrollment with Id {$($currentInstance.Id)}" + $unbindResult = Invoke-MgGraphRequest -Uri ($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/deviceManagement/androidManagedStoreAccountEnterpriseSettings/unbind') -Method 'POST' -Body @{} -ContentType 'application/json' } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagmentAndroidDeviceOwnerEnrollmentProfile/MSFT_IntuneDeviceManagmentAndroidDeviceOwnerEnrollmentProfile.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagmentAndroidDeviceOwnerEnrollmentProfile/MSFT_IntuneDeviceManagmentAndroidDeviceOwnerEnrollmentProfile.psm1 index 70fd240251..1595ccce2b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagmentAndroidDeviceOwnerEnrollmentProfile/MSFT_IntuneDeviceManagmentAndroidDeviceOwnerEnrollmentProfile.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceManagmentAndroidDeviceOwnerEnrollmentProfile/MSFT_IntuneDeviceManagmentAndroidDeviceOwnerEnrollmentProfile.psm1 @@ -138,13 +138,13 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($Id)) { - Write-Verbose -Message "Trying to retrieve profile by Id" + Write-Verbose -Message 'Trying to retrieve profile by Id' $androidDeviceOwnerEnrollmentProfile = Get-MgBetaDeviceManagementAndroidDeviceOwnerEnrollmentProfile ` -AndroidDeviceOwnerEnrollmentProfileId $Id } if ($null -eq $androidDeviceOwnerEnrollmentProfile) { - Write-Verbose -Message "Trying to retrieve profile by DisplayName" + Write-Verbose -Message 'Trying to retrieve profile by DisplayName' $androidDeviceOwnerEnrollmentProfile = Get-MgBetaDeviceManagementAndroidDeviceOwnerEnrollmentProfile ` -All ` -Filter "displayName eq '$DisplayName'" ` @@ -498,12 +498,12 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" $TestResult = Test-M365DSCParameterState ` - -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys + -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys - Write-Verbose -Message "Test-TargetResource returned $TestResult" + Write-Verbose -Message "Test-TargetResource returned $TestResult" return $TestResult } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceRemediation/MSFT_IntuneDeviceRemediation.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceRemediation/MSFT_IntuneDeviceRemediation.psm1 index ec8084c59f..44044a2ca2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceRemediation/MSFT_IntuneDeviceRemediation.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceRemediation/MSFT_IntuneDeviceRemediation.psm1 @@ -18,7 +18,7 @@ function Get-TargetResource $DetectionScriptParameters, [Parameter()] - [ValidateSet('deviceHealthScript','managedInstallerScript')] + [ValidateSet('deviceHealthScript', 'managedInstallerScript')] [System.String] $DeviceHealthScriptType, @@ -55,7 +55,7 @@ function Get-TargetResource $RunAs32Bit, [Parameter()] - [ValidateSet('system','user')] + [ValidateSet('system', 'user')] [System.String] $RunAsAccount, @@ -137,8 +137,8 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.DeviceHealthScriptType -eq "deviceHealthScript" ` - } + $_.DeviceHealthScriptType -eq 'deviceHealthScript' ` + } if ($null -ne $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceHealthScript -DeviceHealthScriptId $getValue.Id @@ -168,7 +168,7 @@ function Get-TargetResource { $myDetectionScriptParameters.Add('odataType', $currentDetectionScriptParameters.'@odata.type'.toString()) } - if ($myDetectionScriptParameters.values.Where({$null -ne $_}).count -gt 0) + if ($myDetectionScriptParameters.values.Where({ $null -ne $_ }).count -gt 0) { $complexDetectionScriptParameters += $myDetectionScriptParameters } @@ -187,7 +187,7 @@ function Get-TargetResource { $myRemediationScriptParameters.Add('odataType', $currentRemediationScriptParameters.'@odata.type'.toString()) } - if ($myRemediationScriptParameters.values.Where({$null -ne $_}).count -gt 0) + if ($myRemediationScriptParameters.values.Where({ $null -ne $_ }).count -gt 0) { $complexRemediationScriptParameters += $myRemediationScriptParameters } @@ -250,16 +250,16 @@ function Get-TargetResource $assignmentResult += @{ RunRemediationScript = $assignment.RunRemediationScript - RunSchedule = @{ + RunSchedule = @{ DataType = $assignment.RunSchedule.AdditionalProperties.'@odata.type' - Date = $assignment.RunSchedule.AdditionalProperties.date + Date = $assignment.RunSchedule.AdditionalProperties.date Interval = $assignment.RunSchedule.Interval - Time = $time - UseUtc = $assignment.RunSchedule.AdditionalProperties.useUtc + Time = $time + UseUtc = $assignment.RunSchedule.AdditionalProperties.useUtc } - Assignment = (ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments $assignment) | Select-Object -First 1 + Assignment = (ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments $assignment) | Select-Object -First 1 } } $results.Add('Assignments', $assignmentResult) @@ -297,7 +297,7 @@ function Set-TargetResource $DetectionScriptParameters, [Parameter()] - [ValidateSet('deviceHealthScript','managedInstallerScript')] + [ValidateSet('deviceHealthScript', 'managedInstallerScript')] [System.String] $DeviceHealthScriptType, @@ -334,7 +334,7 @@ function Set-TargetResource $RunAs32Bit, [Parameter()] - [ValidateSet('system','user')] + [ValidateSet('system', 'user')] [System.String] $RunAsAccount, @@ -400,7 +400,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Remediation with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).Clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -423,7 +423,8 @@ function Set-TargetResource { $assignmentTarget = ConvertTo-IntunePolicyAssignment -Assignments $assignment.Assignment $runSchedule = $null - if ($null -ne $assignment.RunSchedule.DataType) { + if ($null -ne $assignment.RunSchedule.DataType) + { $runSchedule = @{ '@odata.type' = $assignment.RunSchedule.DataType } @@ -446,8 +447,8 @@ function Set-TargetResource } $assignmentsHash += @{ runRemediationScript = $assignment.RunRemediationScript - runSchedule = $runSchedule - target = $assignmentTarget.target + runSchedule = $runSchedule + target = $assignmentTarget.target } } @@ -464,7 +465,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Remediation with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).Clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -477,10 +478,10 @@ function Set-TargetResource { Write-Warning -Message "The Intune Device Remediation with Id {$($currentInstance.Id)} is a global script and only few properties can be updated." $UpdateParameters = @{ - Id = $currentInstance.Id + Id = $currentInstance.Id RoleScopeTagIds = $RoleScopeTagIds - RunAs32Bit = $RunAs32Bit - RunAsAccount = $RunAsAccount + RunAs32Bit = $RunAs32Bit + RunAsAccount = $RunAsAccount } } @@ -502,7 +503,8 @@ function Set-TargetResource { $assignmentTarget = ConvertTo-IntunePolicyAssignment -Assignments $assignment.Assignment $runSchedule = $null - if ($null -ne $assignment.RunSchedule.DataType) { + if ($null -ne $assignment.RunSchedule.DataType) + { $runSchedule = @{ '@odata.type' = $assignment.RunSchedule.DataType } @@ -525,8 +527,8 @@ function Set-TargetResource } $assignmentsHash += @{ runRemediationScript = $assignment.RunRemediationScript - runSchedule = $runSchedule - target = $assignmentTarget.target + runSchedule = $runSchedule + target = $assignmentTarget.target } } $uri = "/beta/deviceManagement/deviceHealthScripts/$($currentInstance.Id)/assign" @@ -569,7 +571,7 @@ function Test-TargetResource $DetectionScriptParameters, [Parameter()] - [ValidateSet('deviceHealthScript','managedInstallerScript')] + [ValidateSet('deviceHealthScript', 'managedInstallerScript')] [System.String] $DeviceHealthScriptType, @@ -606,7 +608,7 @@ function Test-TargetResource $RunAs32Bit, [Parameter()] - [ValidateSet('system','user')] + [ValidateSet('system', 'user')] [System.String] $RunAsAccount, @@ -703,7 +705,7 @@ function Test-TargetResource if ($CurrentValues.IsGlobalScript) { - Write-Verbose -Message "Detected a global script, removing read-only properties from the comparison" + Write-Verbose -Message 'Detected a global script, removing read-only properties from the comparison' $ValuesToCheck.Remove('DetectionScriptContent') | Out-Null $ValuesToCheck.Remove('RemediationScriptContent') | Out-Null $ValuesToCheck.Remove('DetectionScriptParameters') | Out-Null @@ -820,7 +822,7 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ Id = $config.Id - DisplayName = $config.DisplayName + DisplayName = $config.DisplayName Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId @@ -866,14 +868,14 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'RunSchedule' + Name = 'RunSchedule' CimInstanceName = 'IntuneDeviceRemediationRunSchedule' - IsRequired = $false + IsRequired = $false } @{ - Name = 'Assignment' + Name = 'Assignment' CimInstanceName = 'DeviceManagementConfigurationPolicyAssignments' - IsRequired = $true + IsRequired = $true } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -897,18 +899,18 @@ function Export-TargetResource -Credential $Credential if ($Results.DetectionScriptParameters) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "DetectionScriptParameters" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'DetectionScriptParameters' -IsCIMArray:$True } if ($Results.RemediationScriptParameters) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "RemediationScriptParameters" -isCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'RemediationScriptParameters' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = (Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true).Replace("''", "'") - $currentDSCBlock = [Regex]::Replace($currentDSCBlock, "Assignment = '\r\n ", "Assignment = ") - $currentDSCBlock = $currentDSCBlock.Replace("RunSchedule = '", "RunSchedule = ").Replace("}'", "}") - $currentDSCBlock = [Regex]::Replace($currentDSCBlock, "\r\n '", "") + $currentDSCBlock = (Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true).Replace("''", "'") + $currentDSCBlock = [Regex]::Replace($currentDSCBlock, "Assignment = '\r\n ", 'Assignment = ') + $currentDSCBlock = $currentDSCBlock.Replace("RunSchedule = '", 'RunSchedule = ').Replace("}'", '}') + $currentDSCBlock = [Regex]::Replace($currentDSCBlock, "\r\n '", '') } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceRemediation/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceRemediation/settings.json index d2f13930e3..62a64d4989 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceRemediation/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceRemediation/settings.json @@ -1,51 +1,50 @@ { - "resourceName": "IntuneDeviceRemediation", - "description": "This resource configures an Intune Device Remediation.", - "permissions": { - "graph": { - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] + "resourceName": "IntuneDeviceRemediation", + "description": "This resource configures an Intune Device Remediation.", + "permissions": { + "graph": { + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } } } } - -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionMacOS/MSFT_IntuneDiskEncryptionMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionMacOS/MSFT_IntuneDiskEncryptionMacOS.psm1 index 71edcbbfde..282ecce2df 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionMacOS/MSFT_IntuneDiskEncryptionMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionMacOS/MSFT_IntuneDiskEncryptionMacOS.psm1 @@ -131,7 +131,7 @@ function Get-TargetResource -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` $_.TemplateId -eq 'a239407c-698d-4ef8-b314-e3ae409204b8' ` - } + } } } #endregion @@ -149,10 +149,10 @@ function Get-TargetResource -ErrorAction Stop $results = @{ - Description = $getValue.Description - DisplayName = $getValue.DisplayName - RoleScopeTagIds = $getValue.RoleScopeTagIds - Id = $getValue.Id + Description = $getValue.Description + DisplayName = $getValue.DisplayName + RoleScopeTagIds = $getValue.RoleScopeTagIds + Id = $getValue.Id } foreach ($setting in $settings) @@ -177,8 +177,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -347,7 +347,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/intents' } @@ -362,7 +362,7 @@ function Set-TargetResource throw 'AllowDeferralUntilSignOut must be $true' } - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $BoundParameters.Remove('Id') | Out-Null $BoundParameters.Remove('DisplayName') | Out-Null $BoundParameters.Remove('Description') | Out-Null @@ -655,7 +655,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.TemplateId -eq 'a239407c-698d-4ef8-b314-e3ae409204b8' ` - } + } #endregion $i = 1 @@ -683,7 +683,7 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ Id = $config.Id - DisplayName = $config.DisplayName + DisplayName = $config.DisplayName Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId @@ -716,7 +716,7 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionMacOS/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionMacOS/settings.json index 404582571b..baa8340884 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionMacOS/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionMacOS/settings.json @@ -1,7 +1,7 @@ { - "resourceName": "IntuneDiskEncryptionMacOS", - "description": "This resource configures an Intune Disk Encryption for macOS.", - "permissions": { + "resourceName": "IntuneDiskEncryptionMacOS", + "description": "This resource configures an Intune Disk Encryption for macOS.", + "permissions": { "graph": { "delegated": { "read": [ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionPDEPolicyWindows10/MSFT_IntuneDiskEncryptionPDEPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionPDEPolicyWindows10/MSFT_IntuneDiskEncryptionPDEPolicyWindows10.psm1 index c58bc20a13..ae6b01ee6c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionPDEPolicyWindows10/MSFT_IntuneDiskEncryptionPDEPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionPDEPolicyWindows10/MSFT_IntuneDiskEncryptionPDEPolicyWindows10.psm1 @@ -102,7 +102,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -277,7 +277,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Disk Encryption PDE Policy for Windows10 with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -308,7 +308,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Disk Encryption PDE Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -555,14 +555,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "0b5708d9-9bc2-49a9-b4f7-ec463fcc41e0_1" + $policyTemplateID = '0b5708d9-9bc2-49a9-b4f7-ec463fcc41e0_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -588,16 +588,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -625,7 +625,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionPDEPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionPDEPolicyWindows10/settings.json index ff57f9891a..6dc697eb6b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionPDEPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionPDEPolicyWindows10/settings.json @@ -1,44 +1,44 @@ { - "resourceName":"IntuneDiskEncryptionPDEPolicyWindows10", - "description":"This resource configures an Intune Disk Encryption P D E Policy for Windows10.", - "permissions":{ - "graph":{ - "application":{ - "update":[ - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name":"Group.Read.All" - } - ], - "read":[ - { - "name":"DeviceManagementConfiguration.Read.All" - }, - { - "name":"Group.Read.All" - } - ] - }, - "delegated":{ - "update":[ - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name":"Group.Read.All" - } - ], - "read":[ - { - "name":"DeviceManagementConfiguration.Read.All" - }, - { - "name":"Group.Read.All" - } - ] - } - } - } -} \ No newline at end of file + "resourceName": "IntuneDiskEncryptionPDEPolicyWindows10", + "description": "This resource configures an Intune Disk Encryption P D E Policy for Windows10.", + "permissions": { + "graph": { + "application": { + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ], + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ] + }, + "delegated": { + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ], + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ] + } + } + } +} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionWindows10/MSFT_IntuneDiskEncryptionWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionWindows10/MSFT_IntuneDiskEncryptionWindows10.psm1 index 744e8f6fec..5a3308a7f8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionWindows10/MSFT_IntuneDiskEncryptionWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionWindows10/MSFT_IntuneDiskEncryptionWindows10.psm1 @@ -358,7 +358,7 @@ function Get-TargetResource $templateReferenceId = '46ddfc50-d10f-4867-b852-9434254b3bff_1' $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -787,7 +787,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Disk Encryption for Windows10 with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -818,7 +818,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Disk Encryption for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -1320,14 +1320,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "46ddfc50-d10f-4867-b852-9434254b3bff_1" + $policyTemplateID = '46ddfc50-d10f-4867-b852-9434254b3bff_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -1354,7 +1354,7 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ Id = $config.Id - DisplayName = $config.Name + DisplayName = $config.Name Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId @@ -1390,7 +1390,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionWindows10/settings.json index c0b019f8fb..74b65206fd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDiskEncryptionWindows10/settings.json @@ -1,41 +1,41 @@ { - "resourceName":"IntuneDiskEncryptionWindows10", - "description":"This resource configures an Intune Disk Encryption for Windows10.", - "permissions":{ - "graph":{ - "delegated":{ - "read":[ + "resourceName": "IntuneDiskEncryptionWindows10", + "description": "This resource configures an Intune Disk Encryption for Windows10.", + "permissions": { + "graph": { + "delegated": { + "read": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.Read.All" + "name": "DeviceManagementConfiguration.Read.All" } ], - "update":[ + "update": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.ReadWrite.All" + "name": "DeviceManagementConfiguration.ReadWrite.All" } ] }, - "application":{ - "read":[ + "application": { + "read": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.Read.All" + "name": "DeviceManagementConfiguration.Read.All" } ], - "update":[ + "update": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.ReadWrite.All" + "name": "DeviceManagementConfiguration.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux.psm1 index 5016b661fc..9a7af96373 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux.psm1 @@ -91,7 +91,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -254,7 +254,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Endpoint Detection And Response Policy Linux with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -285,7 +285,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Endpoint Detection And Response Policy Linux with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -521,14 +521,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "3514388a-d4d1-4aa8-bd64-c317776008f5_1" + $policyTemplateID = '3514388a-d4d1-4aa8-bd64-c317776008f5_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -555,7 +555,7 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ Id = $config.Id - DisplayName = $config.Name + DisplayName = $config.Name Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId @@ -591,7 +591,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux/settings.json index 33f7eaeed0..999f74654d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyLinux/settings.json @@ -1,44 +1,44 @@ { - "resourceName":"IntuneEndpointDetectionAndResponsePolicyLinux", - "description":"This resource configures an Intune Endpoint Detection And Response Policy Linux.", - "permissions":{ - "graph":{ - "delegated":{ - "read":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.Read.All" - } - ], - "update":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application":{ - "read":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.Read.All" - } - ], - "update":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } - } + "resourceName": "IntuneEndpointDetectionAndResponsePolicyLinux", + "description": "This resource configures an Intune Endpoint Detection And Response Policy Linux.", + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS.psm1 index 3f4a5089cb..96d87c2a83 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS.psm1 @@ -91,7 +91,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -254,7 +254,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Endpoint Detection And Response Policy MacOS with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -285,7 +285,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Endpoint Detection And Response Policy MacOS with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -521,14 +521,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "a6ff37f6-c841-4264-9249-1ecf793d94ef_1" + $policyTemplateID = 'a6ff37f6-c841-4264-9249-1ecf793d94ef_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -555,7 +555,7 @@ function Export-TargetResource Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ Id = $config.Id - DisplayName = $config.Name + DisplayName = $config.Name Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId @@ -591,7 +591,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS/settings.json index 73dac608fe..e02b666929 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyMacOS/settings.json @@ -1,44 +1,44 @@ { - "resourceName":"IntuneEndpointDetectionAndResponsePolicyMacOS", - "description":"This resource configures an Intune Endpoint Detection And Response Policy MacOS.", - "permissions":{ - "graph":{ - "delegated":{ - "read":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.Read.All" - } - ], - "update":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application":{ - "read":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.Read.All" - } - ], - "update":[ - { - "name": "Group.Read.All" - }, - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } - } + "resourceName": "IntuneEndpointDetectionAndResponsePolicyMacOS", + "description": "This resource configures an Intune Endpoint Detection And Response Policy MacOS.", + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyWindows10/MSFT_IntuneEndpointDetectionAndResponsePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyWindows10/MSFT_IntuneEndpointDetectionAndResponsePolicyWindows10.psm1 index 1da87bb3d1..f4dde4c6ff 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyWindows10/MSFT_IntuneEndpointDetectionAndResponsePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneEndpointDetectionAndResponsePolicyWindows10/MSFT_IntuneEndpointDetectionAndResponsePolicyWindows10.psm1 @@ -315,7 +315,7 @@ function Set-TargetResource } #region resource generator code - $policy = New-MgBetaDeviceManagementConfigurationPolicy -bodyParameter $createParameters + $policy = New-MgBetaDeviceManagementConfigurationPolicy -BodyParameter $createParameters if ($policy.Id) { @@ -575,8 +575,8 @@ function Export-TargetResource -Filter $Filter ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } if ($policies.Length -eq 0) { @@ -633,7 +633,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -647,8 +647,8 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Unable to perform redirect as Location Header is not set in response*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Unable to perform redirect as Location Header is not set in response*' -or ` + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog.psm1 index 290f1129e0..73b4515c4c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog.psm1 @@ -130,8 +130,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $returnHashtable.Add('Assignments', $assignmentResult) @@ -418,7 +418,7 @@ function Test-TargetResource { $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - if ($key -eq "Assignments") + if ($key -eq 'Assignments') { $testResult = Compare-M365DSCIntunePolicyAssignment ` -Source $source ` @@ -446,8 +446,8 @@ function Test-TargetResource # Ignore line breaks and carriage returns if ($testResult -and $ValuesToCheck.Contains('ExploitProtectionSettings')) { - $desired = ($ExploitProtectionSettings -replace "`r","") -replace "`n","" - $current = ($CurrentValues.ExploitProtectionSettings -replace "`r","") -replace "`n","" + $desired = ($ExploitProtectionSettings -replace "`r", '') -replace "`n", '' + $current = ($CurrentValues.ExploitProtectionSettings -replace "`r", '') -replace "`n", '' $testResult = $desired -eq $current $ValuesToCheck.Remove('ExploitProtectionSettings') | Out-Null } @@ -588,7 +588,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -603,7 +603,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallPolicyWindows10/MSFT_IntuneFirewallPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallPolicyWindows10/MSFT_IntuneFirewallPolicyWindows10.psm1 index 1cc9955b19..143dd5854a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallPolicyWindows10/MSFT_IntuneFirewallPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallPolicyWindows10/MSFT_IntuneFirewallPolicyWindows10.psm1 @@ -467,7 +467,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -1006,7 +1006,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Firewall Policy for Windows10 with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -1037,7 +1037,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Firewall Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -1649,14 +1649,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "6078910e-d808-4a9f-a51d-1b8a7bacb7c0_1" + $policyTemplateID = '6078910e-d808-4a9f-a51d-1b8a7bacb7c0_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -1682,16 +1682,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -1719,7 +1719,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallPolicyWindows10/settings.json index 293b222bff..1b813d14b7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallPolicyWindows10/settings.json @@ -1,45 +1,44 @@ { - "resourceName": "IntuneFirewallPolicyWindows10", - "description": "This resource configures an Intune Firewall Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ], - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ] - }, - "application": { - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ], - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ] + "resourceName": "IntuneFirewallPolicyWindows10", + "description": "This resource configures an Intune Firewall Policy for Windows10.", + "permissions": { + "graph": { + "delegated": { + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ], + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ] + }, + "application": { + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ], + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ] + } } } } - -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesHyperVPolicyWindows10/MSFT_IntuneFirewallRulesHyperVPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesHyperVPolicyWindows10/MSFT_IntuneFirewallRulesHyperVPolicyWindows10.psm1 index c1cd1f57a0..79536879db 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesHyperVPolicyWindows10/MSFT_IntuneFirewallRulesHyperVPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesHyperVPolicyWindows10/MSFT_IntuneFirewallRulesHyperVPolicyWindows10.psm1 @@ -86,7 +86,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -128,7 +128,7 @@ function Get-TargetResource { $myFirewallRuleName.Add($key, $currentFirewallRuleName[$key]) } - if ($myFirewallRuleName.values.Where({$null -ne $_}).Count -gt 0) + if ($myFirewallRuleName.values.Where({ $null -ne $_ }).Count -gt 0) { $complexFirewallRuleName += $myFirewallRuleName } @@ -263,7 +263,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Firewall Rules Hyper-V Policy for Windows10 with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -294,7 +294,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Firewall Rules Hyper-V Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -525,14 +525,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "a5481c22-7a2a-4f59-a33e-6eee30d02f94_1" + $policyTemplateID = 'a5481c22-7a2a-4f59-a33e-6eee30d02f94_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -558,16 +558,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -608,12 +608,12 @@ function Export-TargetResource -Credential $Credential if ($Results.FirewallRuleName) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "FirewallRuleName" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'FirewallRuleName' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesHyperVPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesHyperVPolicyWindows10/settings.json index f2f3cc8cdf..6483737b9c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesHyperVPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesHyperVPolicyWindows10/settings.json @@ -1,44 +1,44 @@ { - "resourceName":"IntuneFirewallRulesHyperVPolicyWindows10", - "description":"This resource configures an Intune Firewall Rules Hyper-V Policy for Windows10.", - "permissions":{ - "graph":{ - "delegated":{ - "read":[ - { - "name":"DeviceManagementConfiguration.Read.All" - }, - { - "name":"Group.Read.All" - } - ], - "update":[ - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name":"Group.Read.All" - } - ] - }, - "application":{ - "read":[ - { - "name":"DeviceManagementConfiguration.Read.All" - }, - { - "name":"Group.Read.All" - } - ], - "update":[ - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name":"Group.Read.All" - } - ] - } - } - } -} \ No newline at end of file + "resourceName": "IntuneFirewallRulesHyperVPolicyWindows10", + "description": "This resource configures an Intune Firewall Rules Hyper-V Policy for Windows10.", + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ] + }, + "application": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ] + } + } + } +} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10/MSFT_IntuneFirewallRulesPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10/MSFT_IntuneFirewallRulesPolicyWindows10.psm1 index bf0f395f72..6fe340d3e6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10/MSFT_IntuneFirewallRulesPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10/MSFT_IntuneFirewallRulesPolicyWindows10.psm1 @@ -86,7 +86,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -144,7 +144,7 @@ function Get-TargetResource $myFirewallRuleName.Add('RemoteAddressDynamicKeywords', $currentFirewallRuleName.remoteAddressDynamicKeywords) $myFirewallRuleName.Add('Protocol', $currentFirewallRuleName.protocol) $myFirewallRuleName.Add('IcmpTypesAndCodes', $currentFirewallRuleName.icmpTypesAndCodes) - if ($myFirewallRuleName.values.Where({$null -ne $_}).Count -gt 0) + if ($myFirewallRuleName.values.Where({ $null -ne $_ }).Count -gt 0) { $complexFirewallRuleName += $myFirewallRuleName } @@ -279,7 +279,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Firewall Rules Policy for Windows10 with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -310,7 +310,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Firewall Rules Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -541,14 +541,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "19c8aa67-f286-4861-9aa0-f23541d31680_1" + $policyTemplateID = '19c8aa67-f286-4861-9aa0-f23541d31680_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -574,16 +574,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -624,12 +624,12 @@ function Export-TargetResource -Credential $Credential if ($Results.FirewallRuleName) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "FirewallRuleName" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'FirewallRuleName' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10/settings.json index b586b4a5a3..d417bb6739 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10/settings.json @@ -1,44 +1,44 @@ { - "resourceName":"IntuneFirewallRulesPolicyWindows10", - "description":"This resource configures an Intune Firewall Rules Policy for Windows10.", - "permissions":{ - "graph":{ - "delegated":{ - "read":[ - { - "name":"DeviceManagementConfiguration.Read.All" - }, - { - "name":"Group.Read.All" - } - ], - "update":[ - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name":"Group.Read.All" - } - ] - }, - "application":{ - "read":[ - { - "name":"DeviceManagementConfiguration.Read.All" - }, - { - "name":"Group.Read.All" - } - ], - "update":[ - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name":"Group.Read.All" - } - ] - } - } - } -} \ No newline at end of file + "resourceName": "IntuneFirewallRulesPolicyWindows10", + "description": "This resource configures an Intune Firewall Rules Policy for Windows10.", + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ] + }, + "application": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ] + } + } + } +} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr.psm1 index 6ae0abfd01..652b8b094b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr.psm1 @@ -88,7 +88,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -130,7 +130,7 @@ function Get-TargetResource { $myFirewallRuleName.Add($key, $currentFirewallRuleName.$key) } - if ($myFirewallRuleName.values.Where({$null -ne $_}).Count -gt 0) + if ($myFirewallRuleName.values.Where({ $null -ne $_ }).Count -gt 0) { $complexFirewallRuleName += $myFirewallRuleName } @@ -267,7 +267,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Firewall Rules Policy for Windows10 ConfigMgr with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -298,7 +298,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Firewall Rules Policy for Windows10 ConfigMgr with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -529,14 +529,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "48da42ed-5df7-485e-8b9d-4844ed5a92bd_1" + $policyTemplateID = '48da42ed-5df7-485e-8b9d-4844ed5a92bd_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -562,16 +562,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -612,12 +612,12 @@ function Export-TargetResource -Credential $Credential if ($Results.FirewallRuleName) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "FirewallRuleName" -IsCIMArray:$True + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'FirewallRuleName' -IsCIMArray:$True } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr/settings.json index 5f53802e6a..e21afc91c4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneFirewallRulesPolicyWindows10ConfigMgr/settings.json @@ -1,44 +1,44 @@ { - "resourceName":"IntuneFirewallRulesPolicyWindows10ConfigMgr", - "description":"This resource configures an Intune Firewall Rules Policy for Windows10 ConfigMgr.", - "permissions":{ - "graph":{ - "delegated":{ - "update":[ - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name":"Group.Read.All" - } - ], - "read":[ - { - "name":"DeviceManagementConfiguration.Read.All" - }, - { - "name":"Group.Read.All" - } - ] - }, - "application":{ - "update":[ - { - "name":"DeviceManagementConfiguration.ReadWrite.All" - }, - { - "name":"Group.Read.All" - } - ], - "read":[ - { - "name":"DeviceManagementConfiguration.Read.All" - }, - { - "name":"Group.Read.All" - } - ] - } - } - } -} \ No newline at end of file + "resourceName": "IntuneFirewallRulesPolicyWindows10ConfigMgr", + "description": "This resource configures an Intune Firewall Rules Policy for Windows10 ConfigMgr.", + "permissions": { + "graph": { + "delegated": { + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ], + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ] + }, + "application": { + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + }, + { + "name": "Group.Read.All" + } + ], + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + }, + { + "name": "Group.Read.All" + } + ] + } + } + } +} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileAppsMacOSLobApp/MSFT_IntuneMobileAppsMacOSLobApp.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileAppsMacOSLobApp/MSFT_IntuneMobileAppsMacOSLobApp.psm1 index 59278dd90c..17eef55b35 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileAppsMacOSLobApp/MSFT_IntuneMobileAppsMacOSLobApp.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileAppsMacOSLobApp/MSFT_IntuneMobileAppsMacOSLobApp.psm1 @@ -146,7 +146,7 @@ function Get-TargetResource try { $instance = Get-MgBetaDeviceAppManagementMobileApp -MobileAppId $Id ` - -ExpandProperty "categories" ` + -ExpandProperty 'categories' ` -ErrorAction SilentlyContinue if ($null -eq $instance) @@ -164,7 +164,7 @@ function Get-TargetResource if ($null -ne $instance) { $instance = Get-MgBetaDeviceAppManagementMobileApp -MobileAppId $instance.Id ` - -ExpandProperty "categories" ` + -ExpandProperty 'categories' ` -ErrorAction SilentlyContinue $Id = $instance.Id } @@ -208,7 +208,7 @@ function Get-TargetResource $complexMinimumSupportedOperatingSystem = @{} if ($null -ne $instance.AdditionalProperties.minimumSupportedOperatingSystem) { - $instance.AdditionalProperties.minimumSupportedOperatingSystem.GetEnumerator() | Foreach-Object { + $instance.AdditionalProperties.minimumSupportedOperatingSystem.GetEnumerator() | ForEach-Object { if ($_.Value) # Values are either true or false. Only export the true value. { $complexMinimumSupportedOperatingSystem.Add($_.Key, $_.Value) @@ -253,8 +253,8 @@ function Get-TargetResource if ($null -ne $appAssignments -and $appAssignments.count -gt 0) { $resultAssignments += ConvertFrom-IntuneMobileAppAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($appAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($appAssignments) } $results.Add('Assignments', $resultAssignments) @@ -485,8 +485,22 @@ function Set-TargetResource $UpdateParameters.Add('@odata.type', '#microsoft.graph.macOSLobApp') Update-MgBetaDeviceAppManagementMobileApp -MobileAppId $currentInstance.Id -BodyParameter $UpdateParameters - [array]$referenceObject = if ($null -ne $currentInstance.Categories.DisplayName) { $currentInstance.Categories.DisplayName } else { ,@() } - [array]$differenceObject = if ($null -ne $Categories.DisplayName) { $Categories.DisplayName } else { ,@() } + [array]$referenceObject = if ($null -ne $currentInstance.Categories.DisplayName) + { + $currentInstance.Categories.DisplayName + } + else + { + , @() + } + [array]$differenceObject = if ($null -ne $Categories.DisplayName) + { + $Categories.DisplayName + } + else + { + , @() + } $delta = Compare-Object -ReferenceObject $referenceObject -DifferenceObject $differenceObject -PassThru foreach ($diff in $delta) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileAppsWindowsOfficeSuiteApp/MSFT_IntuneMobileAppsWindowsOfficeSuiteApp.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileAppsWindowsOfficeSuiteApp/MSFT_IntuneMobileAppsWindowsOfficeSuiteApp.psm1 index 7979ebe48b..ae5cde27a3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileAppsWindowsOfficeSuiteApp/MSFT_IntuneMobileAppsWindowsOfficeSuiteApp.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileAppsWindowsOfficeSuiteApp/MSFT_IntuneMobileAppsWindowsOfficeSuiteApp.psm1 @@ -163,7 +163,7 @@ function Get-TargetResource try { $instance = Get-MgBetaDeviceAppManagementMobileApp -MobileAppId $Id ` - -ExpandProperty "categories" ` + -ExpandProperty 'categories' ` -ErrorAction SilentlyContinue if ($null -eq $instance) @@ -181,7 +181,7 @@ function Get-TargetResource if ($null -ne $instance) { $instance = Get-MgBetaDeviceAppManagementMobileApp -MobileAppId $instance.Id ` - -ExpandProperty "categories" ` + -ExpandProperty 'categories' ` -ErrorAction SilentlyContinue $Id = $instance.Id } @@ -208,7 +208,7 @@ function Get-TargetResource $complexExcludedApps = @{} if ($null -ne $instance.AdditionalProperties.excludedApps) { - $instance.AdditionalProperties.excludedApps.GetEnumerator() | Foreach-Object { + $instance.AdditionalProperties.excludedApps.GetEnumerator() | ForEach-Object { $complexExcludedApps.Add($_.Key, $_.Value) } } @@ -221,37 +221,37 @@ function Get-TargetResource # } $results = @{ - Id = $instance.Id - DisplayName = $instance.DisplayName - Description = $instance.Description - IsFeatured = $instance.IsFeatured - PrivacyInformationUrl = $instance.PrivacyInformationUrl - InformationUrl = $instance.InformationUrl - Notes = $instance.Notes - RoleScopeTagIds = $instance.RoleScopeTagIds - AutoAcceptEula = $instance.AdditionalProperties.autoAcceptEula - ProductIds = $instance.AdditionalProperties.productIds - UseSharedComputerActivation = $instance.AdditionalProperties.useSharedComputerActivation - UpdateChannel = $instance.AdditionalProperties.updateChannel - OfficeSuiteAppDefaultFileFormat = $instance.AdditionalProperties.officeSuiteAppDefaultFileFormat - OfficePlatformArchitecture = $instance.AdditionalProperties.officePlatformArchitecture - LocalesToInstall = $instance.AdditionalProperties.localesToInstall - InstallProgressDisplayLevel = $instance.AdditionalProperties.installProgressDisplayLevel + Id = $instance.Id + DisplayName = $instance.DisplayName + Description = $instance.Description + IsFeatured = $instance.IsFeatured + PrivacyInformationUrl = $instance.PrivacyInformationUrl + InformationUrl = $instance.InformationUrl + Notes = $instance.Notes + RoleScopeTagIds = $instance.RoleScopeTagIds + AutoAcceptEula = $instance.AdditionalProperties.autoAcceptEula + ProductIds = $instance.AdditionalProperties.productIds + UseSharedComputerActivation = $instance.AdditionalProperties.useSharedComputerActivation + UpdateChannel = $instance.AdditionalProperties.updateChannel + OfficeSuiteAppDefaultFileFormat = $instance.AdditionalProperties.officeSuiteAppDefaultFileFormat + OfficePlatformArchitecture = $instance.AdditionalProperties.officePlatformArchitecture + LocalesToInstall = $instance.AdditionalProperties.localesToInstall + InstallProgressDisplayLevel = $instance.AdditionalProperties.installProgressDisplayLevel ShouldUninstallOlderVersionsOfOffice = $instance.AdditionalProperties.shouldUninstallOlderVersionsOfOffice - TargetVersion = $instance.AdditionalProperties.targetVersion - UpdateVersion = $instance.AdditionalProperties.updateVersion - OfficeConfigurationXml = $instance.AdditionalProperties.officeConfigurationXml + TargetVersion = $instance.AdditionalProperties.targetVersion + UpdateVersion = $instance.AdditionalProperties.updateVersion + OfficeConfigurationXml = $instance.AdditionalProperties.officeConfigurationXml # LargeIcon = $complexLargeIcon - ExcludedApps = $complexExcludedApps - Categories = $complexCategories - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ExcludedApps = $complexExcludedApps + Categories = $complexCategories + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } #Assignments @@ -260,12 +260,14 @@ function Get-TargetResource if ($null -ne $appAssignments -and $appAssignments.count -gt 0) { $convertedAssignments = ConvertFrom-IntuneMobileAppAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($appAssignments) + -IncludeDeviceFilter:$true ` + -Assignments ($appAssignments) # Filter out 'source' from the assignment objects - foreach ($assignment in $convertedAssignments) { - if ($assignment.ContainsKey('source')) { + foreach ($assignment in $convertedAssignments) + { + if ($assignment.ContainsKey('source')) + { $assignment.Remove('source') } } @@ -291,7 +293,7 @@ function Get-TargetResource function Set-TargetResource { [CmdletBinding()] - param + param ( #region Intune resource parameters @@ -522,8 +524,22 @@ function Set-TargetResource $UpdateParameters.Add('@odata.type', '#microsoft.graph.officeSuiteApp') Update-MgBetaDeviceAppManagementMobileApp -MobileAppId $currentInstance.Id -BodyParameter $UpdateParameters - [array]$referenceObject = if ($null -ne $currentInstance.Categories.DisplayName) { $currentInstance.Categories.DisplayName } else { ,@() } - [array]$differenceObject = if ($null -ne $Categories.DisplayName) { $Categories.DisplayName } else { ,@() } + [array]$referenceObject = if ($null -ne $currentInstance.Categories.DisplayName) + { + $currentInstance.Categories.DisplayName + } + else + { + , @() + } + [array]$differenceObject = if ($null -ne $Categories.DisplayName) + { + $Categories.DisplayName + } + else + { + , @() + } $delta = Compare-Object -ReferenceObject $referenceObject -DifferenceObject $differenceObject -PassThru foreach ($diff in $delta) { @@ -571,7 +587,7 @@ function Test-TargetResource { [CmdletBinding()] [OutputType([System.Boolean])] - param + param ( #region Intune resource parameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileThreatDefenseConnector/MSFT_IntuneMobileThreatDefenseConnector.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileThreatDefenseConnector/MSFT_IntuneMobileThreatDefenseConnector.psm1 index cf77e04f5b..a9bbed5e3e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileThreatDefenseConnector/MSFT_IntuneMobileThreatDefenseConnector.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneMobileThreatDefenseConnector/MSFT_IntuneMobileThreatDefenseConnector.psm1 @@ -134,7 +134,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } else { @@ -154,7 +154,7 @@ function Get-TargetResource $connectorId = (Get-MobileThreatDefenseConnectorIdOrDisplayName -DisplayName $DisplayName).Id $instance = Get-MgBetaDeviceManagementMobileThreatDefenseConnector ` -MobileThreatDefenseConnectorId $connectorId - -ErrorAction SilentlyContinue + -ErrorAction SilentlyContinue } if ($null -eq $instance) @@ -164,39 +164,39 @@ function Get-TargetResource } } - if([string]::IsNullOrEmpty($DisplayName)) + if ([string]::IsNullOrEmpty($DisplayName)) { $DisplayName = (Get-MobileThreatDefenseConnectorIdOrDisplayName -Id $instance.Id).DisplayName } $results = @{ - Id = $instance.Id - DisplayName = $DisplayName - ResponseHeadersVariable = $instance.ResponseHeadersVariable - AllowPartnerToCollectIosApplicationMetadata = $instance.AllowPartnerToCollectIosApplicationMetadata + Id = $instance.Id + DisplayName = $DisplayName + ResponseHeadersVariable = $instance.ResponseHeadersVariable + AllowPartnerToCollectIosApplicationMetadata = $instance.AllowPartnerToCollectIosApplicationMetadata AllowPartnerToCollectIosPersonalApplicationMetadata = $instance.AllowPartnerToCollectIosPersonalApplicationMetadata - AndroidDeviceBlockedOnMissingPartnerData = $instance.AndroidDeviceBlockedOnMissingPartnerData - AndroidEnabled = $instance.AndroidEnabled - AndroidMobileApplicationManagementEnabled = $instance.AndroidMobileApplicationManagementEnabled - IosDeviceBlockedOnMissingPartnerData = $instance.IosDeviceBlockedOnMissingPartnerData - IosEnabled = $instance.IosEnabled - IosMobileApplicationManagementEnabled = $instance.IosMobileApplicationManagementEnabled - LastHeartbeatDateTime = $instance.LastHeartbeatDateTime - MicrosoftDefenderForEndpointAttachEnabled = $instance.MicrosoftDefenderForEndpointAttachEnabled - PartnerState = $instance.PartnerState.ToString() - PartnerUnresponsivenessThresholdInDays = $instance.PartnerUnresponsivenessThresholdInDays - PartnerUnsupportedOSVersionBlocked = $instance.PartnerUnsupportedOSVersionBlocked - WindowsDeviceBlockedOnMissingPartnerData = $instance.WindowsDeviceBlockedOnMissingPartnerData - WindowsEnabled = $instance.WindowsEnabled - - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + AndroidDeviceBlockedOnMissingPartnerData = $instance.AndroidDeviceBlockedOnMissingPartnerData + AndroidEnabled = $instance.AndroidEnabled + AndroidMobileApplicationManagementEnabled = $instance.AndroidMobileApplicationManagementEnabled + IosDeviceBlockedOnMissingPartnerData = $instance.IosDeviceBlockedOnMissingPartnerData + IosEnabled = $instance.IosEnabled + IosMobileApplicationManagementEnabled = $instance.IosMobileApplicationManagementEnabled + LastHeartbeatDateTime = $instance.LastHeartbeatDateTime + MicrosoftDefenderForEndpointAttachEnabled = $instance.MicrosoftDefenderForEndpointAttachEnabled + PartnerState = $instance.PartnerState.ToString() + PartnerUnresponsivenessThresholdInDays = $instance.PartnerUnresponsivenessThresholdInDays + PartnerUnsupportedOSVersionBlocked = $instance.PartnerUnsupportedOSVersionBlocked + WindowsDeviceBlockedOnMissingPartnerData = $instance.WindowsDeviceBlockedOnMissingPartnerData + WindowsEnabled = $instance.WindowsEnabled + + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results @@ -575,32 +575,32 @@ function Export-TargetResource $displayedKey = $config.Id Write-Host " |---[$i/$($Script:exportedInstances.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - AllowPartnerToCollectIosApplicationMetadata = $config.AllowPartnerToCollectIosApplicationMetadata + Id = $config.Id + DisplayName = $config.DisplayName + AllowPartnerToCollectIosApplicationMetadata = $config.AllowPartnerToCollectIosApplicationMetadata AllowPartnerToCollectIosPersonalApplicationMetadata = $config.AllowPartnerToCollectIosPersonalApplicationMetadata - AndroidDeviceBlockedOnMissingPartnerData = $config.AndroidDeviceBlockedOnMissingPartnerData - AndroidEnabled = $config.AndroidEnabled - AndroidMobileApplicationManagementEnabled = $config.AndroidMobileApplicationManagementEnabled - IosDeviceBlockedOnMissingPartnerData = $config.IosDeviceBlockedOnMissingPartnerData - IosEnabled = $config.IosEnabled - IosMobileApplicationManagementEnabled = $config.IosMobileApplicationManagementEnabled - LastHeartbeatDateTime = $config.LastHeartbeatDateTime - MicrosoftDefenderForEndpointAttachEnabled = $config.MicrosoftDefenderForEndpointAttachEnabled - PartnerState = $config.PartnerState.ToString() - PartnerUnresponsivenessThresholdInDays = $config.PartnerUnresponsivenessThresholdInDays - PartnerUnsupportedOSVersionBlocked = $config.PartnerUnsupportedOSVersionBlocked - WindowsDeviceBlockedOnMissingPartnerData = $config.WindowsDeviceBlockedOnMissingPartnerData - WindowsEnabled = $config.WindowsEnabled - - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + AndroidDeviceBlockedOnMissingPartnerData = $config.AndroidDeviceBlockedOnMissingPartnerData + AndroidEnabled = $config.AndroidEnabled + AndroidMobileApplicationManagementEnabled = $config.AndroidMobileApplicationManagementEnabled + IosDeviceBlockedOnMissingPartnerData = $config.IosDeviceBlockedOnMissingPartnerData + IosEnabled = $config.IosEnabled + IosMobileApplicationManagementEnabled = $config.IosMobileApplicationManagementEnabled + LastHeartbeatDateTime = $config.LastHeartbeatDateTime + MicrosoftDefenderForEndpointAttachEnabled = $config.MicrosoftDefenderForEndpointAttachEnabled + PartnerState = $config.PartnerState.ToString() + PartnerUnresponsivenessThresholdInDays = $config.PartnerUnresponsivenessThresholdInDays + PartnerUnsupportedOSVersionBlocked = $config.PartnerUnsupportedOSVersionBlocked + WindowsDeviceBlockedOnMissingPartnerData = $config.WindowsDeviceBlockedOnMissingPartnerData + WindowsEnabled = $config.WindowsEnabled + + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -636,7 +636,8 @@ function Export-TargetResource #region Helper functions -function Get-MobileThreatDefenseConnectorIdOrDisplayName { +function Get-MobileThreatDefenseConnectorIdOrDisplayName +{ param ( [Parameter(Mandatory = $false)] [string]$Id, @@ -647,25 +648,25 @@ function Get-MobileThreatDefenseConnectorIdOrDisplayName { # Hashtable mapping IDs to Display Names $IdToDisplayNameMap = @{ - "fc780465-2017-40d4-a0c5-307022471b92" = "Microsoft Defender for Endpoint" - "860d3ab4-8fd1-45f5-89cd-ecf51e4f92e5" = "BETTER Mobile Security" - "d3ddeae8-441f-4681-b80f-aef644f7195a" = "Check Point Harmony Mobile" - "8d0ed095-8191-4bd3-8a41-953b22d51ff7" = "Pradeo" - "1f58d6d2-02cc-4c80-b008-1bfe7396a10a" = "Jamf Trust" - "4873197-ffec-4dfc-9816-db65f34c7cb9" = "Trellix Mobile Security" - "a447eca6-a986-4d3f-9838-5862bf50776c" = "CylancePROTECT Mobile" - "4928f0f6-2660-4f69-b4c5-5170ec921f7b" = "Trend Micro" - "bb13fe25-ce1f-45aa-b278-cabbc6b9072e" = "SentinelOne" - "e6f777f8-e4c2-4a5b-be01-50b5c124bc7f" = "Windows Security Center" - "29ee2d98-e795-475f-a0f8-0802dc3384a9" = "CrowdStrike Falcon for Mobile" - "870b252b-0ef0-4707-8847-50fc571472b3" = "Sophos" - "2c7790de-8b02-4814-85cf-e0c59380dee8" = "Lookout for Work" - "28fd67fd-b179-4629-a8b0-dad420b697c7" = "Symantec Endpoint Protection" - "08a8455c-48dd-45ff-ad82-7211355354f3" = "Zimperium" + 'fc780465-2017-40d4-a0c5-307022471b92' = 'Microsoft Defender for Endpoint' + '860d3ab4-8fd1-45f5-89cd-ecf51e4f92e5' = 'BETTER Mobile Security' + 'd3ddeae8-441f-4681-b80f-aef644f7195a' = 'Check Point Harmony Mobile' + '8d0ed095-8191-4bd3-8a41-953b22d51ff7' = 'Pradeo' + '1f58d6d2-02cc-4c80-b008-1bfe7396a10a' = 'Jamf Trust' + '4873197-ffec-4dfc-9816-db65f34c7cb9' = 'Trellix Mobile Security' + 'a447eca6-a986-4d3f-9838-5862bf50776c' = 'CylancePROTECT Mobile' + '4928f0f6-2660-4f69-b4c5-5170ec921f7b' = 'Trend Micro' + 'bb13fe25-ce1f-45aa-b278-cabbc6b9072e' = 'SentinelOne' + 'e6f777f8-e4c2-4a5b-be01-50b5c124bc7f' = 'Windows Security Center' + '29ee2d98-e795-475f-a0f8-0802dc3384a9' = 'CrowdStrike Falcon for Mobile' + '870b252b-0ef0-4707-8847-50fc571472b3' = 'Sophos' + '2c7790de-8b02-4814-85cf-e0c59380dee8' = 'Lookout for Work' + '28fd67fd-b179-4629-a8b0-dad420b697c7' = 'Symantec Endpoint Protection' + '08a8455c-48dd-45ff-ad82-7211355354f3' = 'Zimperium' } # If Id is provided, look up the DisplayName - if($null -ne $Id) + if ($null -ne $Id) { $displayName = $IdToDisplayNameMap[$Id] } @@ -673,12 +674,15 @@ function Get-MobileThreatDefenseConnectorIdOrDisplayName { # If DisplayName is provided, look up the Id # Create a reverse lookup hashtable for DisplayName to Id $DisplayNameToIdMap = @{} - foreach ($key in $IdToDisplayNameMap.Keys) { + foreach ($key in $IdToDisplayNameMap.Keys) + { $DisplayNameToIdMap[$IdToDisplayNameMap[$key]] = $key } - if (-not [string]::IsNullOrEmpty($DisplayName)) { + if (-not [string]::IsNullOrEmpty($DisplayName)) + { $Id = $DisplayNameToIdMap[$DisplayName] - if (-not $Id) { + if (-not $Id) + { Write-Host "Internal func: DisplayName '$DisplayName' not found." return } @@ -686,7 +690,7 @@ function Get-MobileThreatDefenseConnectorIdOrDisplayName { # Create the results tuple return @{ - Id = $Id + Id = $Id DisplayName = $displayName } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/MSFT_IntunePolicySets.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/MSFT_IntunePolicySets.psm1 index c9371436b4..465fc6b8bc 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/MSFT_IntunePolicySets.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/MSFT_IntunePolicySets.psm1 @@ -107,7 +107,7 @@ function Get-TargetResource if ($null -eq $getValue) { - Write-verbose -Message "Could not find an Intune Policy Sets with DisplayName {$DisplayName}" + Write-Verbose -Message "Could not find an Intune Policy Sets with DisplayName {$DisplayName}" return $nullResult } else @@ -117,10 +117,11 @@ function Get-TargetResource Write-Verbose -Message "Multiple Intune Policy Sets with DisplayName {$DisplayName} - unable to continue" return $nullResult } - else { + else + { $getValue = Get-MgBetaDeviceAppManagementPolicySet -PolicySetId $getValue.Id -ExpandProperty * -ErrorAction SilentlyContinue - } + } } } } @@ -161,8 +162,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -172,10 +173,10 @@ function Get-TargetResource foreach ($itemEntry in $itemsValues) { $itemValue = @{ - dataType = $itemEntry.AdditionalProperties.'@odata.type' - payloadId = $itemEntry.PayloadId - itemType = $itemEntry.ItemType - displayName = $itemEntry.displayName + dataType = $itemEntry.AdditionalProperties.'@odata.type' + payloadId = $itemEntry.PayloadId + itemType = $itemEntry.ItemType + displayName = $itemEntry.displayName guidedDeploymentTags = $itemEntry.GuidedDeploymentTags } $itemResult += $itemValue @@ -285,8 +286,8 @@ function Set-TargetResource { Write-Verbose -Message "Creating an Intune Policy Sets with DisplayName {$DisplayName}" # remove complex values - $BoundParameters.Remove("Assignments") | Out-Null - $BoundParameters.Remove("Items") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null + $BoundParameters.Remove('Items') | Out-Null # remove unused values $BoundParameters.Remove('Id') | Out-Null @@ -304,20 +305,20 @@ function Set-TargetResource # set assignments and items to work with New-MgBetaDeviceAppManagementPolicySet command $assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments - $CreateParameters.Add("Assignments", $assignmentsHash) + $CreateParameters.Add('Assignments', $assignmentsHash) $itemsHash = @() foreach ($item in $items) { $itemsHash += @{ - PayloadId = $item.payloadId - "@odata.type" = $item.dataType - guidedDeploymentTags =$item.guidedDeploymentTags - } + PayloadId = $item.payloadId + '@odata.type' = $item.dataType + guidedDeploymentTags = $item.guidedDeploymentTags + } } - $CreateParameters.Add("Items", $itemsHash) + $CreateParameters.Add('Items', $itemsHash) - write-verbose -Message ($CreateParameters | out-string) + Write-Verbose -Message ($CreateParameters | Out-String) $policy = New-MgBetaDeviceAppManagementPolicySet @CreateParameters } @@ -325,8 +326,8 @@ function Set-TargetResource { Write-Verbose -Message "Updating the Intune Policy Sets with Id {$($currentInstance.Id)}" # remove complex values - $BoundParameters.Remove("Assignments") | Out-Null - $BoundParameters.Remove("Items") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null + $BoundParameters.Remove('Items') | Out-Null # remove unused values $BoundParameters.Remove('Id') | Out-Null @@ -342,9 +343,9 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("PolicySetId", $currentInstance.Id) + $UpdateParameters.Add('PolicySetId', $currentInstance.Id) - Update-MgBetaDeviceAppManagementPolicySet @UpdateParameters + Update-MgBetaDeviceAppManagementPolicySet @UpdateParameters $Url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceAppManagement/policySets/$($currentInstance.Id)/update" if ($null -ne ($itemamendments = Get-ItemsAmendmentsObject -currentObjectItems $currentInstance.Items -targetObjectItems $items)) @@ -582,16 +583,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -628,11 +629,11 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } if ($Results.Items) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Items" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Items' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -645,9 +646,9 @@ function Export-TargetResource } catch { - if ($_.Exception -like "*401*" -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or - $_.Exception -like "* Unauthorized*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or + $_.Exception -like '* Unauthorized*' -or ` + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } @@ -675,32 +676,32 @@ function Get-ItemsAmendmentsObject $nullreturn = $true $ItemsModificationTemplate = @{ - deletedPolicySetItems = @() - updatedPolicySetItems = @() - addedPolicySetItems = @() - } + deletedPolicySetItems = @() + updatedPolicySetItems = @() + addedPolicySetItems = @() + } - $currentObjectItems | foreach { + $currentObjectItems | ForEach-Object { if (!($targetObjectItems.Payloadid -contains $_.PayloadId)) { - write-verbose -message ($_.DisplayName + ' NOT present in Config Document, Removing') + Write-Verbose -Message ($_.DisplayName + ' NOT present in Config Document, Removing') $ItemsModificationTemplate.deletedPolicySetItems += $_.Id $nullreturn = $false } } - $targetObjectItems | foreach { + $targetObjectItems | ForEach-Object { if (!($currentObjectItems.PayloadId -contains $_.PayloadId)) { - write-verbose -message ($_.DisplayName + ' NOT already present in Policy Set, Adding') + Write-Verbose -Message ($_.DisplayName + ' NOT already present in Policy Set, Adding') $ItemsModificationTemplate.addedPolicySetItems += @{ - payloadId = $_.payloadId - "@odata.type" = $_.dataType - guidedDeploymentTags = $_.guidedDeploymentTags - } + payloadId = $_.payloadId + '@odata.type' = $_.dataType + guidedDeploymentTags = $_.guidedDeploymentTags + } $nullreturn = $false } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/settings.json index 4439bab90a..0cee9750c7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntunePolicySets", "description": "This resource configures an Intune Policy Sets.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleAssignment/MSFT_IntuneRoleAssignment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleAssignment/MSFT_IntuneRoleAssignment.psm1 index 324052a0cf..257f402310 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleAssignment/MSFT_IntuneRoleAssignment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleAssignment/MSFT_IntuneRoleAssignment.psm1 @@ -102,7 +102,7 @@ function Get-TargetResource $getValue = $null $getValue = Get-MgBetaDeviceManagementRoleAssignment -DeviceAndAppManagementRoleAssignmentId $Id -ErrorAction SilentlyContinue - + if ($null -eq $getValue) { Write-Verbose -Message "Could not find an Intune Role Assignment with Id {$Id}" @@ -696,7 +696,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleDefinition/MSFT_IntuneRoleDefinition.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleDefinition/MSFT_IntuneRoleDefinition.psm1 index 30ef18d4e1..942c53f253 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleDefinition/MSFT_IntuneRoleDefinition.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleDefinition/MSFT_IntuneRoleDefinition.psm1 @@ -570,7 +570,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleScopeTag/MSFT_IntuneRoleScopeTag.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleScopeTag/MSFT_IntuneRoleScopeTag.psm1 index 4c7cd488fe..fae310b236 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleScopeTag/MSFT_IntuneRoleScopeTag.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleScopeTag/MSFT_IntuneRoleScopeTag.psm1 @@ -80,7 +80,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - if ($PSBoundParameters.ContainsKey("Id")) + if ($PSBoundParameters.ContainsKey('Id')) { $getValue = Get-MgBetaDeviceManagementRoleScopeTag -RoleScopeTagId $Id -ErrorAction SilentlyContinue } @@ -223,7 +223,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Role Scope Tag with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $createParameters = ([Hashtable]$BoundParameters).Clone() $createParameters = Rename-M365DSCCimInstanceParameter -Properties $createParameters @@ -239,7 +239,7 @@ function Set-TargetResource } #region resource generator code - $createParameters.Add("@odata.type", "#microsoft.graph.RoleScopeTag") + $createParameters.Add('@odata.type', '#microsoft.graph.RoleScopeTag') $policy = New-MgBetaDeviceManagementRoleScopeTag -BodyParameter $createParameters if ($policy.Id) @@ -255,7 +255,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Role Scope Tag with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $updateParameters = ([Hashtable]$BoundParameters).Clone() $updateParameters = Rename-M365DSCCimInstanceParameter -Properties $updateParameters @@ -272,7 +272,7 @@ function Set-TargetResource } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.RoleScopeTag") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.RoleScopeTag') Update-MgBetaDeviceManagementRoleScopeTag ` -RoleScopeTagId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -534,7 +534,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleScopeTag/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleScopeTag/settings.json index eece1c58a9..42b2a74548 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleScopeTag/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleScopeTag/settings.json @@ -9,7 +9,7 @@ "name": "DeviceManagementConfiguration.Read.All" }, { - "name": "Group.Read.All" + "name": "Group.Read.All" } ], "update": [ @@ -17,7 +17,7 @@ "name": "DeviceManagementConfiguration.ReadWrite.All" }, { - "name": "Group.Read.All" + "name": "Group.Read.All" } ] }, @@ -27,7 +27,7 @@ "name": "DeviceManagementConfiguration.Read.All" }, { - "name": "Group.Read.All" + "name": "Group.Read.All" } ], "update": [ @@ -35,7 +35,7 @@ "name": "DeviceManagementConfiguration.ReadWrite.All" }, { - "name": "Group.Read.All" + "name": "Group.Read.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineDefenderForEndpoint/MSFT_IntuneSecurityBaselineDefenderForEndpoint.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineDefenderForEndpoint/MSFT_IntuneSecurityBaselineDefenderForEndpoint.psm1 index c31b5a1b9c..c2978345e7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineDefenderForEndpoint/MSFT_IntuneSecurityBaselineDefenderForEndpoint.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineDefenderForEndpoint/MSFT_IntuneSecurityBaselineDefenderForEndpoint.psm1 @@ -90,7 +90,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -127,387 +127,514 @@ function Get-TargetResource $complexDeviceSettings = @{} # Add device settings with conditional checks - if ($null -ne $policySettings.DeviceSettings.deviceInstall_Classes_Deny) { + if ($null -ne $policySettings.DeviceSettings.deviceInstall_Classes_Deny) + { $complexDeviceSettings.Add('DeviceInstall_Classes_Deny', $policySettings.DeviceSettings.deviceInstall_Classes_Deny) } - if ($null -ne $policySettings.DeviceSettings.deviceInstall_Classes_Deny_List) { + if ($null -ne $policySettings.DeviceSettings.deviceInstall_Classes_Deny_List) + { $complexDeviceSettings.Add('DeviceInstall_Classes_Deny_List', $policySettings.DeviceSettings.deviceInstall_Classes_Deny_List) } - if ($null -ne $policySettings.DeviceSettings.deviceInstall_Classes_Deny_Retroactive) { + if ($null -ne $policySettings.DeviceSettings.deviceInstall_Classes_Deny_Retroactive) + { $complexDeviceSettings.Add('DeviceInstall_Classes_Deny_Retroactive', $policySettings.DeviceSettings.deviceInstall_Classes_Deny_Retroactive) } - if ($null -ne $policySettings.DeviceSettings.encryptionMethodWithXts_Name) { + if ($null -ne $policySettings.DeviceSettings.encryptionMethodWithXts_Name) + { $complexDeviceSettings.Add('EncryptionMethodWithXts_Name', $policySettings.DeviceSettings.encryptionMethodWithXts_Name) } - if ($null -ne $policySettings.DeviceSettings.encryptionMethodWithXtsOsDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.encryptionMethodWithXtsOsDropDown_Name) + { $complexDeviceSettings.Add('EncryptionMethodWithXtsOsDropDown_Name', $policySettings.DeviceSettings.encryptionMethodWithXtsOsDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.encryptionMethodWithXtsFdvDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.encryptionMethodWithXtsFdvDropDown_Name) + { $complexDeviceSettings.Add('EncryptionMethodWithXtsFdvDropDown_Name', $policySettings.DeviceSettings.encryptionMethodWithXtsFdvDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.encryptionMethodWithXtsRdvDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.encryptionMethodWithXtsRdvDropDown_Name) + { $complexDeviceSettings.Add('EncryptionMethodWithXtsRdvDropDown_Name', $policySettings.DeviceSettings.encryptionMethodWithXtsRdvDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.fDVRecoveryUsage_Name) { + if ($null -ne $policySettings.DeviceSettings.fDVRecoveryUsage_Name) + { $complexDeviceSettings.Add('FDVRecoveryUsage_Name', $policySettings.DeviceSettings.fDVRecoveryUsage_Name) } - if ($null -ne $policySettings.DeviceSettings.fDVActiveDirectoryBackup_Name) { + if ($null -ne $policySettings.DeviceSettings.fDVActiveDirectoryBackup_Name) + { $complexDeviceSettings.Add('FDVActiveDirectoryBackup_Name', $policySettings.DeviceSettings.fDVActiveDirectoryBackup_Name) } - if ($null -ne $policySettings.DeviceSettings.fDVHideRecoveryPage_Name) { + if ($null -ne $policySettings.DeviceSettings.fDVHideRecoveryPage_Name) + { $complexDeviceSettings.Add('FDVHideRecoveryPage_Name', $policySettings.DeviceSettings.fDVHideRecoveryPage_Name) } - if ($null -ne $policySettings.DeviceSettings.fDVRecoveryPasswordUsageDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.fDVRecoveryPasswordUsageDropDown_Name) + { $complexDeviceSettings.Add('FDVRecoveryPasswordUsageDropDown_Name', $policySettings.DeviceSettings.fDVRecoveryPasswordUsageDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.fDVRequireActiveDirectoryBackup_Name) { + if ($null -ne $policySettings.DeviceSettings.fDVRequireActiveDirectoryBackup_Name) + { $complexDeviceSettings.Add('FDVRequireActiveDirectoryBackup_Name', $policySettings.DeviceSettings.fDVRequireActiveDirectoryBackup_Name) } - if ($null -ne $policySettings.DeviceSettings.fDVAllowDRA_Name) { + if ($null -ne $policySettings.DeviceSettings.fDVAllowDRA_Name) + { $complexDeviceSettings.Add('FDVAllowDRA_Name', $policySettings.DeviceSettings.fDVAllowDRA_Name) } - if ($null -ne $policySettings.DeviceSettings.fDVActiveDirectoryBackupDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.fDVActiveDirectoryBackupDropDown_Name) + { $complexDeviceSettings.Add('FDVActiveDirectoryBackupDropDown_Name', $policySettings.DeviceSettings.fDVActiveDirectoryBackupDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.fDVRecoveryKeyUsageDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.fDVRecoveryKeyUsageDropDown_Name) + { $complexDeviceSettings.Add('FDVRecoveryKeyUsageDropDown_Name', $policySettings.DeviceSettings.fDVRecoveryKeyUsageDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.fDVDenyWriteAccess_Name) { + if ($null -ne $policySettings.DeviceSettings.fDVDenyWriteAccess_Name) + { $complexDeviceSettings.Add('FDVDenyWriteAccess_Name', $policySettings.DeviceSettings.fDVDenyWriteAccess_Name) } - if ($null -ne $policySettings.DeviceSettings.fDVEncryptionType_Name) { + if ($null -ne $policySettings.DeviceSettings.fDVEncryptionType_Name) + { $complexDeviceSettings.Add('FDVEncryptionType_Name', $policySettings.DeviceSettings.fDVEncryptionType_Name) } - if ($null -ne $policySettings.DeviceSettings.fDVEncryptionTypeDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.fDVEncryptionTypeDropDown_Name) + { $complexDeviceSettings.Add('FDVEncryptionTypeDropDown_Name', $policySettings.DeviceSettings.fDVEncryptionTypeDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.enablePreBootPinExceptionOnDECapableDevice_Name) { + if ($null -ne $policySettings.DeviceSettings.enablePreBootPinExceptionOnDECapableDevice_Name) + { $complexDeviceSettings.Add('EnablePreBootPinExceptionOnDECapableDevice_Name', $policySettings.DeviceSettings.enablePreBootPinExceptionOnDECapableDevice_Name) } - if ($null -ne $policySettings.DeviceSettings.enhancedPIN_Name) { + if ($null -ne $policySettings.DeviceSettings.enhancedPIN_Name) + { $complexDeviceSettings.Add('EnhancedPIN_Name', $policySettings.DeviceSettings.enhancedPIN_Name) } - if ($null -ne $policySettings.DeviceSettings.OSRecoveryUsage_Name) { + if ($null -ne $policySettings.DeviceSettings.OSRecoveryUsage_Name) + { $complexDeviceSettings.Add('OSRecoveryUsage_Name', $policySettings.DeviceSettings.OSRecoveryUsage_Name) } - if ($null -ne $policySettings.DeviceSettings.OSRequireActiveDirectoryBackup_Name) { + if ($null -ne $policySettings.DeviceSettings.OSRequireActiveDirectoryBackup_Name) + { $complexDeviceSettings.Add('OSRequireActiveDirectoryBackup_Name', $policySettings.DeviceSettings.OSRequireActiveDirectoryBackup_Name) } - if ($null -ne $policySettings.DeviceSettings.OSActiveDirectoryBackup_Name) { + if ($null -ne $policySettings.DeviceSettings.OSActiveDirectoryBackup_Name) + { $complexDeviceSettings.Add('OSActiveDirectoryBackup_Name', $policySettings.DeviceSettings.OSActiveDirectoryBackup_Name) } - if ($null -ne $policySettings.DeviceSettings.OSRecoveryPasswordUsageDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.OSRecoveryPasswordUsageDropDown_Name) + { $complexDeviceSettings.Add('OSRecoveryPasswordUsageDropDown_Name', $policySettings.DeviceSettings.OSRecoveryPasswordUsageDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.OSHideRecoveryPage_Name) { + if ($null -ne $policySettings.DeviceSettings.OSHideRecoveryPage_Name) + { $complexDeviceSettings.Add('OSHideRecoveryPage_Name', $policySettings.DeviceSettings.OSHideRecoveryPage_Name) } - if ($null -ne $policySettings.DeviceSettings.OSAllowDRA_Name) { + if ($null -ne $policySettings.DeviceSettings.OSAllowDRA_Name) + { $complexDeviceSettings.Add('OSAllowDRA_Name', $policySettings.DeviceSettings.OSAllowDRA_Name) } - if ($null -ne $policySettings.DeviceSettings.OSRecoveryKeyUsageDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.OSRecoveryKeyUsageDropDown_Name) + { $complexDeviceSettings.Add('OSRecoveryKeyUsageDropDown_Name', $policySettings.DeviceSettings.OSRecoveryKeyUsageDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.OSActiveDirectoryBackupDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.OSActiveDirectoryBackupDropDown_Name) + { $complexDeviceSettings.Add('OSActiveDirectoryBackupDropDown_Name', $policySettings.DeviceSettings.OSActiveDirectoryBackupDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.enablePrebootInputProtectorsOnSlates_Name) { + if ($null -ne $policySettings.DeviceSettings.enablePrebootInputProtectorsOnSlates_Name) + { $complexDeviceSettings.Add('EnablePrebootInputProtectorsOnSlates_Name', $policySettings.DeviceSettings.enablePrebootInputProtectorsOnSlates_Name) } - if ($null -ne $policySettings.DeviceSettings.OSEncryptionType_Name) { + if ($null -ne $policySettings.DeviceSettings.OSEncryptionType_Name) + { $complexDeviceSettings.Add('OSEncryptionType_Name', $policySettings.DeviceSettings.OSEncryptionType_Name) } - if ($null -ne $policySettings.DeviceSettings.OSEncryptionTypeDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.OSEncryptionTypeDropDown_Name) + { $complexDeviceSettings.Add('OSEncryptionTypeDropDown_Name', $policySettings.DeviceSettings.OSEncryptionTypeDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.configureAdvancedStartup_Name) { + if ($null -ne $policySettings.DeviceSettings.configureAdvancedStartup_Name) + { $complexDeviceSettings.Add('ConfigureAdvancedStartup_Name', $policySettings.DeviceSettings.configureAdvancedStartup_Name) } - if ($null -ne $policySettings.DeviceSettings.configureTPMStartupKeyUsageDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.configureTPMStartupKeyUsageDropDown_Name) + { $complexDeviceSettings.Add('ConfigureTPMStartupKeyUsageDropDown_Name', $policySettings.DeviceSettings.configureTPMStartupKeyUsageDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.configureTPMPINKeyUsageDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.configureTPMPINKeyUsageDropDown_Name) + { $complexDeviceSettings.Add('ConfigureTPMPINKeyUsageDropDown_Name', $policySettings.DeviceSettings.configureTPMPINKeyUsageDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.configureTPMUsageDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.configureTPMUsageDropDown_Name) + { $complexDeviceSettings.Add('ConfigureTPMUsageDropDown_Name', $policySettings.DeviceSettings.configureTPMUsageDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.configureNonTPMStartupKeyUsage_Name) { + if ($null -ne $policySettings.DeviceSettings.configureNonTPMStartupKeyUsage_Name) + { $complexDeviceSettings.Add('ConfigureNonTPMStartupKeyUsage_Name', $policySettings.DeviceSettings.configureNonTPMStartupKeyUsage_Name) } - if ($null -ne $policySettings.DeviceSettings.configurePINUsageDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.configurePINUsageDropDown_Name) + { $complexDeviceSettings.Add('ConfigurePINUsageDropDown_Name', $policySettings.DeviceSettings.configurePINUsageDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.RDVConfigureBDE) { + if ($null -ne $policySettings.DeviceSettings.RDVConfigureBDE) + { $complexDeviceSettings.Add('RDVConfigureBDE', $policySettings.DeviceSettings.RDVConfigureBDE) } - if ($null -ne $policySettings.DeviceSettings.RDVAllowBDE_Name) { + if ($null -ne $policySettings.DeviceSettings.RDVAllowBDE_Name) + { $complexDeviceSettings.Add('RDVAllowBDE_Name', $policySettings.DeviceSettings.RDVAllowBDE_Name) } - if ($null -ne $policySettings.DeviceSettings.RDVEncryptionType_Name) { + if ($null -ne $policySettings.DeviceSettings.RDVEncryptionType_Name) + { $complexDeviceSettings.Add('RDVEncryptionType_Name', $policySettings.DeviceSettings.RDVEncryptionType_Name) } - if ($null -ne $policySettings.DeviceSettings.RDVEncryptionTypeDropDown_Name) { + if ($null -ne $policySettings.DeviceSettings.RDVEncryptionTypeDropDown_Name) + { $complexDeviceSettings.Add('RDVEncryptionTypeDropDown_Name', $policySettings.DeviceSettings.RDVEncryptionTypeDropDown_Name) } - if ($null -ne $policySettings.DeviceSettings.RDVDisableBDE_Name) { + if ($null -ne $policySettings.DeviceSettings.RDVDisableBDE_Name) + { $complexDeviceSettings.Add('RDVDisableBDE_Name', $policySettings.DeviceSettings.RDVDisableBDE_Name) } - if ($null -ne $policySettings.DeviceSettings.RDVDenyWriteAccess_Name) { + if ($null -ne $policySettings.DeviceSettings.RDVDenyWriteAccess_Name) + { $complexDeviceSettings.Add('RDVDenyWriteAccess_Name', $policySettings.DeviceSettings.RDVDenyWriteAccess_Name) } - if ($null -ne $policySettings.DeviceSettings.RDVCrossOrg) { + if ($null -ne $policySettings.DeviceSettings.RDVCrossOrg) + { $complexDeviceSettings.Add('RDVCrossOrg', $policySettings.DeviceSettings.RDVCrossOrg) } - if ($null -ne $policySettings.DeviceSettings.EnableSmartScreen) { + if ($null -ne $policySettings.DeviceSettings.EnableSmartScreen) + { $complexDeviceSettings.Add('EnableSmartScreen', $policySettings.DeviceSettings.EnableSmartScreen) } - if ($null -ne $policySettings.DeviceSettings.EnableSmartScreenDropdown) { + if ($null -ne $policySettings.DeviceSettings.EnableSmartScreenDropdown) + { $complexDeviceSettings.Add('EnableSmartScreenDropdown', $policySettings.DeviceSettings.EnableSmartScreenDropdown) } - if ($null -ne $policySettings.DeviceSettings.DisableSafetyFilterOverrideForAppRepUnknown) { + if ($null -ne $policySettings.DeviceSettings.DisableSafetyFilterOverrideForAppRepUnknown) + { $complexDeviceSettings.Add('DisableSafetyFilterOverrideForAppRepUnknown', $policySettings.DeviceSettings.DisableSafetyFilterOverrideForAppRepUnknown) } - if ($null -ne $policySettings.DeviceSettings.Disable_Managing_Safety_Filter_IE9) { + if ($null -ne $policySettings.DeviceSettings.Disable_Managing_Safety_Filter_IE9) + { $complexDeviceSettings.Add('Disable_Managing_Safety_Filter_IE9', $policySettings.DeviceSettings.Disable_Managing_Safety_Filter_IE9) } - if ($null -ne $policySettings.DeviceSettings.IE9SafetyFilterOptions) { + if ($null -ne $policySettings.DeviceSettings.IE9SafetyFilterOptions) + { $complexDeviceSettings.Add('IE9SafetyFilterOptions', $policySettings.DeviceSettings.IE9SafetyFilterOptions) } - if ($null -ne $policySettings.DeviceSettings.AllowWarningForOtherDiskEncryption) { + if ($null -ne $policySettings.DeviceSettings.AllowWarningForOtherDiskEncryption) + { $complexDeviceSettings.Add('AllowWarningForOtherDiskEncryption', $policySettings.DeviceSettings.AllowWarningForOtherDiskEncryption) } - if ($null -ne $policySettings.DeviceSettings.AllowStandardUserEncryption) { + if ($null -ne $policySettings.DeviceSettings.AllowStandardUserEncryption) + { $complexDeviceSettings.Add('AllowStandardUserEncryption', $policySettings.DeviceSettings.AllowStandardUserEncryption) } - if ($null -ne $policySettings.DeviceSettings.ConfigureRecoveryPasswordRotation) { + if ($null -ne $policySettings.DeviceSettings.ConfigureRecoveryPasswordRotation) + { $complexDeviceSettings.Add('ConfigureRecoveryPasswordRotation', $policySettings.DeviceSettings.ConfigureRecoveryPasswordRotation) } - if ($null -ne $policySettings.DeviceSettings.RequireDeviceEncryption) { + if ($null -ne $policySettings.DeviceSettings.RequireDeviceEncryption) + { $complexDeviceSettings.Add('RequireDeviceEncryption', $policySettings.DeviceSettings.RequireDeviceEncryption) } - if ($null -ne $policySettings.DeviceSettings.AllowArchiveScanning) { + if ($null -ne $policySettings.DeviceSettings.AllowArchiveScanning) + { $complexDeviceSettings.Add('AllowArchiveScanning', $policySettings.DeviceSettings.AllowArchiveScanning) } - if ($null -ne $policySettings.DeviceSettings.AllowBehaviorMonitoring) { + if ($null -ne $policySettings.DeviceSettings.AllowBehaviorMonitoring) + { $complexDeviceSettings.Add('AllowBehaviorMonitoring', $policySettings.DeviceSettings.AllowBehaviorMonitoring) } - if ($null -ne $policySettings.DeviceSettings.AllowCloudProtection) { + if ($null -ne $policySettings.DeviceSettings.AllowCloudProtection) + { $complexDeviceSettings.Add('AllowCloudProtection', $policySettings.DeviceSettings.AllowCloudProtection) } - if ($null -ne $policySettings.DeviceSettings.AllowEmailScanning) { + if ($null -ne $policySettings.DeviceSettings.AllowEmailScanning) + { $complexDeviceSettings.Add('AllowEmailScanning', $policySettings.DeviceSettings.AllowEmailScanning) } - if ($null -ne $policySettings.DeviceSettings.AllowFullScanRemovableDriveScanning) { + if ($null -ne $policySettings.DeviceSettings.AllowFullScanRemovableDriveScanning) + { $complexDeviceSettings.Add('AllowFullScanRemovableDriveScanning', $policySettings.DeviceSettings.AllowFullScanRemovableDriveScanning) } - if ($null -ne $policySettings.DeviceSettings.AllowOnAccessProtection) { + if ($null -ne $policySettings.DeviceSettings.AllowOnAccessProtection) + { $complexDeviceSettings.Add('AllowOnAccessProtection', $policySettings.DeviceSettings.AllowOnAccessProtection) } - if ($null -ne $policySettings.DeviceSettings.AllowRealtimeMonitoring) { + if ($null -ne $policySettings.DeviceSettings.AllowRealtimeMonitoring) + { $complexDeviceSettings.Add('AllowRealtimeMonitoring', $policySettings.DeviceSettings.AllowRealtimeMonitoring) } - if ($null -ne $policySettings.DeviceSettings.AllowScanningNetworkFiles) { + if ($null -ne $policySettings.DeviceSettings.AllowScanningNetworkFiles) + { $complexDeviceSettings.Add('AllowScanningNetworkFiles', $policySettings.DeviceSettings.AllowScanningNetworkFiles) } - if ($null -ne $policySettings.DeviceSettings.AllowIOAVProtection) { + if ($null -ne $policySettings.DeviceSettings.AllowIOAVProtection) + { $complexDeviceSettings.Add('AllowIOAVProtection', $policySettings.DeviceSettings.AllowIOAVProtection) } - if ($null -ne $policySettings.DeviceSettings.AllowScriptScanning) { + if ($null -ne $policySettings.DeviceSettings.AllowScriptScanning) + { $complexDeviceSettings.Add('AllowScriptScanning', $policySettings.DeviceSettings.AllowScriptScanning) } - if ($null -ne $policySettings.DeviceSettings.AllowUserUIAccess) { + if ($null -ne $policySettings.DeviceSettings.AllowUserUIAccess) + { $complexDeviceSettings.Add('AllowUserUIAccess', $policySettings.DeviceSettings.AllowUserUIAccess) } - if ($null -ne $policySettings.DeviceSettings.BlockExecutionOfPotentiallyObfuscatedScripts) { + if ($null -ne $policySettings.DeviceSettings.BlockExecutionOfPotentiallyObfuscatedScripts) + { $complexDeviceSettings.Add('BlockExecutionOfPotentiallyObfuscatedScripts', $policySettings.DeviceSettings.BlockExecutionOfPotentiallyObfuscatedScripts) } - if ($null -ne $policySettings.DeviceSettings.BlockExecutionOfPotentiallyObfuscatedScripts_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockExecutionOfPotentiallyObfuscatedScripts_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockExecutionOfPotentiallyObfuscatedScripts_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockExecutionOfPotentiallyObfuscatedScripts_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockWin32APICallsFromOfficeMacros) { + if ($null -ne $policySettings.DeviceSettings.BlockWin32APICallsFromOfficeMacros) + { $complexDeviceSettings.Add('BlockWin32APICallsFromOfficeMacros', $policySettings.DeviceSettings.BlockWin32APICallsFromOfficeMacros) } - if ($null -ne $policySettings.DeviceSettings.BlockWin32APICallsFromOfficeMacros_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockWin32APICallsFromOfficeMacros_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockWin32APICallsFromOfficeMacros_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockWin32APICallsFromOfficeMacros_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion) { + if ($null -ne $policySettings.DeviceSettings.BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion) + { $complexDeviceSettings.Add('BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion', $policySettings.DeviceSettings.BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion) } - if ($null -ne $policySettings.DeviceSettings.BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockOfficeCommunicationAppFromCreatingChildProcesses) { + if ($null -ne $policySettings.DeviceSettings.BlockOfficeCommunicationAppFromCreatingChildProcesses) + { $complexDeviceSettings.Add('BlockOfficeCommunicationAppFromCreatingChildProcesses', $policySettings.DeviceSettings.BlockOfficeCommunicationAppFromCreatingChildProcesses) } - if ($null -ne $policySettings.DeviceSettings.BlockOfficeCommunicationAppFromCreatingChildProcesses_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockOfficeCommunicationAppFromCreatingChildProcesses_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockOfficeCommunicationAppFromCreatingChildProcesses_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockOfficeCommunicationAppFromCreatingChildProcesses_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockAllOfficeApplicationsFromCreatingChildProcesses) { + if ($null -ne $policySettings.DeviceSettings.BlockAllOfficeApplicationsFromCreatingChildProcesses) + { $complexDeviceSettings.Add('BlockAllOfficeApplicationsFromCreatingChildProcesses', $policySettings.DeviceSettings.BlockAllOfficeApplicationsFromCreatingChildProcesses) } - if ($null -ne $policySettings.DeviceSettings.BlockAllOfficeApplicationsFromCreatingChildProcesses_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockAllOfficeApplicationsFromCreatingChildProcesses_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockAllOfficeApplicationsFromCreatingChildProcesses_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockAllOfficeApplicationsFromCreatingChildProcesses_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockAdobeReaderFromCreatingChildProcesses) { + if ($null -ne $policySettings.DeviceSettings.BlockAdobeReaderFromCreatingChildProcesses) + { $complexDeviceSettings.Add('BlockAdobeReaderFromCreatingChildProcesses', $policySettings.DeviceSettings.BlockAdobeReaderFromCreatingChildProcesses) } - if ($null -ne $policySettings.DeviceSettings.BlockAdobeReaderFromCreatingChildProcesses_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockAdobeReaderFromCreatingChildProcesses_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockAdobeReaderFromCreatingChildProcesses_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockAdobeReaderFromCreatingChildProcesses_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem) { + if ($null -ne $policySettings.DeviceSettings.BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem) + { $complexDeviceSettings.Add('BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem', $policySettings.DeviceSettings.BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem) } - if ($null -ne $policySettings.DeviceSettings.BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent) { + if ($null -ne $policySettings.DeviceSettings.BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent) + { $complexDeviceSettings.Add('BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent', $policySettings.DeviceSettings.BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent) } - if ($null -ne $policySettings.DeviceSettings.BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockWebshellCreationForServers) { + if ($null -ne $policySettings.DeviceSettings.BlockWebshellCreationForServers) + { $complexDeviceSettings.Add('BlockWebshellCreationForServers', $policySettings.DeviceSettings.BlockWebshellCreationForServers) } - if ($null -ne $policySettings.DeviceSettings.BlockWebshellCreationForServers_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockWebshellCreationForServers_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockWebshellCreationForServers_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockWebshellCreationForServers_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockUntrustedUnsignedProcessesThatRunFromUSB) { + if ($null -ne $policySettings.DeviceSettings.BlockUntrustedUnsignedProcessesThatRunFromUSB) + { $complexDeviceSettings.Add('BlockUntrustedUnsignedProcessesThatRunFromUSB', $policySettings.DeviceSettings.BlockUntrustedUnsignedProcessesThatRunFromUSB) } - if ($null -ne $policySettings.DeviceSettings.BlockUntrustedUnsignedProcessesThatRunFromUSB_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockUntrustedUnsignedProcessesThatRunFromUSB_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockUntrustedUnsignedProcessesThatRunFromUSB_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockUntrustedUnsignedProcessesThatRunFromUSB_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockPersistenceThroughWMIEventSubscription) { + if ($null -ne $policySettings.DeviceSettings.BlockPersistenceThroughWMIEventSubscription) + { $complexDeviceSettings.Add('BlockPersistenceThroughWMIEventSubscription', $policySettings.DeviceSettings.BlockPersistenceThroughWMIEventSubscription) } - if ($null -ne $policySettings.DeviceSettings.BlockUseOfCopiedOrImpersonatedSystemTools) { + if ($null -ne $policySettings.DeviceSettings.BlockUseOfCopiedOrImpersonatedSystemTools) + { $complexDeviceSettings.Add('BlockUseOfCopiedOrImpersonatedSystemTools', $policySettings.DeviceSettings.BlockUseOfCopiedOrImpersonatedSystemTools) } - if ($null -ne $policySettings.DeviceSettings.BlockUseOfCopiedOrImpersonatedSystemTools_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockUseOfCopiedOrImpersonatedSystemTools_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockUseOfCopiedOrImpersonatedSystemTools_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockUseOfCopiedOrImpersonatedSystemTools_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockAbuseOfExploitedVulnerableSignedDrivers) { + if ($null -ne $policySettings.DeviceSettings.BlockAbuseOfExploitedVulnerableSignedDrivers) + { $complexDeviceSettings.Add('BlockAbuseOfExploitedVulnerableSignedDrivers', $policySettings.DeviceSettings.BlockAbuseOfExploitedVulnerableSignedDrivers) } - if ($null -ne $policySettings.DeviceSettings.BlockAbuseOfExploitedVulnerableSignedDrivers_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockAbuseOfExploitedVulnerableSignedDrivers_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockAbuseOfExploitedVulnerableSignedDrivers_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockAbuseOfExploitedVulnerableSignedDrivers_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockProcessCreationsFromPSExecAndWMICommands) { + if ($null -ne $policySettings.DeviceSettings.BlockProcessCreationsFromPSExecAndWMICommands) + { $complexDeviceSettings.Add('BlockProcessCreationsFromPSExecAndWMICommands', $policySettings.DeviceSettings.BlockProcessCreationsFromPSExecAndWMICommands) } - if ($null -ne $policySettings.DeviceSettings.BlockProcessCreationsFromPSExecAndWMICommands_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockProcessCreationsFromPSExecAndWMICommands_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockProcessCreationsFromPSExecAndWMICommands_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockProcessCreationsFromPSExecAndWMICommands_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockOfficeApplicationsFromCreatingExecutableContent) { + if ($null -ne $policySettings.DeviceSettings.BlockOfficeApplicationsFromCreatingExecutableContent) + { $complexDeviceSettings.Add('BlockOfficeApplicationsFromCreatingExecutableContent', $policySettings.DeviceSettings.BlockOfficeApplicationsFromCreatingExecutableContent) } - if ($null -ne $policySettings.DeviceSettings.BlockOfficeApplicationsFromCreatingExecutableContent_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockOfficeApplicationsFromCreatingExecutableContent_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockOfficeApplicationsFromCreatingExecutableContent_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockOfficeApplicationsFromCreatingExecutableContent_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses) { + if ($null -ne $policySettings.DeviceSettings.BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses) + { $complexDeviceSettings.Add('BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses', $policySettings.DeviceSettings.BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses) } - if ($null -ne $policySettings.DeviceSettings.BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockRebootingMachineInSafeMode) { + if ($null -ne $policySettings.DeviceSettings.BlockRebootingMachineInSafeMode) + { $complexDeviceSettings.Add('BlockRebootingMachineInSafeMode', $policySettings.DeviceSettings.BlockRebootingMachineInSafeMode) } - if ($null -ne $policySettings.DeviceSettings.BlockRebootingMachineInSafeMode_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockRebootingMachineInSafeMode_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockRebootingMachineInSafeMode_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockRebootingMachineInSafeMode_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.UseAdvancedProtectionAgainstRansomware) { + if ($null -ne $policySettings.DeviceSettings.UseAdvancedProtectionAgainstRansomware) + { $complexDeviceSettings.Add('UseAdvancedProtectionAgainstRansomware', $policySettings.DeviceSettings.UseAdvancedProtectionAgainstRansomware) } - if ($null -ne $policySettings.DeviceSettings.UseAdvancedProtectionAgainstRansomware_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.UseAdvancedProtectionAgainstRansomware_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('UseAdvancedProtectionAgainstRansomware_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.UseAdvancedProtectionAgainstRansomware_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.BlockExecutableContentFromEmailClientAndWebmail) { + if ($null -ne $policySettings.DeviceSettings.BlockExecutableContentFromEmailClientAndWebmail) + { $complexDeviceSettings.Add('BlockExecutableContentFromEmailClientAndWebmail', $policySettings.DeviceSettings.BlockExecutableContentFromEmailClientAndWebmail) } - if ($null -ne $policySettings.DeviceSettings.BlockExecutableContentFromEmailClientAndWebmail_ASROnlyPerRuleExclusions) { + if ($null -ne $policySettings.DeviceSettings.BlockExecutableContentFromEmailClientAndWebmail_ASROnlyPerRuleExclusions) + { $complexDeviceSettings.Add('BlockExecutableContentFromEmailClientAndWebmail_ASROnlyPerRuleExclusions', $policySettings.DeviceSettings.BlockExecutableContentFromEmailClientAndWebmail_ASROnlyPerRuleExclusions) } - if ($null -ne $policySettings.DeviceSettings.CheckForSignaturesBeforeRunningScan) { + if ($null -ne $policySettings.DeviceSettings.CheckForSignaturesBeforeRunningScan) + { $complexDeviceSettings.Add('CheckForSignaturesBeforeRunningScan', $policySettings.DeviceSettings.CheckForSignaturesBeforeRunningScan) } - if ($null -ne $policySettings.DeviceSettings.CloudBlockLevel) { + if ($null -ne $policySettings.DeviceSettings.CloudBlockLevel) + { $complexDeviceSettings.Add('CloudBlockLevel', $policySettings.DeviceSettings.CloudBlockLevel) } - if ($null -ne $policySettings.DeviceSettings.CloudExtendedTimeout) { + if ($null -ne $policySettings.DeviceSettings.CloudExtendedTimeout) + { $complexDeviceSettings.Add('CloudExtendedTimeout', $policySettings.DeviceSettings.CloudExtendedTimeout) } - if ($null -ne $policySettings.DeviceSettings.DisableLocalAdminMerge) { + if ($null -ne $policySettings.DeviceSettings.DisableLocalAdminMerge) + { $complexDeviceSettings.Add('DisableLocalAdminMerge', $policySettings.DeviceSettings.DisableLocalAdminMerge) } - if ($null -ne $policySettings.DeviceSettings.EnableNetworkProtection) { + if ($null -ne $policySettings.DeviceSettings.EnableNetworkProtection) + { $complexDeviceSettings.Add('EnableNetworkProtection', $policySettings.DeviceSettings.EnableNetworkProtection) } - if ($null -ne $policySettings.DeviceSettings.HideExclusionsFromLocalAdmins) { + if ($null -ne $policySettings.DeviceSettings.HideExclusionsFromLocalAdmins) + { $complexDeviceSettings.Add('HideExclusionsFromLocalAdmins', $policySettings.DeviceSettings.HideExclusionsFromLocalAdmins) } - if ($null -ne $policySettings.DeviceSettings.HideExclusionsFromLocalUsers) { + if ($null -ne $policySettings.DeviceSettings.HideExclusionsFromLocalUsers) + { $complexDeviceSettings.Add('HideExclusionsFromLocalUsers', $policySettings.DeviceSettings.HideExclusionsFromLocalUsers) } - if ($null -ne $policySettings.DeviceSettings.OobeEnableRtpAndSigUpdate) { + if ($null -ne $policySettings.DeviceSettings.OobeEnableRtpAndSigUpdate) + { $complexDeviceSettings.Add('OobeEnableRtpAndSigUpdate', $policySettings.DeviceSettings.OobeEnableRtpAndSigUpdate) } - if ($null -ne $policySettings.DeviceSettings.PUAProtection) { + if ($null -ne $policySettings.DeviceSettings.PUAProtection) + { $complexDeviceSettings.Add('PUAProtection', $policySettings.DeviceSettings.PUAProtection) } - if ($null -ne $policySettings.DeviceSettings.RealTimeScanDirection) { + if ($null -ne $policySettings.DeviceSettings.RealTimeScanDirection) + { $complexDeviceSettings.Add('RealTimeScanDirection', $policySettings.DeviceSettings.RealTimeScanDirection) } - if ($null -ne $policySettings.DeviceSettings.ScanParameter) { + if ($null -ne $policySettings.DeviceSettings.ScanParameter) + { $complexDeviceSettings.Add('ScanParameter', $policySettings.DeviceSettings.ScanParameter) } - if ($null -ne $policySettings.DeviceSettings.ScheduleQuickScanTime) { + if ($null -ne $policySettings.DeviceSettings.ScheduleQuickScanTime) + { $complexDeviceSettings.Add('ScheduleQuickScanTime', $policySettings.DeviceSettings.ScheduleQuickScanTime) } - if ($null -ne $policySettings.DeviceSettings.ScheduleScanDay) { + if ($null -ne $policySettings.DeviceSettings.ScheduleScanDay) + { $complexDeviceSettings.Add('ScheduleScanDay', $policySettings.DeviceSettings.ScheduleScanDay) } - if ($null -ne $policySettings.DeviceSettings.ScheduleScanTime) { + if ($null -ne $policySettings.DeviceSettings.ScheduleScanTime) + { $complexDeviceSettings.Add('ScheduleScanTime', $policySettings.DeviceSettings.ScheduleScanTime) } - if ($null -ne $policySettings.DeviceSettings.SignatureUpdateInterval) { + if ($null -ne $policySettings.DeviceSettings.SignatureUpdateInterval) + { $complexDeviceSettings.Add('SignatureUpdateInterval', $policySettings.DeviceSettings.SignatureUpdateInterval) } - if ($null -ne $policySettings.DeviceSettings.SubmitSamplesConsent) { + if ($null -ne $policySettings.DeviceSettings.SubmitSamplesConsent) + { $complexDeviceSettings.Add('SubmitSamplesConsent', $policySettings.DeviceSettings.SubmitSamplesConsent) } - if ($null -ne $policySettings.DeviceSettings.LsaCfgFlags) { + if ($null -ne $policySettings.DeviceSettings.LsaCfgFlags) + { $complexDeviceSettings.Add('LsaCfgFlags', $policySettings.DeviceSettings.LsaCfgFlags) } - if ($null -ne $policySettings.DeviceSettings.DeviceEnumerationPolicy) { + if ($null -ne $policySettings.DeviceSettings.DeviceEnumerationPolicy) + { $complexDeviceSettings.Add('DeviceEnumerationPolicy', $policySettings.DeviceSettings.DeviceEnumerationPolicy) } - if ($null -ne $policySettings.DeviceSettings.SmartScreenEnabled) { + if ($null -ne $policySettings.DeviceSettings.SmartScreenEnabled) + { $complexDeviceSettings.Add('SmartScreenEnabled', $policySettings.DeviceSettings.SmartScreenEnabled) } - if ($null -ne $policySettings.DeviceSettings.SmartScreenPuaEnabled) { + if ($null -ne $policySettings.DeviceSettings.SmartScreenPuaEnabled) + { $complexDeviceSettings.Add('SmartScreenPuaEnabled', $policySettings.DeviceSettings.SmartScreenPuaEnabled) } - if ($null -ne $policySettings.DeviceSettings.SmartScreenDnsRequestsEnabled) { + if ($null -ne $policySettings.DeviceSettings.SmartScreenDnsRequestsEnabled) + { $complexDeviceSettings.Add('SmartScreenDnsRequestsEnabled', $policySettings.DeviceSettings.SmartScreenDnsRequestsEnabled) } - if ($null -ne $policySettings.DeviceSettings.NewSmartScreenLibraryEnabled) { + if ($null -ne $policySettings.DeviceSettings.NewSmartScreenLibraryEnabled) + { $complexDeviceSettings.Add('NewSmartScreenLibraryEnabled', $policySettings.DeviceSettings.NewSmartScreenLibraryEnabled) } - if ($null -ne $policySettings.DeviceSettings.SmartScreenForTrustedDownloadsEnabled) { + if ($null -ne $policySettings.DeviceSettings.SmartScreenForTrustedDownloadsEnabled) + { $complexDeviceSettings.Add('SmartScreenForTrustedDownloadsEnabled', $policySettings.DeviceSettings.SmartScreenForTrustedDownloadsEnabled) } - if ($null -ne $policySettings.DeviceSettings.PreventSmartScreenPromptOverride) { + if ($null -ne $policySettings.DeviceSettings.PreventSmartScreenPromptOverride) + { $complexDeviceSettings.Add('PreventSmartScreenPromptOverride', $policySettings.DeviceSettings.PreventSmartScreenPromptOverride) } - if ($null -ne $policySettings.DeviceSettings.PreventSmartScreenPromptOverrideForFiles) { + if ($null -ne $policySettings.DeviceSettings.PreventSmartScreenPromptOverrideForFiles) + { $complexDeviceSettings.Add('PreventSmartScreenPromptOverrideForFiles', $policySettings.DeviceSettings.PreventSmartScreenPromptOverrideForFiles) } # Check if $complexDeviceSettings is empty - if ($complexDeviceSettings.Values.Where({ $null -ne $_ }).Count -eq 0) { + if ($complexDeviceSettings.Values.Where({ $null -ne $_ }).Count -eq 0) + { $complexDeviceSettings = $null } $policySettings.Remove('DeviceSettings') | Out-Null @@ -515,12 +642,14 @@ function Get-TargetResource $complexUserSettings = @{} # Add user settings with conditional checks - if ($null -ne $policySettings.UserSettings.DisableSafetyFilterOverrideForAppRepUnknown) { + if ($null -ne $policySettings.UserSettings.DisableSafetyFilterOverrideForAppRepUnknown) + { $complexUserSettings.Add('DisableSafetyFilterOverrideForAppRepUnknown', $policySettings.UserSettings.DisableSafetyFilterOverrideForAppRepUnknown) } # Check if $complexUserSettings is empty - if ($complexUserSettings.Values.Where({ $null -ne $_ }).Count -eq 0) { + if ($complexUserSettings.Values.Where({ $null -ne $_ }).Count -eq 0) + { $complexUserSettings = $null } $policySettings.Remove('UserSettings') | Out-Null @@ -660,7 +789,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Security Baseline Defender For Endpoint with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -692,7 +821,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Security Baseline Defender For Endpoint with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -928,14 +1057,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "49b8320f-e179-472e-8e2c-2fde00289ca2_1" + $policyTemplateID = '49b8320f-e179-472e-8e2c-2fde00289ca2_1' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -961,16 +1090,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -1025,16 +1154,16 @@ function Export-TargetResource -Credential $Credential if ($Results.DeviceSettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "DeviceSettings" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'DeviceSettings' -IsCIMArray:$False } if ($Results.UserSettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "UserSettings" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'UserSettings' -IsCIMArray:$False } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineDefenderForEndpoint/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineDefenderForEndpoint/settings.json index 4e92507acb..3cbd96c4cf 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineDefenderForEndpoint/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineDefenderForEndpoint/settings.json @@ -1,33 +1,32 @@ { "resourceName": "IntuneSecurityBaselineDefenderForEndpoint", "description": "This resource configures an Test Intune Security Baseline Defender For Endpoint.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise.psm1 index e5701e7a4a..46375977e8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise.psm1 @@ -90,7 +90,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -334,7 +334,7 @@ function Get-TargetResource $complexDeviceSettings.Add('L_onenoteexe96', $policySettings.DeviceSettings.l_onenoteexe96) $complexDeviceSettings.Add('L_winprojexe90', $policySettings.DeviceSettings.l_winprojexe90) $complexDeviceSettings.Add('L_winwordexe91', $policySettings.DeviceSettings.l_winwordexe91) - if ($complexDeviceSettings.values.Where({$null -ne $_}).Count -eq 0) + if ($complexDeviceSettings.values.Where({ $null -ne $_ }).Count -eq 0) { $complexDeviceSettings = $null } @@ -569,7 +569,7 @@ function Get-TargetResource $complexUserSettings.Add('L_empty19', $policySettings.UserSettings.l_empty19) $complexUserSettings.Add('MicrosoftWord_Security_L_TurnOffFileValidation', $policySettings.UserSettings.microsoftWord_Security_L_TurnOffFileValidation) $complexUserSettings.Add('MicrosoftWord_Security_TrustCenterTrustedLocations_L_AllowTrustedLocationsOnTheNetwork', $policySettings.UserSettings.microsoftWord_Security_TrustCenterTrustedLocations_L_AllowTrustedLocationsOnTheNetwork) - if ($complexUserSettings.values.Where({$null -ne $_}).Count -eq 0) + if ($complexUserSettings.values.Where({ $null -ne $_ }).Count -eq 0) { $complexUserSettings = $null } @@ -708,7 +708,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Security Baseline Microsoft365 Apps For Enterprise with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -740,7 +740,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Security Baseline Microsoft365 Apps For Enterprise with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -977,14 +977,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "90316f12-246d-44c6-a767-f87692e86083_2" + $policyTemplateID = '90316f12-246d-44c6-a767-f87692e86083_2' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -1010,16 +1010,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -1074,16 +1074,16 @@ function Export-TargetResource -Credential $Credential if ($Results.DeviceSettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "DeviceSettings" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'DeviceSettings' -IsCIMArray:$False } if ($Results.UserSettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "UserSettings" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'UserSettings' -IsCIMArray:$False } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise/settings.json index 0906af650b..3d3a1b93e7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoft365AppsForEnterprise/settings.json @@ -1,41 +1,41 @@ { - "resourceName":"IntuneSecurityBaselineMicrosoft365AppsForEnterprise", - "description":"This resource configures an Intune Security Baseline Microsoft365 Apps For Enterprise.", - "permissions":{ - "graph":{ - "delegated":{ - "read":[ + "resourceName": "IntuneSecurityBaselineMicrosoft365AppsForEnterprise", + "description": "This resource configures an Intune Security Baseline Microsoft365 Apps For Enterprise.", + "permissions": { + "graph": { + "delegated": { + "read": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.Read.All" + "name": "DeviceManagementConfiguration.Read.All" } ], - "update":[ + "update": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.ReadWrite.All" + "name": "DeviceManagementConfiguration.ReadWrite.All" } ] }, - "application":{ - "read":[ + "application": { + "read": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.Read.All" + "name": "DeviceManagementConfiguration.Read.All" } ], - "update":[ + "update": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.ReadWrite.All" + "name": "DeviceManagementConfiguration.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoftEdge/MSFT_IntuneSecurityBaselineMicrosoftEdge.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoftEdge/MSFT_IntuneSecurityBaselineMicrosoftEdge.psm1 index 574cdbd803..27be5e2cbb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoftEdge/MSFT_IntuneSecurityBaselineMicrosoftEdge.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoftEdge/MSFT_IntuneSecurityBaselineMicrosoftEdge.psm1 @@ -190,7 +190,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -460,7 +460,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Security Baseline Microsoft Edge with Name {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -491,7 +491,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Security Baseline Microsoft Edge with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $settings = Get-IntuneSettingCatalogPolicySetting ` -DSCParams ([System.Collections.Hashtable]$BoundParameters) ` @@ -837,14 +837,14 @@ function Export-TargetResource try { #region resource generator code - $policyTemplateID = "c66347b7-8325-4954-a235-3bf2233dfbfd_2" + $policyTemplateID = 'c66347b7-8325-4954-a235-3bf2233dfbfd_2' [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy ` -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object ` -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateID - } + $_.TemplateReference.TemplateId -eq $policyTemplateID + } #endregion $i = 1 @@ -870,16 +870,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.Name - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.Name + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -907,7 +907,7 @@ function Export-TargetResource if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoftEdge/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoftEdge/settings.json index 25e6e71739..9fcec958bb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoftEdge/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSecurityBaselineMicrosoftEdge/settings.json @@ -1,45 +1,44 @@ { - "resourceName": "IntuneSecurityBaselineMicrosoftEdge", - "description": "This resource configures an Intune Security Baseline Microsoft Edge.", - "permissions": { - "graph": { - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] + "resourceName": "IntuneSecurityBaselineMicrosoftEdge", + "description": "This resource configures an Intune Security Baseline Microsoft Edge.", + "permissions": { + "graph": { + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } } } } - -} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10.psm1 index db7301d5fa..10f78935d9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10.psm1 @@ -1036,8 +1036,8 @@ function Export-TargetResource -Filter $Filter ` -All ` -ErrorAction Stop | Where-Object -FilterScript { - $_.TemplateReference.TemplateId -eq $policyTemplateId - } + $_.TemplateReference.TemplateId -eq $policyTemplateId + } if ($policies.Length -eq 0) { @@ -1108,7 +1108,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/MSFT_IntuneSettingCatalogCustomPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/MSFT_IntuneSettingCatalogCustomPolicyWindows10.psm1 index 0893638321..a70eabcd0b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/MSFT_IntuneSettingCatalogCustomPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/MSFT_IntuneSettingCatalogCustomPolicyWindows10.psm1 @@ -145,7 +145,7 @@ function Get-TargetResource $valueName = Get-StringFirstCharacterToLower -Value $valueName $rawValue = $currentSettings.settingInstance.AdditionalProperties.$valueName $complexValue = get-SettingValue -SettingValue $rawValue -SettingValueType $currentSettings.settingInstance.AdditionalProperties.'@odata.type' - $complexSettingInstance.Add($valueName,$complexValue) + $complexSettingInstance.Add($valueName, $complexValue) $mySettings.Add('SettingInstance', $complexSettingInstance) if ($mySettings.values.Where({ $null -ne $_ }).count -gt 0) { @@ -189,8 +189,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -204,7 +204,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential - if ($_.Exception.Message -like "Error: The displayName*") + if ($_.Exception.Message -like 'Error: The displayName*') { throw $_ } @@ -304,9 +304,9 @@ function Set-TargetResource $BoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters $keyToRename = @{ - 'odataType' = '@odata.type' + 'odataType' = '@odata.type' 'StringValue' = 'value' - 'IntValue' = 'value' + 'IntValue' = 'value' } if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') @@ -508,7 +508,7 @@ function Test-TargetResource $testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys -verbose + -ValuesToCheck $ValuesToCheck.Keys -Verbose } Write-Verbose -Message "Test-TargetResource returned $testResult" return $testResult @@ -574,9 +574,9 @@ function Export-TargetResource [array]$getValue = Get-MgBetaDeviceManagementConfigurationPolicy -Filter $Filter -All ` -ErrorAction Stop | Where-Object -FilterScript { ` $_.Platforms -eq 'windows10' -and - $_.Technologies -eq 'mdm' -and - $_.TemplateReference.TemplateFamily -eq 'none' - } + $_.Technologies -eq 'mdm' -and + $_.TemplateReference.TemplateFamily -eq 'none' + } #endregion $i = 1 @@ -729,7 +729,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } @@ -751,7 +751,7 @@ function Export-TargetResource function Get-SettingValue { [CmdletBinding()] - [OutputType([System.Collections.Hashtable],[System.Collections.Hashtable[]])] + [OutputType([System.Collections.Hashtable], [System.Collections.Hashtable[]])] param ( [Parameter()] $SettingValue, @@ -765,10 +765,10 @@ function Get-SettingValue '*ChoiceSettingInstance' { $complexValue = @{} - $complexValue.Add('odataType',$SettingValue.'@odata.type') - $complexValue.Add('Value',$SettingValue.value) + $complexValue.Add('odataType', $SettingValue.'@odata.type') + $complexValue.Add('Value', $SettingValue.value) $children = @() - foreach($child in $SettingValue.children) + foreach ($child in $SettingValue.children) { $complexChild = @{} $complexChild.Add('SettingDefinitionId', $child.settingDefinitionId) @@ -777,20 +777,20 @@ function Get-SettingValue $valueName = Get-StringFirstCharacterToLower -Value $valueName $rawValue = $child.$valueName $childSettingValue = Get-SettingValue -SettingValue $rawValue -SettingValueType $child.'@odata.type' - $complexChild.Add($valueName,$childSettingValue) + $complexChild.Add($valueName, $childSettingValue) $children += $complexChild } - $complexValue.Add('Children',$children) + $complexValue.Add('Children', $children) } '*ChoiceSettingCollectionInstance' { $complexCollection = @() - foreach($item in $SettingValue) + foreach ($item in $SettingValue) { $complexValue = @{} - $complexValue.Add('Value',$item.value) + $complexValue.Add('Value', $item.value) $children = @() - foreach($child in $item.children) + foreach ($child in $item.children) { $complexChild = @{} $complexChild.Add('SettingDefinitionId', $child.settingDefinitionId) @@ -798,60 +798,60 @@ function Get-SettingValue $valueName = $child.'@odata.type'.replace('#microsoft.graph.deviceManagementConfiguration', '').replace('Instance', 'Value') $valueName = Get-StringFirstCharacterToLower -Value $valueName $rawValue = $child.$valueName - $childSettingValue = Get-SettingValue -SettingValue $rawValue -SettingValueType $child.'@odata.type' - $complexChild.Add($valueName,$childSettingValue) + $childSettingValue = Get-SettingValue -SettingValue $rawValue -SettingValueType $child.'@odata.type' + $complexChild.Add($valueName, $childSettingValue) $children += $complexChild } - $complexValue.Add('Children',$children) + $complexValue.Add('Children', $children) $complexCollection += $complexValue } - return ,([hashtable[]]$complexCollection) + return , ([hashtable[]]$complexCollection) } '*SimpleSettingInstance' { $complexValue = @{} - $complexValue.Add('odataType',$SettingValue.'@odata.type') + $complexValue.Add('odataType', $SettingValue.'@odata.type') $valueName = 'IntValue' $value = $SettingValue.value - if($SettingValue.'@odata.type' -ne '#microsoft.graph.deviceManagementConfigurationIntegerSettingValue') + if ($SettingValue.'@odata.type' -ne '#microsoft.graph.deviceManagementConfigurationIntegerSettingValue') { $valueName = 'StringValue' } - $complexValue.Add($valueName,$value) - if($SettingValue.'@odata.type' -eq '#microsoft.graph.deviceManagementConfigurationSecretSettingValue') + $complexValue.Add($valueName, $value) + if ($SettingValue.'@odata.type' -eq '#microsoft.graph.deviceManagementConfigurationSecretSettingValue') { - $complexValue.Add('ValueState',$SettingValue.valueState) + $complexValue.Add('ValueState', $SettingValue.valueState) } } '*SimpleSettingCollectionInstance' { $complexCollection = @() - foreach($item in $SettingValue) + foreach ($item in $SettingValue) { $complexValue = @{} - $complexValue.Add('odataType',$item.'@odata.type') + $complexValue.Add('odataType', $item.'@odata.type') $valueName = 'IntValue' $value = $item.value - if($item.'@odata.type' -ne '#microsoft.graph.deviceManagementConfigurationIntegerSettingValue') + if ($item.'@odata.type' -ne '#microsoft.graph.deviceManagementConfigurationIntegerSettingValue') { $valueName = 'StringValue' } - $complexValue.Add($valueName,$value) - if($item.'@odata.type' -eq '#microsoft.graph.deviceManagementConfigurationSecretSettingValue') + $complexValue.Add($valueName, $value) + if ($item.'@odata.type' -eq '#microsoft.graph.deviceManagementConfigurationSecretSettingValue') { - $complexValue.Add('ValueState',$item.valueState) + $complexValue.Add('ValueState', $item.valueState) } $complexCollection += $complexValue } - return ,([hashtable[]]$complexCollection) + return , ([hashtable[]]$complexCollection) } '*GroupSettingInstance' { $complexValue = @{} - $complexValue.Add('odataType',$SettingValue.'@odata.type') + $complexValue.Add('odataType', $SettingValue.'@odata.type') $children = @() - foreach($child in $SettingValue.children) + foreach ($child in $SettingValue.children) { $complexChild = @{} $complexChild.Add('SettingDefinitionId', $child.settingDefinitionId) @@ -859,21 +859,21 @@ function Get-SettingValue $valueName = $child.'@odata.type'.replace('#microsoft.graph.deviceManagementConfiguration', '').replace('Instance', 'Value') $valueName = Get-StringFirstCharacterToLower -Value $valueName $rawValue = $child.$valueName - $settingValue = Get-SettingValue -SettingValue $rawValue -SettingValueType $child.'@odata.type' - $complexChild.Add($valueName,$settingValue) + $settingValue = Get-SettingValue -SettingValue $rawValue -SettingValueType $child.'@odata.type' + $complexChild.Add($valueName, $settingValue) $children += $complexChild } - $complexValue.Add('Children',$children) + $complexValue.Add('Children', $children) } '*GroupSettingCollectionInstance' { $complexCollection = @() - foreach($groupSettingValue in $SettingValue) + foreach ($groupSettingValue in $SettingValue) { $complexValue = @{} #$complexValue.Add('odataType',$SettingValue.'@odata.type') $children = @() - foreach($child in $groupSettingValue.children) + foreach ($child in $groupSettingValue.children) { $complexChild = @{} $complexChild.Add('SettingDefinitionId', $child.settingDefinitionId) @@ -881,14 +881,14 @@ function Get-SettingValue $valueName = $child.'@odata.type'.replace('#microsoft.graph.deviceManagementConfiguration', '').replace('Instance', 'Value') $valueName = Get-StringFirstCharacterToLower -Value $valueName $rawValue = $child.$valueName - $settingValue = Get-SettingValue -SettingValue $rawValue -SettingValueType $child.'@odata.type' - $complexChild.Add($valueName,$settingValue) + $settingValue = Get-SettingValue -SettingValue $rawValue -SettingValueType $child.'@odata.type' + $complexChild.Add($valueName, $settingValue) $children += $complexChild } - $complexValue.Add('Children',$children) + $complexValue.Add('Children', $children) $complexCollection += $complexValue } - return ,([hashtable[]]$complexCollection) + return , ([hashtable[]]$complexCollection) } } return $complexValue diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/settings.json index c29e518ded..17d4a86e46 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/settings.json @@ -1,45 +1,44 @@ { "resourceName": "IntuneSettingCatalogCustomPolicyWindows10", "description": "This resource configures an Intune Setting Catalog Custom Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "Group.Read.All" - }, - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneWifiConfigurationPolicyAndroidDeviceAdministrator.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneWifiConfigurationPolicyAndroidDeviceAdministrator.psm1 index dcde7e5a1c..85633926f6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneWifiConfigurationPolicyAndroidDeviceAdministrator.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneWifiConfigurationPolicyAndroidDeviceAdministrator.psm1 @@ -109,8 +109,8 @@ function Get-TargetResource if ($null -eq $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidWiFiConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidWiFiConfiguration' ` } } #endregion @@ -147,8 +147,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -318,7 +318,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -689,7 +689,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner.psm1 index b932dcfccb..e040f4a3cc 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner.psm1 @@ -138,8 +138,8 @@ function Get-TargetResource if ($null -eq $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidDeviceOwnerWiFiConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidDeviceOwnerWiFiConfiguration' ` } } #endregion @@ -183,8 +183,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -382,7 +382,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -776,7 +776,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile.psm1 index 7d82dc32fc..ad0a462077 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile.psm1 @@ -109,8 +109,8 @@ function Get-TargetResource if ($null -ne $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidWorkProfileWiFiConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidWorkProfileWiFiConfiguration' ` } } #endregion @@ -147,8 +147,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -317,7 +317,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -684,7 +684,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidForWork/MSFT_IntuneWifiConfigurationPolicyAndroidForWork.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidForWork/MSFT_IntuneWifiConfigurationPolicyAndroidForWork.psm1 index 473d830737..2f64b743c3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidForWork/MSFT_IntuneWifiConfigurationPolicyAndroidForWork.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidForWork/MSFT_IntuneWifiConfigurationPolicyAndroidForWork.psm1 @@ -109,8 +109,8 @@ function Get-TargetResource if ($null -eq $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidForWorkWiFiConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidForWorkWiFiConfiguration' ` } } #endregion @@ -147,8 +147,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -317,7 +317,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -683,7 +683,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject.psm1 index c8e7f22270..ff45215fab 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject.psm1 @@ -117,8 +117,8 @@ function Get-TargetResource if ($null -eq $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.aospDeviceOwnerWiFiConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.aospDeviceOwnerWiFiConfiguration' ` } } #endregion @@ -157,8 +157,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -335,7 +335,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -709,7 +709,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyIOS/MSFT_IntuneWifiConfigurationPolicyIOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyIOS/MSFT_IntuneWifiConfigurationPolicyIOS.psm1 index 9e552fe569..628cd3fc7c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyIOS/MSFT_IntuneWifiConfigurationPolicyIOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyIOS/MSFT_IntuneWifiConfigurationPolicyIOS.psm1 @@ -134,8 +134,8 @@ function Get-TargetResource if ($null -eq $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.iosWiFiConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.iosWiFiConfiguration' ` } } #endregion @@ -178,8 +178,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -764,7 +764,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyMacOS/MSFT_IntuneWifiConfigurationPolicyMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyMacOS/MSFT_IntuneWifiConfigurationPolicyMacOS.psm1 index 4832a845dd..5fae242f57 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyMacOS/MSFT_IntuneWifiConfigurationPolicyMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyMacOS/MSFT_IntuneWifiConfigurationPolicyMacOS.psm1 @@ -130,8 +130,8 @@ function Get-TargetResource if ($null -eq $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.macOSWiFiConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.macOSWiFiConfiguration' ` } } #endregion @@ -173,8 +173,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -750,7 +750,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyWindows10/MSFT_IntuneWifiConfigurationPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyWindows10/MSFT_IntuneWifiConfigurationPolicyWindows10.psm1 index a547a4a54d..801c8bd986 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyWindows10/MSFT_IntuneWifiConfigurationPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyWindows10/MSFT_IntuneWifiConfigurationPolicyWindows10.psm1 @@ -143,8 +143,8 @@ function Get-TargetResource if ($null -eq $getValue) { $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -All -Filter "DisplayName eq '$Displayname'" -ErrorAction SilentlyContinue | Where-Object ` - -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windowsWifiConfiguration' ` + -FilterScript { ` + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windowsWifiConfiguration' ` } } #endregion @@ -189,8 +189,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -793,7 +793,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.psm1 index e2f3507941..0bb5e68907 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.psm1 @@ -115,7 +115,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementWindowsAutopilotDeploymentProfile -WindowsAutopilotDeploymentProfileId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementWindowsAutopilotDeploymentProfile -WindowsAutopilotDeploymentProfileId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -204,9 +204,9 @@ function Get-TargetResource #endregion } $rawAssignments = @() - $rawAssignments = Get-MgBetaDeviceManagementWindowsAutopilotDeploymentProfileAssignment -WindowsAutopilotDeploymentProfileId $Id -All + $rawAssignments = Get-MgBetaDeviceManagementWindowsAutopilotDeploymentProfileAssignment -WindowsAutopilotDeploymentProfileId $Id -All $assignmentResult = @() - if($null -ne $rawAssignments -and $rawAssignments.count -gt 0) + if ($null -ne $rawAssignments -and $rawAssignments.count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment -Assignments $rawAssignments -IncludeDeviceFilter $false } @@ -352,12 +352,12 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.activeDirectoryWindowsAutopilotDeploymentProfile") + $CreateParameters.Add('@odata.type', '#microsoft.graph.activeDirectoryWindowsAutopilotDeploymentProfile') $policy = New-MgBetaDeviceManagementWindowsAutopilotDeploymentProfile -BodyParameter $CreateParameters #endregion #region new Intune assignment management $intuneAssignments = @() - if($null -ne $Assignments -and $Assignments.count -gt 0) + if ($null -ne $Assignments -and $Assignments.count -gt 0) { $intuneAssignments += ConvertTo-IntunePolicyAssignment -Assignments $Assignments } @@ -388,7 +388,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.activeDirectoryWindowsAutopilotDeploymentProfile") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.activeDirectoryWindowsAutopilotDeploymentProfile') Update-MgBetaDeviceManagementWindowsAutopilotDeploymentProfile ` -WindowsAutopilotDeploymentProfileId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -397,13 +397,13 @@ function Set-TargetResource $currentAssignments = @() $currentAssignments += Get-MgBetaDeviceManagementWindowsAutopilotDeploymentProfileAssignment -WindowsAutopilotDeploymentProfileId $currentInstance.id $intuneAssignments = @() - if($null -ne $Assignments -and $Assignments.count -gt 0) + if ($null -ne $Assignments -and $Assignments.count -gt 0) { $intuneAssignments = ConvertTo-IntunePolicyAssignment -Assignments $Assignments } foreach ($assignment in $intuneAssignments) { - if ( $null -eq ($currentAssignments | Where-Object { $_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties."@odata.type" -eq $assignment.Target.'@odata.type' })) + if ( $null -eq ($currentAssignments | Where-Object { $_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties.'@odata.type' -eq $assignment.Target.'@odata.type' })) { New-MgBetaDeviceManagementWindowsAutopilotDeploymentProfileAssignment ` -WindowsAutopilotDeploymentProfileId $currentInstance.id ` @@ -411,10 +411,10 @@ function Set-TargetResource } else { - $currentAssignments = $currentAssignments | Where-Object { -not($_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties."@odata.type" -eq $assignment.Target.'@odata.type') } + $currentAssignments = $currentAssignments | Where-Object { -not($_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties.'@odata.type' -eq $assignment.Target.'@odata.type') } } } - if($currentAssignments.count -gt 0) + if ($currentAssignments.count -gt 0) { foreach ($assignment in $currentAssignments) { @@ -775,7 +775,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined.psm1 index c0d035c25e..8850cc0c2d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined.psm1 @@ -111,8 +111,8 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementWindowsAutopilotDeploymentProfile -WindowsAutopilotDeploymentProfileId $Id -ErrorAction SilentlyContinue ` - | Where-Object -FilterScript {$null -ne $_.DisplayName} + $getValue = Get-MgBetaDeviceManagementWindowsAutopilotDeploymentProfile -WindowsAutopilotDeploymentProfileId $Id -ErrorAction SilentlyContinue ` + | Where-Object -FilterScript { $null -ne $_.DisplayName } if ($null -eq $getValue) { @@ -124,7 +124,7 @@ function Get-TargetResource -All ` -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue ` - | Where-Object -FilterScript {$null -ne $_.DisplayName} + | Where-Object -FilterScript { $null -ne $_.DisplayName } } } #endregion @@ -134,7 +134,7 @@ function Get-TargetResource return $nullResult } - if($getValue -is [Array]) + if ($getValue -is [Array]) { Throw "The DisplayName {$DisplayName} returned multiple policies, make sure DisplayName is unique." } @@ -208,9 +208,9 @@ function Get-TargetResource } $rawAssignments = @() - $rawAssignments = Get-MgBetaDeviceManagementWindowsAutopilotDeploymentProfileAssignment -WindowsAutopilotDeploymentProfileId $Id -All + $rawAssignments = Get-MgBetaDeviceManagementWindowsAutopilotDeploymentProfileAssignment -WindowsAutopilotDeploymentProfileId $Id -All $assignmentResult = @() - if($null -ne $rawAssignments -and $rawAssignments.count -gt 0) + if ($null -ne $rawAssignments -and $rawAssignments.count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment -Assignments $rawAssignments -IncludeDeviceFilter $false } @@ -352,13 +352,13 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.azureADWindowsAutopilotDeploymentProfile") + $CreateParameters.Add('@odata.type', '#microsoft.graph.azureADWindowsAutopilotDeploymentProfile') $policy = New-MgBetaDeviceManagementWindowsAutopilotDeploymentProfile -BodyParameter $CreateParameters #endregion #region new Intune assignment management $intuneAssignments = @() - if($null -ne $Assignments -and $Assignments.count -gt 0) + if ($null -ne $Assignments -and $Assignments.count -gt 0) { $intuneAssignments += ConvertTo-IntunePolicyAssignment -Assignments $Assignments } @@ -389,7 +389,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.azureADWindowsAutopilotDeploymentProfile") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.azureADWindowsAutopilotDeploymentProfile') Update-MgBetaDeviceManagementWindowsAutopilotDeploymentProfile ` -WindowsAutopilotDeploymentProfileId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -400,13 +400,13 @@ function Set-TargetResource $currentAssignments += Get-MgBetaDeviceManagementWindowsAutopilotDeploymentProfileAssignment -WindowsAutopilotDeploymentProfileId $currentInstance.id $intuneAssignments = @() - if($null -ne $Assignments -and $Assignments.count -gt 0) + if ($null -ne $Assignments -and $Assignments.count -gt 0) { $intuneAssignments += ConvertTo-IntunePolicyAssignment -Assignments $Assignments } foreach ($assignment in $intuneAssignments) { - if ( $null -eq ($currentAssignments | Where-Object { $_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties."@odata.type" -eq $assignment.Target.'@odata.type' })) + if ( $null -eq ($currentAssignments | Where-Object { $_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties.'@odata.type' -eq $assignment.Target.'@odata.type' })) { New-MgBetaDeviceManagementWindowsAutopilotDeploymentProfileAssignment ` -WindowsAutopilotDeploymentProfileId $currentInstance.id ` @@ -414,10 +414,10 @@ function Set-TargetResource } else { - $currentAssignments = $currentAssignments | Where-Object { -not($_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties."@odata.type" -eq $assignment.Target.'@odata.type') } + $currentAssignments = $currentAssignments | Where-Object { -not($_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties.'@odata.type' -eq $assignment.Target.'@odata.type') } } } - if($currentAssignments.count -gt 0) + if ($currentAssignments.count -gt 0) { foreach ($assignment in $currentAssignments) { @@ -572,7 +572,10 @@ function Test-TargetResource -Source ($source) ` -Target ($target) - if (-Not $testResult) { break } + if (-Not $testResult) + { + break + } $ValuesToCheck.Remove($key) | Out-Null } @@ -768,7 +771,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.psm1 index 14e808dc25..e1cc0cf279 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.psm1 @@ -1261,7 +1261,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessDriverUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessDriverUpdateProfileWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessDriverUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessDriverUpdateProfileWindows10.psm1 index dfb244cf9e..84996211bf 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessDriverUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessDriverUpdateProfileWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessDriverUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessDriverUpdateProfileWindows10.psm1 @@ -146,8 +146,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.psm1 index 9fdd60d498..6b747bf972 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.psm1 @@ -93,7 +93,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementWindowsFeatureUpdateProfile -WindowsFeatureUpdateProfileId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementWindowsFeatureUpdateProfile -WindowsFeatureUpdateProfileId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -105,8 +105,8 @@ function Get-TargetResource -All ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { - $_.DisplayName -eq $DisplayName - } + $_.DisplayName -eq $DisplayName + } } } #endregion @@ -160,8 +160,8 @@ function Get-TargetResource if ($assignmentsValues.Count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment ` - -IncludeDeviceFilter:$true ` - -Assignments ($assignmentsValues) + -IncludeDeviceFilter:$true ` + -Assignments ($assignmentsValues) } $results.Add('Assignments', $assignmentResult) @@ -296,8 +296,8 @@ function Set-TargetResource { $BoundParameters.RolloutSettings = @{ OfferStartDateTimeInUTC = $null - OfferEndDateTimeInUTC = $null - OfferIntervalInDays = $null + OfferEndDateTimeInUTC = $null + OfferIntervalInDays = $null } } @@ -607,7 +607,7 @@ function Test-TargetResource if (($offerStartDate -ne [datetime]::MinValue -and $offerStartDate -lt $currentTime) ` -and ($offerEndDate -ne [datetime]::MinValue -and $offerEndDate -lt $currentTime)) { - Write-Verbose -Message "Start and end time are in the past, skip the configuration." + Write-Verbose -Message 'Start and end time are in the past, skip the configuration.' Write-Verbose -Message "Test-TargetResource returned $true" return $true } @@ -641,8 +641,8 @@ function Test-TargetResource if ($testResult -and $offerEndDate -ne [datetime]::MinValue -and $currentOfferEndDate -ne [datetime]::MinValue) { if ($offerStartDate -ne $currentOfferStartDate ` - -and $offerStartDate -gt $currentTime ` - -and $offerStartDate -lt $currentTime.AddDays(2)) + -and $offerStartDate -gt $currentTime ` + -and $offerStartDate -lt $currentTime.AddDays(2)) { Write-Verbose -Message 'OfferStartDateTimeInUTC must be greater than the current time + 2 days to be changable if OfferEndDateTimeInUTC is specified, resetting testResult to true.' $testResult = $true @@ -743,7 +743,7 @@ function Export-TargetResource # [array]$getValue = Get-MgBetaDeviceManagementWindowsFeatureUpdateProfile -Filter $Filter -All -ErrorAction Stop if (-not [string]::IsNullOrEmpty($Filter)) { - Write-Warning -Message "Microsoft Graph filter is not supported on this resource. Only best-effort filtering using startswith, endswith and contains is supported." + Write-Warning -Message 'Microsoft Graph filter is not supported on this resource. Only best-effort filtering using startswith, endswith and contains is supported.' $complexFunctions = Get-ComplexFunctionsFromFilterQuery -FilterQuery $Filter $Filter = Remove-ComplexFunctionsFromFilterQuery -FilterQuery $Filter } @@ -844,7 +844,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/readme.md index 43ba886fcb..4c0c37a44a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/readme.md +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/readme.md @@ -7,19 +7,19 @@ Intune Windows Update For Business Feature Update Profile for Windows10 ## RolloutSettings -The RolloutSettings for this resource have the following constraints and notes: +The RolloutSettings for this resource have the following constraints and notes: * When creating a policy: - * If only a start date is specified, then the start date must be at least today. + * If only a start date is specified, then the start date must be at least today. * If the desired state date is before the current date, it will be adjusted to the current date. - * If a start and end date is specified, the start date must be the current date + 2 days, and + * If a start and end date is specified, the start date must be the current date + 2 days, and the end date must be at least one day after the start date. * If the start date is before the current date + 2 days, it will be adjusted to this date. * When updating a policy: - * If only a start date is specified, then the start date must either be the date from the current - configuration or the current date (or later). + * If only a start date is specified, then the start date must either be the date from the current + configuration or the current date (or later). * If the desired state date is before the current date, it will be adjusted to the current date. - * If a start and end date is specified, the start date must be the current date + 2 days, and + * If a start and end date is specified, the start date must be the current date + 2 days, and the end date must be at least one day after the start date. * If the start date is before the current date + 2 days, it will be adjusted to this date. * When testing a policy: diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10.psm1 index 6948b0b3ce..7a774e7197 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10.psm1 @@ -86,7 +86,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementWindowsQualityUpdateProfile -WindowsQualityUpdateProfileId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementWindowsQualityUpdateProfile -WindowsQualityUpdateProfileId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -97,8 +97,8 @@ function Get-TargetResource $getValue = Get-MgBetaDeviceManagementWindowsQualityUpdateProfile ` -All ` -ErrorAction SilentlyContinue | Where-Object -FilterScript { - $_.DisplayName -eq $DisplayName - } + $_.DisplayName -eq $DisplayName + } } } #endregion @@ -114,7 +114,7 @@ function Get-TargetResource $complexExpeditedUpdateSettings = @{} $complexExpeditedUpdateSettings.Add('DaysUntilForcedReboot', $getValue.ExpeditedUpdateSettings.daysUntilForcedReboot) $complexExpeditedUpdateSettings.Add('QualityUpdateRelease', $getValue.ExpeditedUpdateSettings.qualityUpdateRelease) - if ($complexExpeditedUpdateSettings.values.Where({$null -ne $_}).Count -eq 0) + if ($complexExpeditedUpdateSettings.values.Where({ $null -ne $_ }).Count -eq 0) { $complexExpeditedUpdateSettings = $null } @@ -122,18 +122,18 @@ function Get-TargetResource $results = @{ #region resource generator code - Description = $getValue.Description - DisplayName = $getValue.DisplayName - ExpeditedUpdateSettings = $complexExpeditedUpdateSettings - RoleScopeTagIds = $getValue.RoleScopeTagIds - Id = $getValue.Id - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent + Description = $getValue.Description + DisplayName = $getValue.DisplayName + ExpeditedUpdateSettings = $complexExpeditedUpdateSettings + RoleScopeTagIds = $getValue.RoleScopeTagIds + Id = $getValue.Id + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent #endregion } @@ -238,7 +238,7 @@ function Set-TargetResource if ($ExpeditedUpdateSettings.DaysUntilForcedReboot -lt 0 -or $ExpeditedUpdateSettings.DaysUntilForcedReboot -gt 2) { - throw "DaysUntilForcedReboot must be between 0 and 2." + throw 'DaysUntilForcedReboot must be between 0 and 2.' } $currentInstance = Get-TargetResource @PSBoundParameters @@ -248,7 +248,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Windows Update For Business Quality Update Profile for Windows10 with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $createParameters = ([Hashtable]$BoundParameters).clone() $createParameters = Rename-M365DSCCimInstanceParameter -Properties $createParameters @@ -278,7 +278,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Windows Update For Business Quality Update Profile for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $updateParameters = ([Hashtable]$BoundParameters).clone() $updateParameters = Rename-M365DSCCimInstanceParameter -Properties $updateParameters @@ -394,7 +394,7 @@ function Test-TargetResource if ($ExpeditedUpdateSettings.DaysUntilForcedReboot -lt 0 -or $ExpeditedUpdateSettings.DaysUntilForcedReboot -gt 2) { - throw "DaysUntilForcedReboot must be between 0 and 2." + throw 'DaysUntilForcedReboot must be between 0 and 2.' } Write-Verbose -Message "Testing configuration of the Intune Windows Update For Business Quality Update Profile for Windows10 with Id {$Id} and DisplayName {$DisplayName}" @@ -509,7 +509,7 @@ function Export-TargetResource # [array]$getValue = Get-MgBetaDeviceManagementWindowsQualityUpdateProfile -Filter $Filter -All -ErrorAction Stop if (-not [string]::IsNullOrEmpty($Filter)) { - Write-Warning -Message "Microsoft Graph filter is not supported on this resource. Only best-effort filtering using startswith, endswith and contains is supported." + Write-Warning -Message 'Microsoft Graph filter is not supported on this resource. Only best-effort filtering using startswith, endswith and contains is supported.' $complexFunctions = Get-ComplexFunctionsFromFilterQuery -FilterQuery $Filter $Filter = Remove-ComplexFunctionsFromFilterQuery -FilterQuery $Filter } @@ -536,16 +536,16 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -586,12 +586,12 @@ function Export-TargetResource -Credential $Credential if ($Results.ExpeditedUpdateSettings) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "ExpeditedUpdateSettings" -IsCIMArray:$False + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'ExpeditedUpdateSettings' -IsCIMArray:$False } if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -IsCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10/settings.json index 836f8affe2..a5f0fc4fc6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10/settings.json @@ -1,41 +1,41 @@ { - "resourceName":"IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10", - "description":"This resource configures an Intune Windows Update For Business Quality Update Profile for Windows10.", - "permissions":{ - "graph":{ - "delegated":{ - "read":[ + "resourceName": "IntuneWindowsUpdateForBusinessQualityUpdateProfileWindows10", + "description": "This resource configures an Intune Windows Update For Business Quality Update Profile for Windows10.", + "permissions": { + "graph": { + "delegated": { + "read": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.Read.All" + "name": "DeviceManagementConfiguration.Read.All" } ], - "update":[ + "update": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.ReadWrite.All" + "name": "DeviceManagementConfiguration.ReadWrite.All" } ] }, - "application":{ - "read":[ + "application": { + "read": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.Read.All" + "name": "DeviceManagementConfiguration.Read.All" } ], - "update":[ + "update": [ { "name": "Group.Read.All" }, { - "name":"DeviceManagementConfiguration.ReadWrite.All" + "name": "DeviceManagementConfiguration.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.psm1 index 8c0c75447f..c6f949c65e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.psm1 @@ -223,7 +223,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -419,9 +419,9 @@ function Get-TargetResource } $rawAssignments = @() - $rawAssignments = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id -All + $rawAssignments = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id -All $assignmentResult = @() - if($null -ne $rawAssignments -and $rawAssignments.count -gt 0) + if ($null -ne $rawAssignments -and $rawAssignments.count -gt 0) { $assignmentResult += ConvertFrom-IntunePolicyAssignment -Assignments $rawAssignments } @@ -684,12 +684,12 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windowsUpdateForBusinessConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windowsUpdateForBusinessConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters #endregion #region new Intune assignment management $intuneAssignments = @() - if($null -ne $Assignments -and $Assignments.count -gt 0) + if ($null -ne $Assignments -and $Assignments.count -gt 0) { $intuneAssignments += ConvertTo-IntunePolicyAssignment -Assignments $Assignments } @@ -720,7 +720,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windowsUpdateForBusinessConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windowsUpdateForBusinessConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.id ` -BodyParameter $UpdateParameters @@ -730,13 +730,13 @@ function Set-TargetResource $currentAssignments += Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $currentInstance.id $intuneAssignments = @() - if($null -ne $Assignments -and $Assignments.count -gt 0) + if ($null -ne $Assignments -and $Assignments.count -gt 0) { $intuneAssignments += ConvertTo-IntunePolicyAssignment -Assignments $Assignments } foreach ($assignment in $intuneAssignments) { - if ( $null -eq ($currentAssignments | Where-Object { $_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties."@odata.type" -eq $assignment.Target.'@odata.type' })) + if ( $null -eq ($currentAssignments | Where-Object { $_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties.'@odata.type' -eq $assignment.Target.'@odata.type' })) { New-MgBetaDeviceManagementDeviceConfigurationAssignment ` -DeviceConfigurationId $currentInstance.id ` @@ -744,10 +744,10 @@ function Set-TargetResource } else { - $currentAssignments = $currentAssignments | Where-Object { -not($_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties."@odata.type" -eq $assignment.Target.'@odata.type') } + $currentAssignments = $currentAssignments | Where-Object { -not($_.Target.AdditionalProperties.groupId -eq $assignment.Target.groupId -and $_.Target.AdditionalProperties.'@odata.type' -eq $assignment.Target.'@odata.type') } } } - if($currentAssignments.count -gt 0) + if ($currentAssignments.count -gt 0) { foreach ($assignment in $currentAssignments) { @@ -1004,7 +1004,10 @@ function Test-TargetResource -Source ($source) ` -Target ($target) - if (-Not $testResult) { break } + if (-Not $testResult) + { + break + } $ValuesToCheck.Remove($key) | Out-Null } @@ -1185,7 +1188,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 index 8ada1a8d24..f94337bff5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 @@ -167,7 +167,7 @@ function Test-TargetResource if ($null -ne $PSBoundParameters.ApplicationSecret) { - $params.Add("ApplicationSecret", $PSBoundParameters.ApplicationSecret) + $params.Add('ApplicationSecret', $PSBoundParameters.ApplicationSecret) } Write-Verbose -Message "Importing module from Path {$($module)}" @@ -199,11 +199,11 @@ function Test-TargetResource M365TenantConfig -ConfigurationData .\ConfigurationData.psd1 "@ - Write-Verbose -Message "Converting the retrieved instances into DSC Objects" + Write-Verbose -Message 'Converting the retrieved instances into DSC Objects' $DSCConvertedInstances = ConvertTo-DSCObject -Content $DSCStringContent Write-Verbose -Message "Successfully converted {$($DSCConvertedInstances.Length)} DSC Objects." - Write-Verbose -Message "Querying DSC Objects for invalid instances based on the specified Rule Definition." + Write-Verbose -Message 'Querying DSC Objects for invalid instances based on the specified Rule Definition.' if ($RuleDefinition -eq '*') { [Array]$instances = $DSCConvertedInstances @@ -219,24 +219,24 @@ function Test-TargetResource $result = ($instances.Length - $DSCConvertedInstances.Length) -eq 0 $message = [System.Text.StringBuilder]::New() - [void]$message.AppendLine("") + [void]$message.AppendLine('') [void]$message.AppendLine(" $ResourceTypeName") [void]$message.AppendLine(" $RuleDefinition") if ($instances.Length -eq 0) { [array]$invalidInstances = $DSCConvertedInstances.ResourceInstanceName - [void]$message.AppendLine(" ") - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') + [void]$message.AppendLine(' ') } else { if (-not [System.String]::IsNullOrEmpty($AfterRuleCountQuery)) { - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') [void]$message.AppendLine(" $AfterRuleCountQuery") - Write-Verbose -Message "Checking the After Rule Count Query" + Write-Verbose -Message 'Checking the After Rule Count Query' $afterRuleCountQueryString = "`$instances.Length $AfterRuleCountQuery" $afterRuleCountQueryBlock = [Scriptblock]::Create($afterRuleCountQueryString) $result = [Boolean](Invoke-Command -ScriptBlock $afterRuleCountQueryBlock) @@ -245,37 +245,37 @@ function Test-TargetResource if (-not $result) { - [void]$message.AppendLine(" False") - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' False') + [void]$message.AppendLine(' ') if ($validInstances.Count -gt 0) { - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') foreach ($validInstance in $validInstances) { [void]$message.AppendLine(" [$ResourceTypeName]$validInstance") } - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') } else { - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') } } else { - [void]$message.AppendLine(" True") - [void]$message.AppendLine(" ") - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' True') + [void]$message.AppendLine(' ') + [void]$message.AppendLine(' ') foreach ($validInstance in $validInstances) { [void]$message.AppendLine(" [$ResourceTypeName]$validInstance") } - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') } } else { - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') $compareInstances = @() $compareInstances += Compare-Object -ReferenceObject $DSCConvertedInstances.ResourceInstanceName -DifferenceObject $instances.ResourceInstanceName -IncludeEqual @@ -292,16 +292,16 @@ function Test-TargetResource if ($validInstances.Count -gt 0) { - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') foreach ($validInstance in $validInstances) { [void]$message.AppendLine(" [$ResourceTypeName]$validInstance") } - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') } else { - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') } } } @@ -309,18 +309,18 @@ function Test-TargetResource # Log drifts for each invalid instances found. if ($invalidInstances.Count -gt 0) { - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') foreach ($invalidInstance in $invalidInstances) { [void]$message.AppendLine(" [$ResourceTypeName]$invalidInstance") } - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') } else { - [void]$message.AppendLine(" ") + [void]$message.AppendLine(' ') } - [void]$message.AppendLine("") + [void]$message.AppendLine('') $Parameters = @{ Message = $message.ToString() diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365ExternalConnection/MSFT_O365ExternalConnection.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_O365ExternalConnection/MSFT_O365ExternalConnection.psm1 index fd8834c6c3..2b8e1597e2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365ExternalConnection/MSFT_O365ExternalConnection.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365ExternalConnection/MSFT_O365ExternalConnection.psm1 @@ -73,12 +73,12 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($Id)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } if ($null -eq $instance) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } } else @@ -223,9 +223,9 @@ function Set-TargetResource } } $body = @{ - id = $Id - name = $Name - description = $Description + id = $Id + name = $Name + description = $Description configuration = @{ AuthorizedAppIds = $AuthorizedAppIdsValue } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.psm1 index 8d6020d84d..3533a0e8a9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.psm1 @@ -581,7 +581,8 @@ function Export-TargetResource All = [switch]$true ErrorAction = 'Stop' } - if ($Filter -like "*endsWith*") { + if ($Filter -like '*endsWith*') + { $ExportParameters.Add('CountVariable', 'count') $ExportParameters.Add('ConsistencyLevel', 'eventual') } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/MSFT_O365OrgSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/MSFT_O365OrgSettings.psm1 index 2381352852..da043b7400 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/MSFT_O365OrgSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/MSFT_O365OrgSettings.psm1 @@ -163,7 +163,7 @@ function Get-TargetResource # Workaround for issue when if connected to S+C prior to calling cmdlet, an error about an invalid token is thrown. # If connected to S+C, then we need to re-initialize the connection to EXO. if ($Global:MSCloudLoginConnectionProfile.SecurityComplianceCenter.Connected -and ` - $Global:MSCloudLoginConnectionProfile.ExchangeOnline.Connected) + $Global:MSCloudLoginConnectionProfile.ExchangeOnline.Connected) { $Global:MSCloudLoginConnectionProfile.ExchangeOnline.Disconnect() $Global:MSCloudLoginConnectionProfile.SecurityComplianceCenter.Connected = $false @@ -204,7 +204,7 @@ function Get-TargetResource $M365WebEnableUsersToOpenFilesFrom3PStorageValue = Get-MgServicePrincipal -Filter "appId eq '$OfficeOnlineId'" -Property 'AccountEnabled' -ErrorAction SilentlyContinue if ($null -eq $M365WebEnableUsersToOpenFilesFrom3PStorageValue) { - Write-Verbose -Message "Registering the Office on the web Service Principal" + Write-Verbose -Message 'Registering the Office on the web Service Principal' New-MgServicePrincipal -AppId 'c1f33bc0-bdb4-4248-ba9b-096807ddb43e' -ErrorAction Stop | Out-Null $M365WebEnableUsersToOpenFilesFrom3PStorageValue = Get-MgServicePrincipal -Filter "appId eq '$OfficeOnlineId'" -Property 'AccountEnabled' -ErrorAction SilentlyContinue } @@ -308,7 +308,7 @@ function Get-TargetResource $servicePrincipal = Get-MgServicePrincipal -Filter "appid eq 'ebe0c285-db95-403f-a1a3-a793bd6d7767'" if ($null -eq $servicePrincipal) { - Write-Verbose -Message "Registering the MRO Device Manager Service Principal" + Write-Verbose -Message 'Registering the MRO Device Manager Service Principal' New-MgServicePrincipal -AppId 'ebe0c285-db95-403f-a1a3-a793bd6d7767' -ErrorAction Stop | Out-Null } } @@ -359,13 +359,13 @@ function Get-TargetResource if ($null -ne $FormsSettings) { $results += @{ - FormsIsExternalSendFormEnabled = $FormsSettings.isExternalSendFormEnabled - FormsIsExternalShareCollaborationEnabled = $FormsSettings.isExternalShareCollaborationEnabled - FormsIsExternalShareResultEnabled = $FormsSettings.isExternalShareResultEnabled - FormsIsExternalShareTemplateEnabled = $FormsSettings.isExternalShareTemplateEnabled - FormsIsRecordIdentityByDefaultEnabled = $FormsSettings.isRecordIdentityByDefaultEnabled - FormsIsBingImageSearchEnabled = $FormsSettings.isBingImageSearchEnabled - FormsIsInOrgFormsPhishingScanEnabled = $FormsSettings.isInOrgFormsPhishingScanEnabled + FormsIsExternalSendFormEnabled = $FormsSettings.isExternalSendFormEnabled + FormsIsExternalShareCollaborationEnabled = $FormsSettings.isExternalShareCollaborationEnabled + FormsIsExternalShareResultEnabled = $FormsSettings.isExternalShareResultEnabled + FormsIsExternalShareTemplateEnabled = $FormsSettings.isExternalShareTemplateEnabled + FormsIsRecordIdentityByDefaultEnabled = $FormsSettings.isRecordIdentityByDefaultEnabled + FormsIsBingImageSearchEnabled = $FormsSettings.isBingImageSearchEnabled + FormsIsInOrgFormsPhishingScanEnabled = $FormsSettings.isInOrgFormsPhishingScanEnabled } } @@ -385,8 +385,8 @@ function Get-TargetResource if ($null -ne $AppsAndServicesSettings) { $results += @{ - AppsAndServicesIsOfficeStoreEnabled = $AppsAndServicesSettings.isOfficeStoreEnabled - AppsAndServicesIsAppAndServicesTrialEnabled = $AppsAndServicesSettings.IsAppAndServicesTrialEnabled + AppsAndServicesIsOfficeStoreEnabled = $AppsAndServicesSettings.isOfficeStoreEnabled + AppsAndServicesIsAppAndServicesTrialEnabled = $AppsAndServicesSettings.IsAppAndServicesTrialEnabled } } @@ -395,9 +395,9 @@ function Get-TargetResource if ($null -ne $ToDoSettings) { $results += @{ - ToDoIsPushNotificationEnabled = $ToDoSettings.IsPushNotificationEnabled - ToDoIsExternalJoinEnabled = $ToDoSettings.IsExternalJoinEnabled - ToDoIsExternalShareEnabled = $ToDoSettings.IsExternalShareEnabled + ToDoIsPushNotificationEnabled = $ToDoSettings.IsPushNotificationEnabled + ToDoIsExternalJoinEnabled = $ToDoSettings.IsExternalJoinEnabled + ToDoIsExternalShareEnabled = $ToDoSettings.IsExternalShareEnabled } } @@ -597,7 +597,7 @@ function Set-TargetResource Write-Verbose -Message "Updating the Microsoft 365 On the Web setting to {$M365WebEnableUsersToOpenFilesFrom3PStorage}" $OfficeOnlineId = 'c1f33bc0-bdb4-4248-ba9b-096807ddb43e' $M365WebEnableUsersToOpenFilesFrom3PStorageValue = Get-MgServicePrincipal -Filter "appId eq '$OfficeOnlineId'" -Property 'AccountEnabled, Id' - Update-MgservicePrincipal -ServicePrincipalId $($M365WebEnableUsersToOpenFilesFrom3PStorageValue.Id) ` + Update-MgServicePrincipal -ServicePrincipalId $($M365WebEnableUsersToOpenFilesFrom3PStorageValue.Id) ` -AccountEnabled:$M365WebEnableUsersToOpenFilesFrom3PStorage } if ($PSBoundParameters.ContainsKey('PlannerAllowCalendarSharing') -and ` @@ -624,7 +624,7 @@ function Set-TargetResource # Microsoft Viva Briefing Email if ($null -ne $MicrosoftVivaBriefingEmail) { - Write-Verbose -Message "DEPRECATED - The MicrosoftVivaBriefingEmail parameter is deprecated and will be ignored." + Write-Verbose -Message 'DEPRECATED - The MicrosoftVivaBriefingEmail parameter is deprecated and will be ignored.' } #$briefingValue = 'opt-out' @@ -639,29 +639,29 @@ function Set-TargetResource if ($PSBoundParameters.ContainsKey('VivaInsightsWebExperience') -and ` ($currentValues.VivaInsightsWebExperience -ne $VivaInsightsWebExperience)) { - Write-Verbose -Message "Updating Viva Insights settings for Web Experience" - Set-DefaultTenantMyAnalyticsFeatureConfig -Feature "Dashboard" -IsEnabled $VivaInsightsWebExperience -Verbose:$false | Out-Null + Write-Verbose -Message 'Updating Viva Insights settings for Web Experience' + Set-DefaultTenantMyAnalyticsFeatureConfig -Feature 'Dashboard' -IsEnabled $VivaInsightsWebExperience -Verbose:$false | Out-Null } if ($PSBoundParameters.ContainsKey('VivaInsightsDigestEmail') -and ` ($currentValues.VivaInsightsDigestEmail -ne $VivaInsightsDigestEmail)) { - Write-Verbose -Message "Updating Viva Insights settings for Digest Email" - Set-DefaultTenantMyAnalyticsFeatureConfig -Feature "Digest-email" -IsEnabled $VivaInsightsDigestEmail -Verbose:$false | Out-Null + Write-Verbose -Message 'Updating Viva Insights settings for Digest Email' + Set-DefaultTenantMyAnalyticsFeatureConfig -Feature 'Digest-email' -IsEnabled $VivaInsightsDigestEmail -Verbose:$false | Out-Null } if ($PSBoundParameters.ContainsKey('VivaInsightsOutlookAddInAndInlineSuggestions') -and ` ($currentValues.VivaInsightsOutlookAddInAndInlineSuggestions -ne $VivaInsightsOutlookAddInAndInlineSuggestions)) { - Write-Verbose -Message "Updating Viva Insights settings for Addin and Inline Suggestions" - Set-DefaultTenantMyAnalyticsFeatureConfig -Feature "Add-In" -IsEnabled $VivaInsightsOutlookAddInAndInlineSuggestions -Verbose:$false | Out-Null + Write-Verbose -Message 'Updating Viva Insights settings for Addin and Inline Suggestions' + Set-DefaultTenantMyAnalyticsFeatureConfig -Feature 'Add-In' -IsEnabled $VivaInsightsOutlookAddInAndInlineSuggestions -Verbose:$false | Out-Null } if ($PSBoundParameters.ContainsKey('VivaInsightsScheduleSendSuggestions') -and ` ($currentValues.VivaInsightsScheduleSendSuggestions -ne $VivaInsightsScheduleSendSuggestions)) { - Write-Verbose -Message "Updating Viva Insights settings for ScheduleSendSuggestions" - Set-DefaultTenantMyAnalyticsFeatureConfig -Feature "Scheduled-send" -IsEnabled $VivaInsightsScheduleSendSuggestions -Verbose:$false | Out-Null + Write-Verbose -Message 'Updating Viva Insights settings for ScheduleSendSuggestions' + Set-DefaultTenantMyAnalyticsFeatureConfig -Feature 'Scheduled-send' -IsEnabled $VivaInsightsScheduleSendSuggestions -Verbose:$false | Out-Null } # Reports Display Names @@ -674,29 +674,29 @@ function Set-TargetResource } # Apps Installation - if (($PSBoundParameters.ContainsKey("InstallationOptionsAppsForWindows") -or ` - $PSBoundParameters.ContainsKey("InstallationOptionsAppsForMac")) -and ` + if (($PSBoundParameters.ContainsKey('InstallationOptionsAppsForWindows') -or ` + $PSBoundParameters.ContainsKey('InstallationOptionsAppsForMac')) -and ` ($null -ne (Compare-Object -ReferenceObject $currentValues.InstallationOptionsAppsForWindows -DifferenceObject $InstallationOptionsAppsForWindows) -or ` - $null -ne (Compare-Object -ReferenceObject $currentValues.InstallationOptionsAppsForMac -DifferenceObject $InstallationOptionsAppsForMac))) + $null -ne (Compare-Object -ReferenceObject $currentValues.InstallationOptionsAppsForMac -DifferenceObject $InstallationOptionsAppsForMac))) { $ConnectionModeTasks = New-M365DSCConnection -Workload 'Tasks' ` -InboundParameters $PSBoundParameters $InstallationOptions = Get-M365DSCOrgSettingsInstallationOptions -AuthenticationOption $ConnectionModeTasks $InstallationOptionsToUpdate = @{ - updateChannel = "" + updateChannel = '' appsForWindows = @{ isMicrosoft365AppsEnabled = $false isProjectEnabled = $false isSkypeForBusinessEnabled = $false isVisioEnabled = $false } - appsForMac = @{ + appsForMac = @{ isMicrosoft365AppsEnabled = $false isSkypeForBusinessEnabled = $false } } - if ($PSBoundParameters.ContainsKey("InstallationOptionsUpdateChannel") -and ` + if ($PSBoundParameters.ContainsKey('InstallationOptionsUpdateChannel') -and ` ($InstallationOptionsUpdateChannel -ne $InstallationOptions.updateChannel)) { $InstallationOptionsToUpdate.updateChannel = $InstallationOptionsUpdateChannel @@ -706,7 +706,7 @@ function Set-TargetResource $InstallationOptionsToUpdate.Remove('updateChannel') | Out-Null } - if ($PSBoundParameters.ContainsKey("InstallationOptionsAppsForWindows")) + if ($PSBoundParameters.ContainsKey('InstallationOptionsAppsForWindows')) { foreach ($key in $InstallationOptionsAppsForWindows) { @@ -718,7 +718,7 @@ function Set-TargetResource $InstallationOptionsToUpdate.Remove('appsForWindows') | Out-Null } - if ($PSBoundParameters.ContainsKey("InstallationOptionsAppsForMac")) + if ($PSBoundParameters.ContainsKey('InstallationOptionsAppsForMac')) { foreach ($key in $InstallationOptionsAppsForMac) { @@ -1017,7 +1017,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - $ValuesToCheck.Remove("MicrosoftVivaBriefingEmail") | Out-Null + $ValuesToCheck.Remove('MicrosoftVivaBriefingEmail') | Out-Null Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -1139,10 +1139,10 @@ function Get-M365DSCO365OrgSettingsPlannerConfig try { - $Uri = $Global:MSCloudLoginConnectionProfile.Tasks.HostUrl + "/taskAPI/tenantAdminSettings/Settings"; + $Uri = $Global:MSCloudLoginConnectionProfile.Tasks.HostUrl + '/taskAPI/tenantAdminSettings/Settings' [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 - $results = Invoke-RestMethod -ContentType "application/json;odata.metadata=full" ` - -Headers @{"Accept"="application/json"; "Authorization"=$Global:MSCloudLoginConnectionProfile.Tasks.AccessToken; "Accept-Charset"="UTF-8"; "OData-Version"="4.0;NetFx"; "OData-MaxVersion"="4.0;NetFx"} ` + $results = Invoke-RestMethod -ContentType 'application/json;odata.metadata=full' ` + -Headers @{'Accept' = 'application/json'; 'Authorization' = $Global:MSCloudLoginConnectionProfile.Tasks.AccessToken; 'Accept-Charset' = 'UTF-8'; 'OData-Version' = '4.0;NetFx'; 'OData-MaxVersion' = '4.0;NetFx' } ` -Method GET ` $Uri -ErrorAction Stop return $results @@ -1151,11 +1151,11 @@ function Get-M365DSCO365OrgSettingsPlannerConfig { if ($_.Exception.Message -eq 'The request was aborted: Could not create SSL/TLS secure channel.') { - Write-Warning -Message "Could not create SSL/TLS secure channel. Skipping the Planner settings." + Write-Warning -Message 'Could not create SSL/TLS secure channel. Skipping the Planner settings.' } else { - Write-Verbose -Message "Not able to retrieve Office 365 Planner Settings. Please ensure correct permissions have been granted." + Write-Verbose -Message 'Not able to retrieve Office 365 Planner Settings. Please ensure correct permissions have been granted.' New-M365DSCLogEntry -Message 'Error updating Office 365 Planner Settings' ` -Exception $_ ` -Source $($MyInvocation.MyCommand.Source) ` @@ -1182,9 +1182,9 @@ function Set-M365DSCO365OrgSettingsPlannerConfig } $requestBody = $flags | ConvertTo-Json - $Uri = $Global:MSCloudLoginConnectionProfile.Tasks.HostUrl + "/taskAPI/tenantAdminSettings/Settings"; - $results = Invoke-RestMethod -ContentType "application/json;odata.metadata=full" ` - -Headers @{"Accept"="application/json"; "Authorization"=$Global:MSCloudLoginConnectionProfile.Tasks.AccessToken; "Accept-Charset"="UTF-8"; "OData-Version"="4.0;NetFx"; "OData-MaxVersion"="4.0;NetFx"} ` + $Uri = $Global:MSCloudLoginConnectionProfile.Tasks.HostUrl + '/taskAPI/tenantAdminSettings/Settings' + $results = Invoke-RestMethod -ContentType 'application/json;odata.metadata=full' ` + -Headers @{'Accept' = 'application/json'; 'Authorization' = $Global:MSCloudLoginConnectionProfile.Tasks.AccessToken; 'Accept-Charset' = 'UTF-8'; 'OData-Version' = '4.0;NetFx'; 'OData-MaxVersion' = '4.0;NetFx' } ` -Method PATCH ` -Body $requestBody ` $Uri @@ -1209,7 +1209,7 @@ function Get-M365DSCOrgSettingsInstallationOptions } catch { - Write-Verbose -Message "Not able to retrieve Office 365 Apps Installation Options. Please ensure correct permissions have been granted." + Write-Verbose -Message 'Not able to retrieve Office 365 Apps Installation Options. Please ensure correct permissions have been granted.' return $null } } @@ -1241,8 +1241,8 @@ function Update-M365DSCOrgSettingsInstallationOptions if ($AuthenticationOption -eq 'Credentials') { $errorMessage = "You don't have the proper permissions to update the Office 365 Apps Installation Options." ` - + " When using Credentials to authenticate, you need to grant permissions to the Microsoft Graph PowerShell SDK by running" ` - + " Connect-MgGraph -Scopes OrgSettings-Microsoft365Install.ReadWrite.All" + + ' When using Credentials to authenticate, you need to grant permissions to the Microsoft Graph PowerShell SDK by running' ` + + ' Connect-MgGraph -Scopes OrgSettings-Microsoft365Install.ReadWrite.All' Write-Error -Message $errorMessage } } @@ -1264,7 +1264,7 @@ function Get-M365DSCOrgSettingsForms } catch { - Write-Verbose -Message "Not able to retrieve O365OrgSettings Forms Settings. Please ensure correct permissions have been granted." + Write-Verbose -Message 'Not able to retrieve O365OrgSettings Forms Settings. Please ensure correct permissions have been granted.' return $null } } @@ -1282,7 +1282,7 @@ function Update-M365DSCOrgSettingsForms try { - Write-Verbose -Message "Updating Forms Settings" + Write-Verbose -Message 'Updating Forms Settings' $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/admin/forms/settings' Invoke-MgGraphRequest -Method PATCH -Uri $url -Body $Options | Out-Null } @@ -1311,7 +1311,7 @@ function Get-M365DSCOrgSettingsDynamicsCustomerVoice } catch { - Write-Verbose -Message "Not able to retrieve O365OrgSettings Dynamics Customer Voice Settings. Please ensure correct permissions have been granted." + Write-Verbose -Message 'Not able to retrieve O365OrgSettings Dynamics Customer Voice Settings. Please ensure correct permissions have been granted.' return $null } } @@ -1357,7 +1357,7 @@ function Get-M365DSCOrgSettingsAppsAndServices } catch { - Write-Verbose -Message "Not able to retrieve O365OrgSettings Apps and Services Settings. Please ensure correct permissions have been granted." + Write-Verbose -Message 'Not able to retrieve O365OrgSettings Apps and Services Settings. Please ensure correct permissions have been granted.' return $null } } @@ -1402,7 +1402,7 @@ function Get-M365DSCOrgSettingsToDo } catch { - Write-Verbose -Message "Not able to retrieve ToDo settings. Please ensure correct permissions have been granted." + Write-Verbose -Message 'Not able to retrieve ToDo settings. Please ensure correct permissions have been granted.' return $null } } @@ -1449,7 +1449,7 @@ function Get-M365DSCOrgSettingsAdminCenterReport } catch { - Write-Verbose -Message "Not able to retrieve Office 365 Report Settings. Please ensure correct permissions have been granted." + Write-Verbose -Message 'Not able to retrieve Office 365 Report Settings. Please ensure correct permissions have been granted.' return $null } } @@ -1466,7 +1466,7 @@ function Update-M365DSCOrgSettingsAdminCenterReport $VerbosePreference = 'SilentlyContinue' $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/admin/reportSettings' $body = @{ - "@odata.context" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/$metadata#admin/reportSettings/$entity' + '@odata.context' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/$metadata#admin/reportSettings/$entity' displayConcealedNames = $DisplayConcealedNames } Invoke-MgGraphRequest -Method PATCH -Uri $url -Body $body | Out-Null diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365SearchAndIntelligenceConfigurations/MSFT_O365SearchAndIntelligenceConfigurations.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_O365SearchAndIntelligenceConfigurations/MSFT_O365SearchAndIntelligenceConfigurations.psm1 index 530689c86a..b31439d5bb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365SearchAndIntelligenceConfigurations/MSFT_O365SearchAndIntelligenceConfigurations.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365SearchAndIntelligenceConfigurations/MSFT_O365SearchAndIntelligenceConfigurations.psm1 @@ -83,7 +83,7 @@ function Get-TargetResource { if ($_.Exception.Message -eq "[BadRequest] : Resource not found for the segment 'peopleInsights'.") { - Write-Warning -Message "The peopleInsights segment is not available in the selected environment." + Write-Warning -Message 'The peopleInsights segment is not available in the selected environment.' } } @@ -170,7 +170,7 @@ function Set-TargetResource OrganizationId = $TenantId IsEnabledInOrganization = $ItemInsightsIsEnabledInOrganization } - if ($PSBoundParameters.ContainsKey("ItemInsightsDisabledForGroup")) + if ($PSBoundParameters.ContainsKey('ItemInsightsDisabledForGroup')) { $disabledForGroupValue = $null try @@ -186,9 +186,9 @@ function Set-TargetResource -TenantId $TenantId ` -Credential $Credential } - $ItemInsightsUpdateParams.Add("DisabledForGroup", $disabledForGroupValue) + $ItemInsightsUpdateParams.Add('DisabledForGroup', $disabledForGroupValue) } - Write-Verbose -Message "Updating settings for Item Insights" + Write-Verbose -Message 'Updating settings for Item Insights' Update-MgBetaOrganizationSettingItemInsight @ItemInsightsUpdateParams | Out-Null #endregion @@ -197,7 +197,7 @@ function Set-TargetResource OrganizationId = $TenantId IsEnabledInOrganization = $ItemInsightsIsEnabledInOrganization } - if ($PSBoundParameters.ContainsKey("PersonInsightsDisabledForGroup")) + if ($PSBoundParameters.ContainsKey('PersonInsightsDisabledForGroup')) { $disabledForGroupValue = $null try @@ -213,10 +213,10 @@ function Set-TargetResource -TenantId $TenantId ` -Credential $Credential } - $PersonInsightsUpdateParams.Add("DisabledForGroup", $disabledForGroupValue) + $PersonInsightsUpdateParams.Add('DisabledForGroup', $disabledForGroupValue) } - Write-Verbose -Message "Updating settings for Person Insights" + Write-Verbose -Message 'Updating settings for Person Insights' Update-MgBetaOrganizationSettingPersonInsight @PersonInsightsUpdateParams | Out-Null #endregion } @@ -323,9 +323,9 @@ function Export-TargetResource } $Params = @{ - IsSingleInstance = 'Yes' - Credential = $Credential - AccessTokens = $AccessTokens + IsSingleInstance = 'Yes' + Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_PPAdminDLPPolicy/MSFT_PPAdminDLPPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_PPAdminDLPPolicy/MSFT_PPAdminDLPPolicy.psm1 index bb6bde14be..db16bfe125 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_PPAdminDLPPolicy/MSFT_PPAdminDLPPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_PPAdminDLPPolicy/MSFT_PPAdminDLPPolicy.psm1 @@ -72,12 +72,12 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($PolicyName)) { - $instances = $Script:exportedInstances | Where-Object -FilterScript {$_.PolicyName -eq $PolicyName} + $instances = $Script:exportedInstances | Where-Object -FilterScript { $_.PolicyName -eq $PolicyName } } if ($null -eq $instance) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } } else @@ -89,7 +89,7 @@ function Get-TargetResource if ($null -eq $instance) { - $instance = Get-AdminDlpPolicy | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $instance = Get-AdminDlpPolicy | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } } if ($null -eq $instance) @@ -197,7 +197,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating new Data Policy {$DisplayName}" - $policy = New-AdminDLPPolicy -DisplayName $DisplayName + $policy = New-AdminDlpPolicy -DisplayName $DisplayName $policyName = $policy.PolicyName } if ($setParameters.ContainsKey('PolicyName')) @@ -206,7 +206,7 @@ function Set-TargetResource } else { - $setParameters.Add("PolicyName", $policyName) + $setParameters.Add('PolicyName', $policyName) } # UPDATE @@ -220,13 +220,13 @@ function Set-TargetResource $setParameters.Environments = ($setParameters.Environments -join ',') } Write-Verbose -Message "Updating Data Policy {$DisplayName} with values:`r`n$(Convert-M365DscHashtableToString -Hashtable $setParameters)" - Set-AdminDLPPolicy @setParameters + Set-AdminDlpPolicy @setParameters } # REMOVE elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Removing Data Policy {$DisplayName}" - Remove-AdminDLPPolicy -PolicyName $policyName + Remove-AdminDlpPolicy -PolicyName $policyName } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_PPDLPPolicyConnectorConfigurations/MSFT_PPDLPPolicyConnectorConfigurations.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_PPDLPPolicyConnectorConfigurations/MSFT_PPDLPPolicyConnectorConfigurations.psm1 index ea6471b259..2a56387cc8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_PPDLPPolicyConnectorConfigurations/MSFT_PPDLPPolicyConnectorConfigurations.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_PPDLPPolicyConnectorConfigurations/MSFT_PPDLPPolicyConnectorConfigurations.psm1 @@ -65,15 +65,15 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' try { - $policy = Get-AdminDlpPolicy | Where-Object -FilterScript {$_.DisplayName -eq $PolicyName} + $policy = Get-AdminDlpPolicy | Where-Object -FilterScript { $_.DisplayName -eq $PolicyName } if ($null -eq $policy) { return $nullResult } - $ActionList = Get-PowerAppDlpPolicyConnectorConfigurations -TenantID $PPTenantId ` - -PolicyName $($policy.PolicyName) + $ActionList = Get-PowerAppDlpPolicyConnectorConfigurations -TenantId $PPTenantId ` + -PolicyName $($policy.PolicyName) $ActionsValue = @() foreach ($action in $ActionList.connectorActionConfigurations) { @@ -95,16 +95,16 @@ function Get-TargetResource } $results = @{ - PPTenantId = $PPTenantId - PolicyName = $PolicyName - ConnectorActionConfigurations = $ActionsValue - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + PPTenantId = $PPTenantId + PolicyName = $PolicyName + ConnectorActionConfigurations = $ActionsValue + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } @@ -183,7 +183,7 @@ function Set-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - $policy = Get-AdminDlpPolicy | Where-Object -FilterScript {$_.DisplayName -eq $PolicyName} + $policy = Get-AdminDlpPolicy | Where-Object -FilterScript { $_.DisplayName -eq $PolicyName } $policyNameValue = $policy.PolicyName # CREATE @@ -215,9 +215,9 @@ function Set-TargetResource Write-Verbose -Message "Setting Connector Configuration for Policy {$($PolicyNameValue)} with parameters:`r`n$payload" New-PowerAppDlpPolicyConnectorConfigurations -TenantId $PPTenantId ` - -PolicyName $policyNameValue ` - -NewDlpPolicyConnectorConfigurations $body ` - -Verbose + -PolicyName $policyNameValue ` + -NewDlpPolicyConnectorConfigurations $body ` + -Verbose } # REMOVE elseif ($Ensure -eq 'Absent') @@ -400,14 +400,14 @@ function Export-TargetResource } Write-Host " |---[$i/$($policies.Count)] $($policy.DisplayName)" -NoNewline $params = @{ - PPTenantId = $tenantInfo.TenantId - PolicyName = $policy.DisplayName - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + PPTenantId = $tenantInfo.TenantId + PolicyName = $policy.DisplayName + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -418,9 +418,9 @@ function Export-TargetResource { $complexMapping = @( @{ - Name = 'actionRules' + Name = 'actionRules' CimInstanceName = 'PPDLPPolicyConnectorConfigurationsActionRules' - IsRequired = $False + IsRequired = $False } ) $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_PPPowerAppPolicyUrlPatterns/MSFT_PPPowerAppPolicyUrlPatterns.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_PPPowerAppPolicyUrlPatterns/MSFT_PPPowerAppPolicyUrlPatterns.psm1 index fc0895a29b..602805cb67 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_PPPowerAppPolicyUrlPatterns/MSFT_PPPowerAppPolicyUrlPatterns.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_PPPowerAppPolicyUrlPatterns/MSFT_PPPowerAppPolicyUrlPatterns.psm1 @@ -65,15 +65,15 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' try { - $policy = Get-AdminDlpPolicy | Where-Object -FilterScript {$_.DisplayName -eq $PolicyName} + $policy = Get-AdminDlpPolicy | Where-Object -FilterScript { $_.DisplayName -eq $PolicyName } if ($null -eq $policy) { return $nullResult } - $rules = Get-PowerAppPolicyUrlPatterns -TenantID $PPTenantId ` - -PolicyName $($policy.PolicyName) + $rules = Get-PowerAppPolicyUrlPatterns -TenantId $PPTenantId ` + -PolicyName $($policy.PolicyName) $RulesValue = @() foreach ($rule in $rules.rules) { @@ -85,16 +85,16 @@ function Get-TargetResource } $results = @{ - PPTenantId = $PPTenantId - PolicyName = $PolicyName - RuleSet = $RulesValue - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + PPTenantId = $PPTenantId + PolicyName = $PolicyName + RuleSet = $RulesValue + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } @@ -173,7 +173,7 @@ function Set-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - $policy = Get-AdminDlpPolicy | Where-Object -FilterScript {$_.DisplayName -eq $PolicyName} + $policy = Get-AdminDlpPolicy | Where-Object -FilterScript { $_.DisplayName -eq $PolicyName } $policyNameValue = $policy.PolicyName # CREATE @@ -195,9 +195,9 @@ function Set-TargetResource Write-Verbose -Message "Setting new Url Patterns for Policy {$($PolicyNameValue)} with parameters:`r`n$payload" New-PowerAppPolicyUrlPatterns -TenantId $PPTenantId ` - -PolicyName $policyNameValue ` - -NewUrlPatterns $body ` - -Verbose + -PolicyName $policyNameValue ` + -NewUrlPatterns $body ` + -Verbose } # REMOVE elseif ($Ensure -eq 'Absent') @@ -380,14 +380,14 @@ function Export-TargetResource } Write-Host " |---[$i/$($policies.Count)] $($policy.DisplayName)" -NoNewline $params = @{ - PPTenantId = $tenantInfo.TenantId - PolicyName = $policy.DisplayName - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + PPTenantId = $tenantInfo.TenantId + PolicyName = $policy.DisplayName + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_PPPowerAppsEnvironment/MSFT_PPPowerAppsEnvironment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_PPPowerAppsEnvironment/MSFT_PPPowerAppsEnvironment.psm1 index c13ca03929..6854e56b39 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_PPPowerAppsEnvironment/MSFT_PPPowerAppsEnvironment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_PPPowerAppsEnvironment/MSFT_PPPowerAppsEnvironment.psm1 @@ -23,12 +23,12 @@ function Get-TargetResource [Parameter()] [System.String] - [ValidateSet("1033","1025","1069","1026","1027","3076","2052","1028","1050","1029","1030","1043","1061","1035","1036","1110","1031","1032","1037","1081","1038","1040","1041","1087","1042","1062","1063","1044","1045","1046","2070","1048","1049","2074","1051","1060","3082","1053","1054","1055","1058","1066","3098","1086","1057")] + [ValidateSet('1033', '1025', '1069', '1026', '1027', '3076', '2052', '1028', '1050', '1029', '1030', '1043', '1061', '1035', '1036', '1110', '1031', '1032', '1037', '1081', '1038', '1040', '1041', '1087', '1042', '1062', '1063', '1044', '1045', '1046', '2070', '1048', '1049', '2074', '1051', '1060', '3082', '1053', '1054', '1055', '1058', '1066', '3098', '1086', '1057')] $LanguageName, [Parameter()] [System.String] - [ValidateSet("KZT","ZAR","ETB","AED","BHD","DZD","EGP","IQD","JOD","KWD","LBP","LYD","MAD","OMR","QAR","SAR","SYP","TND","YER","CLP","INR","AZN","RUB","BYN","BGN","NGN","BDT","CNY","EUR","BAM","USD","CZK","GBP","DKK","CHF","MVR","BTN","XCD","AUD","BZD","CAD","HKD","IDR","JMD","MYR","NZD","PHP","SGD","TTD","XDR","ARS","BOB","COP","CRC","CUP","DOP","GTQ","HNL","MXN","NIO","PAB","PEN","PYG","UYU","VES","IRR","XOF","CDF","XAF","HTG","ILS","HUF","AMD","ISK","JPY","GEL","KHR","KRW","KGS","LAK","MKD","MNT","BND","MMK","NOK","NPR","PKR","PLN","AFN","BRL","MDL","RON","RWF","SEK","LKR","SOS","ALL","RSD","KES","TJS","THB","ERN","TMT","BWP","TRY","UAH","UZS","VND","MOP","TWD")] + [ValidateSet('KZT', 'ZAR', 'ETB', 'AED', 'BHD', 'DZD', 'EGP', 'IQD', 'JOD', 'KWD', 'LBP', 'LYD', 'MAD', 'OMR', 'QAR', 'SAR', 'SYP', 'TND', 'YER', 'CLP', 'INR', 'AZN', 'RUB', 'BYN', 'BGN', 'NGN', 'BDT', 'CNY', 'EUR', 'BAM', 'USD', 'CZK', 'GBP', 'DKK', 'CHF', 'MVR', 'BTN', 'XCD', 'AUD', 'BZD', 'CAD', 'HKD', 'IDR', 'JMD', 'MYR', 'NZD', 'PHP', 'SGD', 'TTD', 'XDR', 'ARS', 'BOB', 'COP', 'CRC', 'CUP', 'DOP', 'GTQ', 'HNL', 'MXN', 'NIO', 'PAB', 'PEN', 'PYG', 'UYU', 'VES', 'IRR', 'XOF', 'CDF', 'XAF', 'HTG', 'ILS', 'HUF', 'AMD', 'ISK', 'JPY', 'GEL', 'KHR', 'KRW', 'KGS', 'LAK', 'MKD', 'MNT', 'BND', 'MMK', 'NOK', 'NPR', 'PKR', 'PLN', 'AFN', 'BRL', 'MDL', 'RON', 'RWF', 'SEK', 'LKR', 'SOS', 'ALL', 'RSD', 'KES', 'TJS', 'THB', 'ERN', 'TMT', 'BWP', 'TRY', 'UAH', 'UZS', 'VND', 'MOP', 'TWD')] $CurrencyName, [Parameter()] @@ -140,12 +140,12 @@ function Set-TargetResource [Parameter()] [System.String] - [ValidateSet("1033","1025","1069","1026","1027","3076","2052","1028","1050","1029","1030","1043","1061","1035","1036","1110","1031","1032","1037","1081","1038","1040","1041","1087","1042","1062","1063","1044","1045","1046","2070","1048","1049","2074","1051","1060","3082","1053","1054","1055","1058","1066","3098","1086","1057")] + [ValidateSet('1033', '1025', '1069', '1026', '1027', '3076', '2052', '1028', '1050', '1029', '1030', '1043', '1061', '1035', '1036', '1110', '1031', '1032', '1037', '1081', '1038', '1040', '1041', '1087', '1042', '1062', '1063', '1044', '1045', '1046', '2070', '1048', '1049', '2074', '1051', '1060', '3082', '1053', '1054', '1055', '1058', '1066', '3098', '1086', '1057')] $LanguageName, [Parameter()] [System.String] - [ValidateSet("KZT","ZAR","ETB","AED","BHD","DZD","EGP","IQD","JOD","KWD","LBP","LYD","MAD","OMR","QAR","SAR","SYP","TND","YER","CLP","INR","AZN","RUB","BYN","BGN","NGN","BDT","CNY","EUR","BAM","USD","CZK","GBP","DKK","CHF","MVR","BTN","XCD","AUD","BZD","CAD","HKD","IDR","JMD","MYR","NZD","PHP","SGD","TTD","XDR","ARS","BOB","COP","CRC","CUP","DOP","GTQ","HNL","MXN","NIO","PAB","PEN","PYG","UYU","VES","IRR","XOF","CDF","XAF","HTG","ILS","HUF","AMD","ISK","JPY","GEL","KHR","KRW","KGS","LAK","MKD","MNT","BND","MMK","NOK","NPR","PKR","PLN","AFN","BRL","MDL","RON","RWF","SEK","LKR","SOS","ALL","RSD","KES","TJS","THB","ERN","TMT","BWP","TRY","UAH","UZS","VND","MOP","TWD")] + [ValidateSet('KZT', 'ZAR', 'ETB', 'AED', 'BHD', 'DZD', 'EGP', 'IQD', 'JOD', 'KWD', 'LBP', 'LYD', 'MAD', 'OMR', 'QAR', 'SAR', 'SYP', 'TND', 'YER', 'CLP', 'INR', 'AZN', 'RUB', 'BYN', 'BGN', 'NGN', 'BDT', 'CNY', 'EUR', 'BAM', 'USD', 'CZK', 'GBP', 'DKK', 'CHF', 'MVR', 'BTN', 'XCD', 'AUD', 'BZD', 'CAD', 'HKD', 'IDR', 'JMD', 'MYR', 'NZD', 'PHP', 'SGD', 'TTD', 'XDR', 'ARS', 'BOB', 'COP', 'CRC', 'CUP', 'DOP', 'GTQ', 'HNL', 'MXN', 'NIO', 'PAB', 'PEN', 'PYG', 'UYU', 'VES', 'IRR', 'XOF', 'CDF', 'XAF', 'HTG', 'ILS', 'HUF', 'AMD', 'ISK', 'JPY', 'GEL', 'KHR', 'KRW', 'KGS', 'LAK', 'MKD', 'MNT', 'BND', 'MMK', 'NOK', 'NPR', 'PKR', 'PLN', 'AFN', 'BRL', 'MDL', 'RON', 'RWF', 'SEK', 'LKR', 'SOS', 'ALL', 'RSD', 'KES', 'TJS', 'THB', 'ERN', 'TMT', 'BWP', 'TRY', 'UAH', 'UZS', 'VND', 'MOP', 'TWD')] $CurrencyName, [Parameter()] @@ -249,12 +249,12 @@ function Test-TargetResource [Parameter()] [System.String] - [ValidateSet("1033","1025","1069","1026","1027","3076","2052","1028","1050","1029","1030","1043","1061","1035","1036","1110","1031","1032","1037","1081","1038","1040","1041","1087","1042","1062","1063","1044","1045","1046","2070","1048","1049","2074","1051","1060","3082","1053","1054","1055","1058","1066","3098","1086","1057")] + [ValidateSet('1033', '1025', '1069', '1026', '1027', '3076', '2052', '1028', '1050', '1029', '1030', '1043', '1061', '1035', '1036', '1110', '1031', '1032', '1037', '1081', '1038', '1040', '1041', '1087', '1042', '1062', '1063', '1044', '1045', '1046', '2070', '1048', '1049', '2074', '1051', '1060', '3082', '1053', '1054', '1055', '1058', '1066', '3098', '1086', '1057')] $LanguageName, [Parameter()] [System.String] - [ValidateSet("KZT","ZAR","ETB","AED","BHD","DZD","EGP","IQD","JOD","KWD","LBP","LYD","MAD","OMR","QAR","SAR","SYP","TND","YER","CLP","INR","AZN","RUB","BYN","BGN","NGN","BDT","CNY","EUR","BAM","USD","CZK","GBP","DKK","CHF","MVR","BTN","XCD","AUD","BZD","CAD","HKD","IDR","JMD","MYR","NZD","PHP","SGD","TTD","XDR","ARS","BOB","COP","CRC","CUP","DOP","GTQ","HNL","MXN","NIO","PAB","PEN","PYG","UYU","VES","IRR","XOF","CDF","XAF","HTG","ILS","HUF","AMD","ISK","JPY","GEL","KHR","KRW","KGS","LAK","MKD","MNT","BND","MMK","NOK","NPR","PKR","PLN","AFN","BRL","MDL","RON","RWF","SEK","LKR","SOS","ALL","RSD","KES","TJS","THB","ERN","TMT","BWP","TRY","UAH","UZS","VND","MOP","TWD")] + [ValidateSet('KZT', 'ZAR', 'ETB', 'AED', 'BHD', 'DZD', 'EGP', 'IQD', 'JOD', 'KWD', 'LBP', 'LYD', 'MAD', 'OMR', 'QAR', 'SAR', 'SYP', 'TND', 'YER', 'CLP', 'INR', 'AZN', 'RUB', 'BYN', 'BGN', 'NGN', 'BDT', 'CNY', 'EUR', 'BAM', 'USD', 'CZK', 'GBP', 'DKK', 'CHF', 'MVR', 'BTN', 'XCD', 'AUD', 'BZD', 'CAD', 'HKD', 'IDR', 'JMD', 'MYR', 'NZD', 'PHP', 'SGD', 'TTD', 'XDR', 'ARS', 'BOB', 'COP', 'CRC', 'CUP', 'DOP', 'GTQ', 'HNL', 'MXN', 'NIO', 'PAB', 'PEN', 'PYG', 'UYU', 'VES', 'IRR', 'XOF', 'CDF', 'XAF', 'HTG', 'ILS', 'HUF', 'AMD', 'ISK', 'JPY', 'GEL', 'KHR', 'KRW', 'KGS', 'LAK', 'MKD', 'MNT', 'BND', 'MMK', 'NOK', 'NPR', 'PKR', 'PLN', 'AFN', 'BRL', 'MDL', 'RON', 'RWF', 'SEK', 'LKR', 'SOS', 'ALL', 'RSD', 'KES', 'TJS', 'THB', 'ERN', 'TMT', 'BWP', 'TRY', 'UAH', 'UZS', 'VND', 'MOP', 'TWD')] $CurrencyName, [Parameter()] diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_PPTenantIsolationSettings/MSFT_PPTenantIsolationSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_PPTenantIsolationSettings/MSFT_PPTenantIsolationSettings.psm1 index 5926a34333..baab2973c4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_PPTenantIsolationSettings/MSFT_PPTenantIsolationSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_PPTenantIsolationSettings/MSFT_PPTenantIsolationSettings.psm1 @@ -87,7 +87,7 @@ function Get-TargetResource $tenantIsolationPolicy = Get-PowerAppTenantIsolationPolicy -TenantId $tenantid if ($tenantIsolationPolicy.StatusCode -eq 403) { - throw "Invalid permission for the application. If you are using a custom app registration to authenticate, make sure it is defined as a Power Platform admin management application. For additional information refer to https://learn.microsoft.com/en-us/power-platform/admin/powershell-create-service-principal#registering-an-admin-management-application" + throw 'Invalid permission for the application. If you are using a custom app registration to authenticate, make sure it is defined as a Power Platform admin management application. For additional information refer to https://learn.microsoft.com/en-us/power-platform/admin/powershell-create-service-principal#registering-an-admin-management-application' } [Array]$allowedTenants = $tenantIsolationPolicy.properties.allowedTenants | ForEach-Object { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_PPTenantSettings/MSFT_PPTenantSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_PPTenantSettings/MSFT_PPTenantSettings.psm1 index dcfb571714..2177e77ac1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_PPTenantSettings/MSFT_PPTenantSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_PPTenantSettings/MSFT_PPTenantSettings.psm1 @@ -250,33 +250,33 @@ function Get-TargetResource { $PPTenantSettings = Get-TenantSettings -ErrorAction Stop return @{ - IsSingleInstance = 'Yes' + IsSingleInstance = 'Yes' # search - DisableDocsSearch = $PPTenantSettings.powerPlatform.search.disableDocsSearch - DisableCommunitySearch = $PPTenantSettings.powerPlatform.search.disableCommunitySearch - DisableBingVideoSearch = $PPTenantSettings.powerPlatform.search.disableBingVideoSearch + DisableDocsSearch = $PPTenantSettings.powerPlatform.search.disableDocsSearch + DisableCommunitySearch = $PPTenantSettings.powerPlatform.search.disableCommunitySearch + DisableBingVideoSearch = $PPTenantSettings.powerPlatform.search.disableBingVideoSearch #teamsIntegration - ShareWithColleaguesUserLimit = $PPTenantSettings.powerPlatform.teamsIntegration.shareWithColleaguesUserLimit + ShareWithColleaguesUserLimit = $PPTenantSettings.powerPlatform.teamsIntegration.shareWithColleaguesUserLimit #powerApps - DisableShareWithEveryone = $PPTenantSettings.powerPlatform.powerApps.disableShareWithEveryone - EnableGuestsToMake = $PPTenantSettings.powerPlatform.powerApps.enableGuestsToMake - DisableMakerMatch = $PPTenantSettings.powerPlatform.powerApps.disableMakerMatch - DisableUnusedLicenseAssignment = $PPTenantSettings.powerPlatform.powerApps.disableUnusedLicenseAssignment - DisableCreateFromImage = $PPTenantSettings.powerPlatform.powerApps.disableCreateFromImage - DisableCreateFromFigma = $PPTenantSettings.powerPlatform.powerApps.disableCreateFromFigma - EnableCanvasAppInsights = $PPTenantSettings.powerPlatform.powerApps.enableCanvasAppInsights - DisableConnectionSharingWithEveryone = $PPTenantSettings.powerPlatform.powerApps.disableConnectionSharingWithEveryone - AllowNewOrgChannelDefault = $PPTenantSettings.powerPlatform.powerApps.allowNewOrgChannelDefault - DisableCopilot = $PPTenantSettings.powerPlatform.powerApps.disableCopilot + DisableShareWithEveryone = $PPTenantSettings.powerPlatform.powerApps.disableShareWithEveryone + EnableGuestsToMake = $PPTenantSettings.powerPlatform.powerApps.enableGuestsToMake + DisableMakerMatch = $PPTenantSettings.powerPlatform.powerApps.disableMakerMatch + DisableUnusedLicenseAssignment = $PPTenantSettings.powerPlatform.powerApps.disableUnusedLicenseAssignment + DisableCreateFromImage = $PPTenantSettings.powerPlatform.powerApps.disableCreateFromImage + DisableCreateFromFigma = $PPTenantSettings.powerPlatform.powerApps.disableCreateFromFigma + EnableCanvasAppInsights = $PPTenantSettings.powerPlatform.powerApps.enableCanvasAppInsights + DisableConnectionSharingWithEveryone = $PPTenantSettings.powerPlatform.powerApps.disableConnectionSharingWithEveryone + AllowNewOrgChannelDefault = $PPTenantSettings.powerPlatform.powerApps.allowNewOrgChannelDefault + DisableCopilot = $PPTenantSettings.powerPlatform.powerApps.disableCopilot #powerAutomate - DisableCopilotWithBing = $PPTenantSettings.powerPlatform.powerAutomate.disableCopilotWithBing + DisableCopilotWithBing = $PPTenantSettings.powerPlatform.powerAutomate.disableCopilotWithBing #environments - DisablePreferredDataLocationForTeamsEnvironment = $PPTenantSettings.powerPlatform.environments.disablePreferredDataLocationForTeamsEnvironment + DisablePreferredDataLocationForTeamsEnvironment = $PPTenantSettings.powerPlatform.environments.disablePreferredDataLocationForTeamsEnvironment #governance DisableAdminDigest = $PPTenantSettings.powerPlatform.governance.disableAdminDigest @@ -286,57 +286,57 @@ function Get-TargetResource EnvironmentRoutingAllMakers = $PPTenantSettings.powerPlatform.governance.environmentRoutingAllMakers #licensing - DisableBillingPolicyCreationByNonAdminUsers = $PPTenantSettings.powerPlatform.licensing.disableBillingPolicyCreationByNonAdminUsers - EnableTenantCapacityReportForEnvironmentAdmins = $PPTenantSettings.powerPlatform.licensing.enableTenantCapacityReportForEnvironmentAdmins - StorageCapacityConsumptionWarningThreshold = $PPTenantSettings.powerPlatform.licensing.storageCapacityConsumptionWarningThreshold - EnableTenantLicensingReportForEnvironmentAdmins = $PPTenantSettings.powerPlatform.licensing.enableTenantLicensingReportForEnvironmentAdmins - DisableUseOfUnassignedAIBuilderCredits = $PPTenantSettings.powerPlatform.licensing.disableUseOfUnassignedAIBuilderCredits + DisableBillingPolicyCreationByNonAdminUsers = $PPTenantSettings.powerPlatform.licensing.disableBillingPolicyCreationByNonAdminUsers + EnableTenantCapacityReportForEnvironmentAdmins = $PPTenantSettings.powerPlatform.licensing.enableTenantCapacityReportForEnvironmentAdmins + StorageCapacityConsumptionWarningThreshold = $PPTenantSettings.powerPlatform.licensing.storageCapacityConsumptionWarningThreshold + EnableTenantLicensingReportForEnvironmentAdmins = $PPTenantSettings.powerPlatform.licensing.enableTenantLicensingReportForEnvironmentAdmins + DisableUseOfUnassignedAIBuilderCredits = $PPTenantSettings.powerPlatform.licensing.disableUseOfUnassignedAIBuilderCredits #powerPages - EnableGenerativeAIFeaturesForSiteUsers = $PPTenantSettings.powerPlatform.powerPages.enableGenerativeAIFeaturesForSiteUsers - EnableExternalAuthenticationProvidersInPowerPages = $PPTenantSettings.powerPlatform.powerPages.enableExternalAuthenticationProvidersInPowerPages + EnableGenerativeAIFeaturesForSiteUsers = $PPTenantSettings.powerPlatform.powerPages.enableGenerativeAIFeaturesForSiteUsers + EnableExternalAuthenticationProvidersInPowerPages = $PPTenantSettings.powerPlatform.powerPages.enableExternalAuthenticationProvidersInPowerPages #champions - DisableChampionsInvitationReachout = $PPTenantSettings.powerPlatform.champions.disableChampionsInvitationReachout - DisableSkillsMatchInvitationReachout = $PPTenantSettings.powerPlatform.champions.disableSkillsMatchInvitationReachout + DisableChampionsInvitationReachout = $PPTenantSettings.powerPlatform.champions.disableChampionsInvitationReachout + DisableSkillsMatchInvitationReachout = $PPTenantSettings.powerPlatform.champions.disableSkillsMatchInvitationReachout #intelligence - DisableCopilotFeedback = $PPTenantSettings.powerPlatforms.intelligence.disableCopilotFeedback - EnableOpenAiBotPublishing = $PPTenantSettings.powerPlatforms.intelligence.enableOpenAiBotPublishing - DisableCopilotFeedbackMetadata = $PPTenantSettings.powerPlatforms.intelligence.disableCopilotFeedbackMetadata - DisableAiPrompts = $PPTenantSettings.powerPlatforms.intelligence.disableAiPrompts + DisableCopilotFeedback = $PPTenantSettings.powerPlatforms.intelligence.disableCopilotFeedback + EnableOpenAiBotPublishing = $PPTenantSettings.powerPlatforms.intelligence.enableOpenAiBotPublishing + DisableCopilotFeedbackMetadata = $PPTenantSettings.powerPlatforms.intelligence.disableCopilotFeedbackMetadata + DisableAiPrompts = $PPTenantSettings.powerPlatforms.intelligence.disableAiPrompts #modelExperimentation - EnableModelDataSharing = $PPTenantSettings.powerPlatforms.modelExperimentation.enableModelDataSharing - DisableDataLogging = $PPTenantSettings.powerPlatforms.modelExperimentation.disableDataLogging + EnableModelDataSharing = $PPTenantSettings.powerPlatforms.modelExperimentation.enableModelDataSharing + DisableDataLogging = $PPTenantSettings.powerPlatforms.modelExperimentation.disableDataLogging #catalogSettings - PowerCatalogAudienceSetting = $PPTenantSettings.powerPlatforms.catalogSettings.powerCatalogAudienceSetting + PowerCatalogAudienceSetting = $PPTenantSettings.powerPlatforms.catalogSettings.powerCatalogAudienceSetting #userManagementSettings - EnableDeleteDisabledUserinAllEnvironments = $PPTenantSettings.powerPlatforms.userManagementSettings.enableDeleteDisabledUserinAllEnvironments + EnableDeleteDisabledUserinAllEnvironments = $PPTenantSettings.powerPlatforms.userManagementSettings.enableDeleteDisabledUserinAllEnvironments #helpSupportSettings - DisableHelpSupportCopilot = $PPTenantSettings.powerPlatforms.helpSupportSettings.disableHelpSupportCopilot - UseSupportBingSearchByAllUsers = $PPTenantSettings.powerPlatforms.helpSupportSettings.useSupportBingSearchByAllUsers + DisableHelpSupportCopilot = $PPTenantSettings.powerPlatforms.helpSupportSettings.disableHelpSupportCopilot + UseSupportBingSearchByAllUsers = $PPTenantSettings.powerPlatforms.helpSupportSettings.useSupportBingSearchByAllUsers #Main - WalkMeOptOut = $PPTenantSettings.walkMeOptOut - DisableNPSCommentsReachout = $PPTenantSettings.disableNPSCommentsReachout - DisableNewsletterSendout = $PPTenantSettings.disableNewsletterSendout - DisableEnvironmentCreationByNonAdminUsers = $PPTenantSettings.disableEnvironmentCreationByNonAdminUsers - DisablePortalsCreationByNonAdminUsers = $PPTenantSettings.disablePortalsCreationByNonAdminUsers - DisableSurveyFeedback = $PPTenantSettings.disableSurveyFeedback - DisableSurveyScreenshots = $PPTenantSettings.disableSurveyScreenshots - DisableTrialEnvironmentCreationByNonAdminUsers = $PPTenantSettings.disableTrialEnvironmentCreationByNonAdminUsers - DisableCapacityAllocationByEnvironmentAdmins = $PPTenantSettings.disableCapacityAllocationByEnvironmentAdmins - DisableSupportTicketsVisibleByAllUsers = $PPTenantSettings.disableSupportTicketsVisibleByAllUsers - - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret + WalkMeOptOut = $PPTenantSettings.walkMeOptOut + DisableNPSCommentsReachout = $PPTenantSettings.disableNPSCommentsReachout + DisableNewsletterSendout = $PPTenantSettings.disableNewsletterSendout + DisableEnvironmentCreationByNonAdminUsers = $PPTenantSettings.disableEnvironmentCreationByNonAdminUsers + DisablePortalsCreationByNonAdminUsers = $PPTenantSettings.disablePortalsCreationByNonAdminUsers + DisableSurveyFeedback = $PPTenantSettings.disableSurveyFeedback + DisableSurveyScreenshots = $PPTenantSettings.disableSurveyScreenshots + DisableTrialEnvironmentCreationByNonAdminUsers = $PPTenantSettings.disableTrialEnvironmentCreationByNonAdminUsers + DisableCapacityAllocationByEnvironmentAdmins = $PPTenantSettings.disableCapacityAllocationByEnvironmentAdmins + DisableSupportTicketsVisibleByAllUsers = $PPTenantSettings.disableSupportTicketsVisibleByAllUsers + + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ApplicationSecret = $ApplicationSecret } } catch @@ -904,7 +904,7 @@ function Export-TargetResource if ($settings.StatusCode -eq 403) { - throw "Invalid permission for the application. If you are using a custom app registration to authenticate, make sure it is defined as a Power Platform admin management application. For additional information refer to https://learn.microsoft.com/en-us/power-platform/admin/powershell-create-service-principal#registering-an-admin-management-application" + throw 'Invalid permission for the application. If you are using a custom app registration to authenticate, make sure it is defined as a Power Platform admin management application. For additional information refer to https://learn.microsoft.com/en-us/power-platform/admin/powershell-create-service-principal#registering-an-admin-management-application' } $dscContent = '' @@ -983,15 +983,15 @@ function Get-M365DSCPowerPlatformTenantSettings disableCapacityAllocationByEnvironmentAdmins = $Parameters.DisableCapacityAllocationByEnvironmentAdmins disableSupportTicketsVisibleByAllUsers = $Parameters.DisableSupportTicketsVisibleByAllUsers powerPlatform = @{ - search = @{ + search = @{ disableDocsSearch = $Parameters.DisableDocsSearch disableCommunitySearch = $Parameters.DisableCommunitySearch disableBingVideoSearch = $Parameters.DisableBingVideoSearch } - teams = @{ + teams = @{ shareWithColleaguesUserLimit = $Parameters.ShareWithColleaguesUserLimit } - powerApps = @{ + powerApps = @{ disableShareWithEveryone = $Parameters.DisableShareWithEveryone enableGuestsToMake = $Parameters.EnableGuestsToMake disableMakerMatch = $Parameters.DisableMakerMatch @@ -1003,13 +1003,13 @@ function Get-M365DSCPowerPlatformTenantSettings allowNewOrgChannelDefault = $Parameters.AllowNewOrgChannelDefault disableCopilot = $Parameters.DisableCopilot } - environments = @{ + environments = @{ disablePreferredDataLocationForTeamsEnvironment = $Parameters.DisablePreferredDataLocationForTeamsEnvironment } - powerAutomate = @{ + powerAutomate = @{ disableCopilotWithBing = $Parameters.DisableCopilotWithBing } - governance = @{ + governance = @{ disableAdminDigest = $Parameters.DisableAdminDigest disableDeveloperEnvironmentCreationByNonAdminUsers = $Parameters.DisableDeveloperEnvironmentCreationByNonAdminUsers enableDefaultEnvironmentRouting = $Parameters.EnableDefaultEnvironmentRouting @@ -1020,43 +1020,43 @@ function Get-M365DSCPowerPlatformTenantSettings ) environmentRoutingAllMakers = $Parameters.EnvironmentRoutingAllMakers } - teamsIntegration = @{ + teamsIntegration = @{ shareWithColleaguesUserLimit = $Parameters.ShareWithColleaguesUserLimit } - licensing = @{ + licensing = @{ disableBillingPolicyCreationByNonAdminUsers = $Parameters.DisableBillingPolicyCreationByNonAdminUsers enableTenantCapacityReportForEnvironmentAdmins = $Parameters.EnableTenantCapacityReportForEnvironmentAdmins storageCapacityConsumptionWarningThreshold = $Parameters.StorageCapacityConsumptionWarningThreshold enableTenantLicensingReportForEnvironmentAdmins = $Parameters.EnableTenantLicensingReportForEnvironmentAdmins disableUseOfUnassignedAIBuilderCredits = $Parameters.DisableUseOfUnassignedAIBuilderCredits } - powerPages = @{ + powerPages = @{ enableGenerativeAIFeaturesForSiteUsers = $Parameters.EnableGenerativeAIFeaturesForSiteUsers enableExternalAuthenticationProvidersInPowerPages = $Parameters.EnableExternalAuthenticationProvidersInPowerPages } - champions = @{ + champions = @{ disableChampionsInvitationReachout = $Parameters.DisableChampionsInvitationReachout disableSkillsMatchInvitationReachout = $Parameters.DisableSkillsMatchInvitationReachout } - intelligence = @{ - disableCopilotFeedback = $Parameters.disableCopilotFeedback - enableOpenAiBotPublishing = $Parameters.enableOpenAiBotPublishing - disableCopilotFeedbackMetadata = $Parameters.disableCopilotFeedbackMetadata - disableAiPrompts = $Parameters.disableAiPrompts + intelligence = @{ + disableCopilotFeedback = $Parameters.disableCopilotFeedback + enableOpenAiBotPublishing = $Parameters.enableOpenAiBotPublishing + disableCopilotFeedbackMetadata = $Parameters.disableCopilotFeedbackMetadata + disableAiPrompts = $Parameters.disableAiPrompts } - modelExperimentation = @{ - enableModelDataSharing = $Parameters.enableModelDataSharing - disableDataLogging = $Parameters.disableDataLogging + modelExperimentation = @{ + enableModelDataSharing = $Parameters.enableModelDataSharing + disableDataLogging = $Parameters.disableDataLogging } - catalogSettings = @{ - powerCatalogAudienceSetting = $Parameters.powerCatalogAudienceSetting + catalogSettings = @{ + powerCatalogAudienceSetting = $Parameters.powerCatalogAudienceSetting } userManagementSettings = @{ - enableDeleteDisabledUserinAllEnvironments = $Parameters.enableDeleteDisabledUserinAllEnvironments + enableDeleteDisabledUserinAllEnvironments = $Parameters.enableDeleteDisabledUserinAllEnvironments } - helpSupportSettings = @{ - disableHelpSupportCopilot = $Parameters.disableHelpSupportCopilot - useSupportBingSearchByAllUsers = $Parameters.useSupportBingSearchByAllUsers + helpSupportSettings = @{ + disableHelpSupportCopilot = $Parameters.disableHelpSupportCopilot + useSupportBingSearchByAllUsers = $Parameters.useSupportBingSearchByAllUsers } } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.psm1 index 21ed857ab6..94d0e7ceab 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.psm1 @@ -388,12 +388,12 @@ function Set-TargetResource { if ($PSBoundParameters.ContainsKey('Mode') -eq $false) { - Write-Verbose "SharePoint or OneDrive location has been specified. Setting Mode to TestWithoutNotifications." + Write-Verbose 'SharePoint or OneDrive location has been specified. Setting Mode to TestWithoutNotifications.' $PSBoundParameters.Add('Mode', 'TestWithoutNotifications') } elseif ($PSBoundParameters.Mode -eq 'Enable') { - Write-Verbose "SharePoint or OneDrive location has been specified. Changing Mode to TestWithoutNotifications." + Write-Verbose 'SharePoint or OneDrive location has been specified. Changing Mode to TestWithoutNotifications.' $PSBoundParameters.Mode = 'TestWithoutNotifications' } } @@ -873,7 +873,7 @@ function Export-TargetResource } catch { - if ($_.Exception.Message -like "*is not recognized as the name of a cmdlet*") + if ($_.Exception.Message -like '*is not recognized as the name of a cmdlet*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for this feature." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.psm1 index 22ef5eca5a..ccca329b0f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.psm1 @@ -1230,7 +1230,7 @@ function Export-TargetResource } catch { - if ($_.Exception.Message -like "*is not recognized as the name of a cmdlet*") + if ($_.Exception.Message -like '*is not recognized as the name of a cmdlet*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for this feature." } @@ -1263,12 +1263,12 @@ function ConvertTo-HeadersMatchesPatternString $result = "`r`n MSFT_SCHeaderPattern`r`n {`r`n" $result += " Name = '$($Patterns.Name)'`r`n" - $result += " Values = @(" + $result += ' Values = @(' foreach ($value in $Patterns.Value) { $result += "'$($value.Replace("'", "''"))'," } - $result = $result.Substring(0, $result.Length -1) + ")`r`n" + $result = $result.Substring(0, $result.Length - 1) + ")`r`n" $result += " }`r`n" return $result } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.psm1 index 761921f519..1c1e7d4495 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.psm1 @@ -339,7 +339,7 @@ function Set-TargetResource 'Preview' { $CreationParams.Add('Preview', $true) - $CreationParams.Remove("Scope") | Out-Null + $CreationParams.Remove('Scope') | Out-Null $CreationParams.Add('Confirm', $false) $CreationParams.Remove('EnableDedupe') | Out-Null } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 index 053cd48070..f4b5814d2a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 @@ -22,7 +22,7 @@ function Get-TargetResource $BlockAccess, [Parameter()] - [ValidateSet('All', 'PerUser','None')] + [ValidateSet('All', 'PerUser', 'None')] [System.String] $BlockAccessScope, @@ -142,7 +142,7 @@ function Get-TargetResource [System.Boolean] $DocumentIsPasswordProtected, - [Parameter()] + [Parameter()] [System.Boolean] $ExceptIfDocumentIsPasswordProtected, @@ -397,13 +397,13 @@ function Get-TargetResource $ExceptIfContentExtensionMatchesWords = $PolicyRule.ExceptIfContentExtensionMatchesWords.Replace(' ', '').Split(',') } - if($null -ne $PolicyRule.AdvancedRule -and $PolicyRule.AdvancedRule.Count -gt 0) + if ($null -ne $PolicyRule.AdvancedRule -and $PolicyRule.AdvancedRule.Count -gt 0) { $ruleobject = $PolicyRule.AdvancedRule | ConvertFrom-Json - $index = $ruleobject.Condition.SubConditions.ConditionName.IndexOf("ContentContainsSensitiveInformation") + $index = $ruleobject.Condition.SubConditions.ConditionName.IndexOf('ContentContainsSensitiveInformation') if ($index -ne -1) { - if($null -eq $ruleobject.Condition.SubConditions[$index].value.groups) + if ($null -eq $ruleobject.Condition.SubConditions[$index].value.groups) { $ruleobject.Condition.SubConditions[$index].Value = $ruleobject.Condition.SubConditions[$index].Value | Select-Object * -ExcludeProperty Id } @@ -414,14 +414,14 @@ function Get-TargetResource } $newAdvancedRule = $ruleobject | ConvertTo-Json -Depth 32 | Format-Json - $newAdvancedRule = $newAdvancedRule | ConvertTo-Json -compress + $newAdvancedRule = $newAdvancedRule | ConvertTo-Json -Compress } else { $newAdvancedRule = $null } - $fancyDoubleQuotes = "[\u201C\u201D]" + $fancyDoubleQuotes = '[\u201C\u201D]' $result = @{ Ensure = 'Present' Name = $PolicyRule.Name @@ -550,7 +550,7 @@ function Set-TargetResource $BlockAccess, [Parameter()] - [ValidateSet('All', 'PerUser','None')] + [ValidateSet('All', 'PerUser', 'None')] [System.String] $BlockAccessScope, @@ -670,7 +670,7 @@ function Set-TargetResource [System.Boolean] $DocumentIsPasswordProtected, - [Parameter()] + [Parameter()] [System.Boolean] $ExceptIfDocumentIsPasswordProtected, @@ -907,7 +907,7 @@ function Set-TargetResource { $CreationParams.AdvancedRule = $CreationParams.AdvancedRule | ConvertFrom-Json } - elseif($null -ne $CreationParams.ContentContainsSensitiveInformation) + elseif ($null -ne $CreationParams.ContentContainsSensitiveInformation) { $CreationParams.Remove('AdvancedRule') } @@ -926,8 +926,8 @@ function Set-TargetResource $CreationParams.Remove('AccessTokens') | Out-Null $NewruleParam = @{ - Name = $CreationParams.Name - Policy = $CreationParams.Policy + Name = $CreationParams.Name + Policy = $CreationParams.Policy AdvancedRule = $CreationParams.AdvancedRule } Write-Verbose -Message "Calling New-DLPComplianceRule with Values: $(Convert-M365DscHashtableToString -Hashtable $CreationParams)" @@ -976,7 +976,7 @@ function Set-TargetResource { $UpdateParams.AdvancedRule = $UpdateParams.AdvancedRule | ConvertFrom-Json } - elseif($null -ne $UpdateParams.ContentContainsSensitiveInformation) + elseif ($null -ne $UpdateParams.ContentContainsSensitiveInformation) { $UpdateParams.Remove('AdvancedRule') } @@ -1031,7 +1031,7 @@ function Test-TargetResource $BlockAccess, [Parameter()] - [ValidateSet('All', 'PerUser','None')] + [ValidateSet('All', 'PerUser', 'None')] [System.String] $BlockAccessScope, @@ -2077,15 +2077,18 @@ function Test-ContainsSensitiveInformationGroups } } -function Format-Json([Parameter(Mandatory, ValueFromPipeline)][String] $json) { - $indent = 0; - ($json -Split "`n" | % { - if ($_ -match '[\}\]]\s*,?\s*$') { +function Format-Json([Parameter(Mandatory, ValueFromPipeline)][String] $json) +{ + $indent = 0 + ($json -Split "`n" | ForEach-Object { + if ($_ -match '[\}\]]\s*,?\s*$') + { # This line ends with ] or }, decrement the indentation level $indent-- } $line = (' ' * $indent) + $($_.TrimStart() -replace '": (["{[])', '": $1' -replace ': ', ': ') - if ($_ -match '[\{\[]\s*$') { + if ($_ -match '[\{\[]\s*$') + { # This line ends with [ or {, increment the indentation level $indent++ } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessRule/MSFT_SCDeviceConditionalAccessRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessRule/MSFT_SCDeviceConditionalAccessRule.psm1 index 834c470d45..b1932e3bef 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessRule/MSFT_SCDeviceConditionalAccessRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessRule/MSFT_SCDeviceConditionalAccessRule.psm1 @@ -260,17 +260,17 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' try { - $policyObj = Get-DeviceConditionalAccessPolicy | Where-Object -FilterScript {$_.Name -eq $Policy} + $policyObj = Get-DeviceConditionalAccessPolicy | Where-Object -FilterScript { $_.Name -eq $Policy } if ($null -ne $policyObj) { Write-Verbose -Message "Found policy object {$Policy}" if ($null -ne $Script:exportedInstances -and $Script:ExportMode -and $null) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Policy -eq $policyObj.ExchangeObjectId} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Policy -eq $policyObj.ExchangeObjectId } } else { - $instance = Get-DeviceConditionalAccessRule | Where-Object -FilterScript {$_.Policy -eq $policyObj.ExchangeObjectId} + $instance = Get-DeviceConditionalAccessRule | Where-Object -FilterScript { $_.Policy -eq $policyObj.ExchangeObjectId } } } if ($null -eq $instance) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationRule/MSFT_SCDeviceConfigurationRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationRule/MSFT_SCDeviceConfigurationRule.psm1 index 97f1c316ad..0718875772 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationRule/MSFT_SCDeviceConfigurationRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationRule/MSFT_SCDeviceConfigurationRule.psm1 @@ -256,17 +256,17 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' try { - $policyObj = Get-DeviceConfigurationPolicy | Where-Object -FilterScript {$_.Name -eq $Policy} + $policyObj = Get-DeviceConfigurationPolicy | Where-Object -FilterScript { $_.Name -eq $Policy } if ($null -ne $policyObj) { Write-Verbose -Message "Found policy object {$Policy}" if ($null -ne $Script:exportedInstances -and $Script:ExportMode -and $null) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Policy -eq $policyObj.ExchangeObjectId} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Policy -eq $policyObj.ExchangeObjectId } } else { - $instance = Get-DeviceConfigurationRule | Where-Object -FilterScript {$_.Policy -eq $policyObj.ExchangeObjectId} + $instance = Get-DeviceConfigurationRule | Where-Object -FilterScript { $_.Policy -eq $policyObj.ExchangeObjectId } } } if ($null -eq $instance) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCInsiderRiskEntityList/MSFT_SCInsiderRiskEntityList.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCInsiderRiskEntityList/MSFT_SCInsiderRiskEntityList.psm1 index a0d5e92ed3..8dcdff444a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCInsiderRiskEntityList/MSFT_SCInsiderRiskEntityList.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCInsiderRiskEntityList/MSFT_SCInsiderRiskEntityList.psm1 @@ -140,7 +140,7 @@ function Get-TargetResource # CustomDomainLists $DmnValues = @() if ($instance.ListType -eq 'CustomDomainLists' -or ` - $instance.Name -eq 'IrmWhitelistDomains') + $instance.Name -eq 'IrmWhitelistDomains') { foreach ($entity in $instance.Entities) { @@ -156,7 +156,7 @@ function Get-TargetResource # CustomFilePathRegexLists $FilePathValues = @() if ($instance.ListType -eq 'CustomFilePathRegexLists' -or ` - $instance.Name -eq 'IrmCustomExWinFilePaths') + $instance.Name -eq 'IrmCustomExWinFilePaths') { foreach ($entity in $instance.Entities) { @@ -179,7 +179,7 @@ function Get-TargetResource # CustomKeywordLists $KeywordValues = @() if ($instance.ListType -eq 'CustomKeywordLists' -or ` - $instance.Name -eq 'IrmExcludedKeywords' -or $instance.Name -eq 'IrmNotExcludedKeywords') + $instance.Name -eq 'IrmExcludedKeywords' -or $instance.Name -eq 'IrmNotExcludedKeywords') { foreach ($entity in $instance.Entities) { @@ -191,7 +191,7 @@ function Get-TargetResource # CustomSensitiveInformationTypeLists $SITValues = @() if ($instance.ListType -eq 'CustomSensitiveInformationTypeLists' -or ` - $instance.Name -eq 'IrmCustomExSensitiveTypes') + $instance.Name -eq 'IrmCustomExSensitiveTypes') { foreach ($entity in $instance.Entities) { @@ -204,7 +204,7 @@ function Get-TargetResource # CustomSiteLists $SiteValues = @() if ($instance.ListType -eq 'CustomSiteLists' -or ` - $instance.Name -eq 'IrmExcludedSites') + $instance.Name -eq 'IrmExcludedSites') { foreach ($entity in $instance.Entities) { @@ -349,7 +349,7 @@ function Get-TargetResource ExceptionKeyworkGroups = $exceptionKeywordGroupValue ExcludedClassifierGroups = $excludedClassifierGroupValue ExcludedDomainGroups = $excludedDomainGroupValue - ExcludedFilePathGroups = $ExcludedFilePathGroupsValue + ExcludedFilePathGroups = $ExcludedFilePathGroupsValue ExcludedSiteGroups = $excludedSiteGroupValue ExcludedSensitiveInformationTypeGroups = $excludedSITGroupValue ExcludedFileTypeGroups = $excludedFileTypeGroupValue @@ -513,10 +513,10 @@ function Set-TargetResource } Write-Verbose -Message "Creating new Domain Group {$Name} with values {$($value -join ',')}" New-InsiderRiskEntityList -Type 'CustomDomainLists' ` - -Name $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -Entities $value | Out-Null + -Name $Name ` + -DisplayName $DisplayName ` + -Description $Description ` + -Entities $value | Out-Null } elseif ($ListType -eq 'CustomFilePathRegexLists') { @@ -527,10 +527,10 @@ function Set-TargetResource } Write-Verbose -Message "Creating new FilePath Group {$Name} with values {$($value -join ',')}" New-InsiderRiskEntityList -Type 'CustomFilePathRegexLists' ` - -Name $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -Entities $value | Out-Null + -Name $Name ` + -DisplayName $DisplayName ` + -Description $Description ` + -Entities $value | Out-Null } elseif ($ListType -eq 'CustomFileTypeLists') { @@ -541,10 +541,10 @@ function Set-TargetResource } Write-Verbose -Message "Creating new FileType Group {$Name} with values {$($value -join ',')}" New-InsiderRiskEntityList -Type 'CustomFileTypeLists ' ` - -Name $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -Entities $value | Out-Null + -Name $Name ` + -DisplayName $DisplayName ` + -Description $Description ` + -Entities $value | Out-Null } elseif ($ListType -eq 'CustomKeywordLists') { @@ -555,10 +555,10 @@ function Set-TargetResource } Write-Verbose -Message "Creating new Keyword Group {$Name} with values {$($value -join ',')}" New-InsiderRiskEntityList -Type 'CustomKeywordLists' ` - -Name $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -Entities $value | Out-Null + -Name $Name ` + -DisplayName $DisplayName ` + -Description $Description ` + -Entities $value | Out-Null } elseif ($ListType -eq 'CustomSensitiveInformationTypeLists') { @@ -569,24 +569,24 @@ function Set-TargetResource } Write-Verbose -Message "Creating new SIT Group {$Name} with values {$($value -join ',')}" New-InsiderRiskEntityList -Type 'CustomSensitiveInformationTypeLists' ` - -Name $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -Entities $value | Out-Null + -Name $Name ` + -DisplayName $DisplayName ` + -Description $Description ` + -Entities $value | Out-Null } elseif ($ListType -eq 'CustomSiteLists') { $value = @() foreach ($site in $Sites) { - $value += "{`"Url`":`"$($site.Url.ToString())`",`"Name`":`"$($site.Name.ToString())`",`"Guid`":`"$((New-GUID).ToString())`"}" + $value += "{`"Url`":`"$($site.Url.ToString())`",`"Name`":`"$($site.Name.ToString())`",`"Guid`":`"$((New-Guid).ToString())`"}" } Write-Verbose -Message "Creating new Site Group {$Name} with values {$($value)}" New-InsiderRiskEntityList -Type 'CustomSiteLists' ` - -Name $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -Entities $value | Out-Null + -Name $Name ` + -DisplayName $DisplayName ` + -Description $Description ` + -Entities $value | Out-Null } elseif ($ListType -eq 'CustomMLClassifierTypeLists') { @@ -597,10 +597,10 @@ function Set-TargetResource } Write-Verbose -Message "Creating new Trainable classifier Group {$Name} with values {$($value)}" New-InsiderRiskEntityList -Type 'CustomMLClassifierTypeLists' ` - -Name $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -Entities $value | Out-Null + -Name $Name ` + -DisplayName $DisplayName ` + -Description $Description ` + -Entities $value | Out-Null } else { @@ -620,12 +620,12 @@ function Set-TargetResource { if ($diff.SideIndicator -eq '=>') { - $instance = $Domains | Where-Object -FilterScript {$_.Dmn -eq $diff.InputObject} + $instance = $Domains | Where-Object -FilterScript { $_.Dmn -eq $diff.InputObject } $entitiesToAdd += "{`"Dmn`":`"$($instance.Dmn)`",`"isMLSubDmn`":$($instance.isMLSubDmn.ToString().ToLower())}" } else { - $instance = $currentInstance.Domains | Where-Object -FilterScript {$_.Dmn -eq $diff.InputObject} + $instance = $currentInstance.Domains | Where-Object -FilterScript { $_.Dmn -eq $diff.InputObject } $entitiesToRemove += "{`"Dmn`":`"$($instance.Dmn)`",`"isMLSubDmn`":$($instance.isMLSubDmn.ToString().ToLower())}" } } @@ -635,10 +635,10 @@ function Set-TargetResource Write-Verbose -Message "Removing entities: $($entitiesToRemove -join ',')" Set-InsiderRiskEntityList -Identity $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -AddEntities $entitiesToAdd ` - -RemoveEntities $entitiesToRemove | Out-Null + -DisplayName $DisplayName ` + -Description $Description ` + -AddEntities $entitiesToAdd ` + -RemoveEntities $entitiesToRemove | Out-Null } # Update File Path Group elseif ($ListType -eq 'CustomFilePathRegexLists' -or $Name -eq 'IrmCustomExWinFilePaths' -or ` @@ -664,10 +664,10 @@ function Set-TargetResource Write-Verbose -Message "Removing entities: $($entitiesToRemove -join ',')" Set-InsiderRiskEntityList -Identity $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -AddEntities $entitiesToAdd ` - -RemoveEntities $entitiesToRemove | Out-Null + -DisplayName $DisplayName ` + -Description $Description ` + -AddEntities $entitiesToAdd ` + -RemoveEntities $entitiesToRemove | Out-Null } # Update File Type Group elseif ($ListType -eq 'CustomFileTypeLists') @@ -692,10 +692,10 @@ function Set-TargetResource Write-Verbose -Message "Removing entities: $($entitiesToRemove -join ',')" Set-InsiderRiskEntityList -Identity $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -AddEntities $entitiesToAdd ` - -RemoveEntities $entitiesToRemove | Out-Null + -DisplayName $DisplayName ` + -Description $Description ` + -AddEntities $entitiesToAdd ` + -RemoveEntities $entitiesToRemove | Out-Null } # Update Keywords Group elseif ($ListType -eq 'CustomKeywordLists' -or $Name -eq 'IrmExcludedKeywords' -or $Name -eq 'IrmNotExcludedKeywords') @@ -720,10 +720,10 @@ function Set-TargetResource Write-Verbose -Message "Removing entities: $($entitiesToRemove -join ',')" Set-InsiderRiskEntityList -Identity $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -AddEntities $entitiesToAdd ` - -RemoveEntities $entitiesToRemove | Out-Null + -DisplayName $DisplayName ` + -Description $Description ` + -AddEntities $entitiesToAdd ` + -RemoveEntities $entitiesToRemove | Out-Null } # Update SIT Group elseif ($ListType -eq 'CustomSensitiveInformationTypeLists' -or $Name -eq 'IrmCustomExSensitiveTypes ' -or ` @@ -749,15 +749,15 @@ function Set-TargetResource Write-Verbose -Message "Removing entities: $($entitiesToRemove -join ',')" Set-InsiderRiskEntityList -Identity $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -AddEntities $entitiesToAdd ` - -RemoveEntities $entitiesToRemove | Out-Null + -DisplayName $DisplayName ` + -Description $Description ` + -AddEntities $entitiesToAdd ` + -RemoveEntities $entitiesToRemove | Out-Null } # Update Sites Group elseif ($ListType -eq 'CustomSiteLists' -or $Name -eq 'IrmExcludedSites') { - Write-Verbose -Message "Calculating the difference in the Site list." + Write-Verbose -Message 'Calculating the difference in the Site list.' $entitiesToAdd = @() $entitiesToRemove = @() $differences = Compare-Object -ReferenceObject $currentInstance.Sites.Url -DifferenceObject $Sites.Url @@ -765,7 +765,7 @@ function Set-TargetResource { if ($diff.SideIndicator -eq '=>') { - $entry = $Sites | Where-Object -FilterScript {$_.Url -eq $diff.InputObject} + $entry = $Sites | Where-Object -FilterScript { $_.Url -eq $diff.InputObject } $guid = $entry.Guid if ([System.String]::IsNullOrEmpty($guid)) { @@ -775,7 +775,7 @@ function Set-TargetResource } else { - $entry = $currentInstance.Sites | Where-Object -FilterScript {$_.Url -eq $diff.InputObject} + $entry = $currentInstance.Sites | Where-Object -FilterScript { $_.Url -eq $diff.InputObject } $entitiesToRemove += "{`"Url`":`"$($entry.Url)`",`"Name`":`"$($entry.Name)`",`"Guid`":`"$($entry.Guid)`"}" } } @@ -785,10 +785,10 @@ function Set-TargetResource Write-Verbose -Message "Removing entities: $($entitiesToRemove -join ',')" Set-InsiderRiskEntityList -Identity $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -AddEntities $entitiesToAdd ` - -RemoveEntities $entitiesToRemove | Out-Null + -DisplayName $DisplayName ` + -Description $Description ` + -AddEntities $entitiesToAdd ` + -RemoveEntities $entitiesToRemove | Out-Null } # Update Trainable Classifiers Group elseif ($ListType -eq 'CustomMLClassifierTypeLists' -or $Name -eq 'IrmCustomExMLClassifiers' -or ` @@ -814,60 +814,60 @@ function Set-TargetResource Write-Verbose -Message "Removing entities: $($entitiesToRemove -join ',')" Set-InsiderRiskEntityList -Identity $Name ` - -DisplayName $DisplayName ` - -Description $Description ` - -AddEntities $entitiesToAdd ` - -RemoveEntities $entitiesToRemove | Out-Null + -DisplayName $DisplayName ` + -Description $Description ` + -AddEntities $entitiesToAdd ` + -RemoveEntities $entitiesToRemove | Out-Null } <################## Group Exclusions #############> if ($null -ne $ExcludedDomainGroups -and $ExcludedDomainGroups.Length -gt 0) { Set-M365DSCSCInsiderRiskExclusionGroup -CurrentValues $currentInstance.ExcludedDomainGroups ` - -DesiredValues $ExcludedDomainGroups ` - -Name 'IrmXSGDomains' + -DesiredValues $ExcludedDomainGroups ` + -Name 'IrmXSGDomains' } elseif ($null -ne $ExcludedFilePathGroups -and $ExcludedFilePathGroups.Length -gt 0) { Set-M365DSCSCInsiderRiskExclusionGroup -CurrentValues $currentInstance.ExcludedFilePathGroups ` - -DesiredValues $ExcludedFilePathGroups ` - -Name 'IrmXSGFilePaths' + -DesiredValues $ExcludedFilePathGroups ` + -Name 'IrmXSGFilePaths' } elseif ($null -ne $ExcludedFileTypeGroups -and $ExcludedFileTypeGroups.Length -gt 0) { Set-M365DSCSCInsiderRiskExclusionGroup -CurrentValues $currentInstance.ExcludedFileTypeGroups ` - -DesiredValues $ExcludedFileTypeGroups ` - -Name 'IrmXSGFiletypes' + -DesiredValues $ExcludedFileTypeGroups ` + -Name 'IrmXSGFiletypes' } elseif ($null -ne $ExceptionKeyworkGroups -and $ExceptionKeyworkGroups.Length -gt 0) { Set-M365DSCSCInsiderRiskExclusionGroup -CurrentValues $currentInstance.ExceptionKeyworkGroups ` - -DesiredValues $ExceptionKeyworkGroups ` - -Name 'IrmXSGExcludedKeywords ' + -DesiredValues $ExceptionKeyworkGroups ` + -Name 'IrmXSGExcludedKeywords ' } elseif ($null -ne $ExcludedKeyworkGroups -and $ExcludedKeyworkGroups.Length -gt 0) { Set-M365DSCSCInsiderRiskExclusionGroup -CurrentValues $currentInstance.ExcludedKeyworkGroups ` - -DesiredValues $ExcludedKeyworkGroups ` - -Name 'IrmXSGExcludedKeywords ' + -DesiredValues $ExcludedKeyworkGroups ` + -Name 'IrmXSGExcludedKeywords ' } elseif ($null -ne $ExcludedSensitiveInformationTypeGroups -and $ExcludedSensitiveInformationTypeGroups.Length -gt 0) { Set-M365DSCSCInsiderRiskExclusionGroup -CurrentValues $currentInstance.ExcludedSensitiveInformationTypeGroups ` - -DesiredValues $ExcludedSensitiveInformationTypeGroups ` - -Name 'IrmXSGSensitiveInfoTypes ' + -DesiredValues $ExcludedSensitiveInformationTypeGroups ` + -Name 'IrmXSGSensitiveInfoTypes ' } elseif ($null -ne $ExcludedSiteGroups -and $ExcludedSiteGroups.Length -gt 0) { Set-M365DSCSCInsiderRiskExclusionGroup -CurrentValues $currentInstance.ExcludedSiteGroups ` - -DesiredValues $ExcludedSiteGroups ` - -Name 'IrmXSGSites ' + -DesiredValues $ExcludedSiteGroups ` + -Name 'IrmXSGSites ' } elseif ($null -ne $ExcludedClassifierGroups -and $ExcludedClassifierGroups.Length -gt 0) { Set-M365DSCSCInsiderRiskExclusionGroup -CurrentValues $currentInstance.ExcludedClassifierGroups ` - -DesiredValues $ExcludedClassifierGroups ` - -Name 'IrmXSGMLClassifierTypes ' + -DesiredValues $ExcludedClassifierGroups ` + -Name 'IrmXSGMLClassifierTypes ' } } # REMOVE @@ -1073,8 +1073,8 @@ function Export-TargetResource $Script:ExportMode = $true [array] $Script:exportedInstances = @() $availableTypes = @('HveLists', 'DomainLists', 'CriticalAssetLists', 'WindowsFilePathRegexLists', 'SensitiveTypeLists', 'SiteLists', 'KeywordLists', ` - 'CustomDomainLists', 'CustomSiteLists', 'CustomKeywordLists', 'CustomFileTypeLists', 'CustomFilePathRegexLists', ` - 'CustomSensitiveInformationTypeLists', 'CustomMLClassifierTypeLists', 'GlobalExclusionSGMapping', 'DlpPolicyLists') + 'CustomDomainLists', 'CustomSiteLists', 'CustomKeywordLists', 'CustomFileTypeLists', 'CustomFilePathRegexLists', ` + 'CustomSensitiveInformationTypeLists', 'CustomMLClassifierTypeLists', 'GlobalExclusionSGMapping', 'DlpPolicyLists') # Retrieve entries for each type foreach ($listType in $availableTypes) @@ -1174,12 +1174,12 @@ function ConvertTo-M365DSCSCInsiderRiskDomainToString [CmdletBinding()] [OutputType([System.String])] param( - [Parameter(Mandatory=$true)] + [Parameter(Mandatory = $true)] [System.Object[]] $Domains ) - $content = "@(" + $content = '@(' foreach ($domain in $Domains) { $content += "MSFT_SCInsiderRiskEntityListDomain`r`n" @@ -1188,7 +1188,7 @@ function ConvertTo-M365DSCSCInsiderRiskDomainToString $content += " isMLSubDmn = `$$($domain.isMLSubDmn)`r`n" $content += "}`r`n" } - $content += ")" + $content += ')' return $content } @@ -1197,12 +1197,12 @@ function ConvertTo-M365DSCSCInsiderRiskSiteToString [CmdletBinding()] [OutputType([System.String])] param( - [Parameter(Mandatory=$true)] + [Parameter(Mandatory = $true)] [System.Object[]] $Sites ) - $content = "@(" + $content = '@(' foreach ($site in $Sites) { $content += "MSFT_SCInsiderRiskEntityListSite`r`n" @@ -1212,7 +1212,7 @@ function ConvertTo-M365DSCSCInsiderRiskSiteToString $content += " Guid = '$($site.Guid)'`r`n" $content += "}`r`n" } - $content += ")" + $content += ')' return $content } @@ -1253,8 +1253,8 @@ function Set-M365DSCSCInsiderRiskExclusionGroup Write-Verbose -Message "Removing entities: $($entitiesToRemove -join ',')" Set-InsiderRiskEntityList -Identity $Name ` - -AddEntities $entitiesToAdd ` - -RemoveEntities $entitiesToRemove | Out-Null + -AddEntities $entitiesToAdd ` + -RemoveEntities $entitiesToRemove | Out-Null } Export-ModuleMember -Function *-TargetResource diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCInsiderRiskPolicy/MSFT_SCInsiderRiskPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCInsiderRiskPolicy/MSFT_SCInsiderRiskPolicy.psm1 index 9f887882f9..584a732ad9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCInsiderRiskPolicy/MSFT_SCInsiderRiskPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCInsiderRiskPolicy/MSFT_SCInsiderRiskPolicy.psm1 @@ -739,7 +739,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } else { @@ -815,149 +815,149 @@ function Get-TargetResource FileVolCutoffLimits = $tenantSettings.IntelligentDetections.FileVolCutoffLimits AlertVolume = $tenantSettings.IntelligentDetections.AlertVolume MDATPTriageStatus = $tenantSettings.IntelligentDetections.MDATPTriageStatus - AnomalyDetections = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'AnomalyDetections'}).Enabled - CopyToPersonalCloud = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'CopyToPersonalCloud'}).Enabled - CopyToUSB = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'CopyToUSB'}).Enabled - CumulativeExfiltrationDetector = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'CumulativeExfiltrationDetector'}).Enabled - EmailExternal = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EmailExternal'}).Enabled - EmployeeAccessedEmployeePatientData = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EmployeeAccessedEmployeePatientData'}).Enabled - EmployeeAccessedFamilyData = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EmployeeAccessedFamilyData'}).Enabled - EmployeeAccessedHighVolumePatientData = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EmployeeAccessedHighVolumePatientData'}).Enabled - EmployeeAccessedNeighbourData = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EmployeeAccessedNeighbourData'}).Enabled - EmployeeAccessedRestrictedData = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EmployeeAccessedRestrictedData'}).Enabled - EpoBrowseToChildAbuseSites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToChildAbuseSites'}).Enabled - EpoBrowseToCriminalActivitySites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToCriminalActivitySites'}).Enabled - EpoBrowseToCultSites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToCultSites'}).Enabled - EpoBrowseToGamblingSites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToGamblingSites'}).Enabled - EpoBrowseToHackingSites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToHackingSites'}).Enabled - EpoBrowseToHateIntoleranceSites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToHateIntoleranceSites'}).Enabled - EpoBrowseToIllegalSoftwareSites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToIllegalSoftwareSites'}).Enabled - EpoBrowseToKeyloggerSites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToKeyloggerSites'}).Enabled - EpoBrowseToLlmSites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToLlmSites'}).Enabled - EpoBrowseToMalwareSites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToMalwareSites'}).Enabled - EpoBrowseToPhishingSites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToPhishingSites'}).Enabled - EpoBrowseToPornographySites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToPornographySites'}).Enabled - EpoBrowseToUnallowedDomain = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToUnallowedDomain'}).Enabled - EpoBrowseToViolenceSites = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoBrowseToViolenceSites'}).Enabled - EpoCopyToClipboardFromSensitiveFile = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoCopyToClipboardFromSensitiveFile'}).Enabled - EpoCopyToNetworkShare = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoCopyToNetworkShare'}).Enabled - EpoFileArchived = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoFileArchived'}).Enabled - EpoFileCopiedToRemoteDesktopSession = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoFileCopiedToRemoteDesktopSession'}).Enabled - EpoFileDeleted = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoFileDeleted'}).Enabled - EpoFileDownloadedFromBlacklistedDomain = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoFileDownloadedFromBlacklistedDomain'}).Enabled - EpoFileDownloadedFromEnterpriseDomain = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoFileDownloadedFromEnterpriseDomain'}).Enabled - EpoFileRenamed = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoFileRenamed'}).Enabled - EpoFileStagedToCentralLocation = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoFileStagedToCentralLocation'}).Enabled - EpoHiddenFileCreated = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoHiddenFileCreated'}).Enabled - EpoRemovableMediaMount = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoRemovableMediaMount'}).Enabled - EpoSensitiveFileRead = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'EpoSensitiveFileRead'}).Enabled - Mcas3rdPartyAppDownload = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'Mcas3rdPartyAppDownload'}).Enabled - Mcas3rdPartyAppFileDelete = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'Mcas3rdPartyAppFileDelete'}).Enabled - Mcas3rdPartyAppFileSharing = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'Mcas3rdPartyAppFileSharing'}).Enabled - McasActivityFromInfrequentCountry = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'McasActivityFromInfrequentCountry'}).Enabled - McasImpossibleTravel = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'McasImpossibleTravel'}).Enabled - McasMultipleFailedLogins = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'McasMultipleFailedLogins'}).Enabled - McasMultipleStorageDeletion = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'McasMultipleStorageDeletion'}).Enabled - McasMultipleVMCreation = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'McasMultipleVMCreation'}).Enabled - McasMultipleVMDeletion = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'McasMultipleVMDeletion'}).Enabled - McasSuspiciousAdminActivities = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'McasSuspiciousAdminActivities'}).Enabled - McasSuspiciousCloudCreation = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'McasSuspiciousCloudCreation'}).Enabled - McasSuspiciousCloudTrailLoggingChange = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'McasSuspiciousCloudTrailLoggingChange'}).Enabled - McasTerminatedEmployeeActivity = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'McasTerminatedEmployeeActivity'}).Enabled - OdbDownload = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'OdbDownload'}).Enabled - OdbSyncDownload = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'OdbSyncDownload'}).Enabled - PeerCumulativeExfiltrationDetector = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'PeerCumulativeExfiltrationDetector'}).Enabled - PhysicalAccess = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'PhysicalAccess'}).Enabled - PotentialHighImpactUser = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'PotentialHighImpactUser'}).Enabled - Print = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'Print'}).Enabled - PriorityUserGroupMember = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'PriorityUserGroupMember'}).Enabled - SecurityAlertDefenseEvasion = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SecurityAlertDefenseEvasion'}).Enabled - SecurityAlertUnwantedSoftware = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SecurityAlertUnwantedSoftware'}).Enabled - SpoAccessRequest = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoAccessRequest'}).Enabled - SpoApprovedAccess = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoApprovedAccess'}).Enabled - SpoDownload = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoDownload'}).Enabled - SpoDownloadV2 = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoDownloadV2'}).Enabled - SpoFileAccessed = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoFileAccessed'}).Enabled - SpoFileDeleted = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoFileDeleted'}).Enabled - SpoFileDeletedFromFirstStageRecycleBin = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoFileDeletedFromFirstStageRecycleBin'}).Enabled - SpoFileDeletedFromSecondStageRecycleBin = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoFileDeletedFromSecondStageRecycleBin'}).Enabled - SpoFileLabelDowngraded = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoFileLabelDowngraded'}).Enabled - SpoFileLabelRemoved = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoFileLabelRemoved'}).Enabled - SpoFileSharing = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoFileSharing'}).Enabled - SpoFolderDeleted = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoFolderDeleted'}).Enabled - SpoFolderDeletedFromFirstStageRecycleBin = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoFolderDeletedFromFirstStageRecycleBin'}).Enabled - SpoFolderDeletedFromSecondStageRecycleBin = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoFolderDeletedFromSecondStageRecycleBin'}).Enabled - SpoFolderSharing = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoFolderSharing'}).Enabled - SpoSiteExternalUserAdded = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoSiteExternalUserAdded'}).Enabled - SpoSiteInternalUserAdded = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoSiteInternalUserAdded'}).Enabled - SpoSiteLabelRemoved = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoSiteLabelRemoved'}).Enabled - SpoSiteSharing = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoSiteSharing'}).Enabled - SpoSyncDownload = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'SpoSyncDownload'}).Enabled - TeamsChannelFileSharedExternal = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'TeamsChannelFileSharedExternal'}).Enabled - TeamsChannelMemberAddedExternal = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'TeamsChannelMemberAddedExternal'}).Enabled - TeamsChatFileSharedExternal = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'TeamsChatFileSharedExternal'}).Enabled - TeamsFileDownload = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'TeamsFileDownload'}).Enabled - TeamsFolderSharedExternal = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'TeamsFolderSharedExternal'}).Enabled - TeamsMemberAddedExternal = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'TeamsMemberAddedExternal'}).Enabled - TeamsSensitiveMessage = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'TeamsSensitiveMessage'}).Enabled - UserHistory = ($tenantSettings.Indicators | Where-Object -FilterScript {$_.Name -eq 'UserHistory'}).Enabled - AWSS3BlockPublicAccessDisabled = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'AWSS3BlockPublicAccessDisabled'}).Enabled - AWSS3BucketDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'AWSS3BucketDeleted'}).Enabled - AWSS3PublicAccessEnabled = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'AWSS3PublicAccessEnabled'}).Enabled - AWSS3ServerLoggingDisabled = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'AWSS3ServerLoggingDisabled'}).Enabled - AzureElevateAccessToAllSubscriptions = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'AzureElevateAccessToAllSubscriptions'}).Enabled - AzureResourceThreatProtectionSettingsUpdated = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'AzureResourceThreatProtectionSettingsUpdated'}).Enabled - AzureSQLServerAuditingSettingsUpdated = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'AzureSQLServerAuditingSettingsUpdated'}).Enabled - AzureSQLServerFirewallRuleDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'AzureSQLServerFirewallRuleDeleted'}).Enabled - AzureSQLServerFirewallRuleUpdated = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'AzureSQLServerFirewallRuleUpdated'}).Enabled - AzureStorageAccountOrContainerDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'AzureStorageAccountOrContainerDeleted'}).Enabled - BoxContentAccess = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'BoxContentAccess'}).Enabled - BoxContentDelete = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'BoxContentDelete'}).Enabled - BoxContentDownload = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'BoxContentDownload'}).Enabled - BoxContentExternallyShared = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'BoxContentExternallyShared'}).Enabled - CCFinancialRegulatoryRiskyTextSent = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'CCFinancialRegulatoryRiskyTextSent'}).Enabled - CCInappropriateContentSent = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'CCInappropriateContentSent'}).Enabled - CCInappropriateImagesSent = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'CCInappropriateImagesSent'}).Enabled - DropboxContentAccess = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'DropboxContentAccess'}).Enabled - DropboxContentDelete = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'DropboxContentDelete'}).Enabled - DropboxContentDownload = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'DropboxContentDownload'}).Enabled - DropboxContentExternallyShared = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'DropboxContentExternallyShared'}).Enabled - GoogleDriveContentAccess = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'GoogleDriveContentAccess'}).Enabled - GoogleDriveContentDelete = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'GoogleDriveContentDelete'}).Enabled - GoogleDriveContentExternallyShared = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'GoogleDriveContentExternallyShared'}).Enabled - PowerBIDashboardsDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'PowerBIDashboardsDeleted'}).Enabled - PowerBIReportsDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'PowerBIReportsDeleted'}).Enabled - PowerBIReportsDownloaded = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'PowerBIReportsDownloaded'}).Enabled - PowerBIReportsExported = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'PowerBIReportsExported'}).Enabled - PowerBIReportsViewed = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'PowerBIReportsViewed'}).Enabled - PowerBISemanticModelsDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'PowerBISemanticModelsDeleted'}).Enabled - PowerBISensitivityLabelDowngradedForArtifacts = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'PowerBISensitivityLabelDowngradedForArtifacts'}).Enabled - PowerBISensitivityLabelRemovedFromArtifacts = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript {$_.Name -eq 'PowerBISensitivityLabelRemovedFromArtifacts'}).Enabled + AnomalyDetections = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'AnomalyDetections' }).Enabled + CopyToPersonalCloud = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'CopyToPersonalCloud' }).Enabled + CopyToUSB = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'CopyToUSB' }).Enabled + CumulativeExfiltrationDetector = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'CumulativeExfiltrationDetector' }).Enabled + EmailExternal = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EmailExternal' }).Enabled + EmployeeAccessedEmployeePatientData = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EmployeeAccessedEmployeePatientData' }).Enabled + EmployeeAccessedFamilyData = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EmployeeAccessedFamilyData' }).Enabled + EmployeeAccessedHighVolumePatientData = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EmployeeAccessedHighVolumePatientData' }).Enabled + EmployeeAccessedNeighbourData = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EmployeeAccessedNeighbourData' }).Enabled + EmployeeAccessedRestrictedData = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EmployeeAccessedRestrictedData' }).Enabled + EpoBrowseToChildAbuseSites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToChildAbuseSites' }).Enabled + EpoBrowseToCriminalActivitySites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToCriminalActivitySites' }).Enabled + EpoBrowseToCultSites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToCultSites' }).Enabled + EpoBrowseToGamblingSites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToGamblingSites' }).Enabled + EpoBrowseToHackingSites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToHackingSites' }).Enabled + EpoBrowseToHateIntoleranceSites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToHateIntoleranceSites' }).Enabled + EpoBrowseToIllegalSoftwareSites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToIllegalSoftwareSites' }).Enabled + EpoBrowseToKeyloggerSites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToKeyloggerSites' }).Enabled + EpoBrowseToLlmSites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToLlmSites' }).Enabled + EpoBrowseToMalwareSites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToMalwareSites' }).Enabled + EpoBrowseToPhishingSites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToPhishingSites' }).Enabled + EpoBrowseToPornographySites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToPornographySites' }).Enabled + EpoBrowseToUnallowedDomain = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToUnallowedDomain' }).Enabled + EpoBrowseToViolenceSites = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoBrowseToViolenceSites' }).Enabled + EpoCopyToClipboardFromSensitiveFile = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoCopyToClipboardFromSensitiveFile' }).Enabled + EpoCopyToNetworkShare = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoCopyToNetworkShare' }).Enabled + EpoFileArchived = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoFileArchived' }).Enabled + EpoFileCopiedToRemoteDesktopSession = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoFileCopiedToRemoteDesktopSession' }).Enabled + EpoFileDeleted = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoFileDeleted' }).Enabled + EpoFileDownloadedFromBlacklistedDomain = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoFileDownloadedFromBlacklistedDomain' }).Enabled + EpoFileDownloadedFromEnterpriseDomain = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoFileDownloadedFromEnterpriseDomain' }).Enabled + EpoFileRenamed = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoFileRenamed' }).Enabled + EpoFileStagedToCentralLocation = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoFileStagedToCentralLocation' }).Enabled + EpoHiddenFileCreated = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoHiddenFileCreated' }).Enabled + EpoRemovableMediaMount = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoRemovableMediaMount' }).Enabled + EpoSensitiveFileRead = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'EpoSensitiveFileRead' }).Enabled + Mcas3rdPartyAppDownload = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'Mcas3rdPartyAppDownload' }).Enabled + Mcas3rdPartyAppFileDelete = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'Mcas3rdPartyAppFileDelete' }).Enabled + Mcas3rdPartyAppFileSharing = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'Mcas3rdPartyAppFileSharing' }).Enabled + McasActivityFromInfrequentCountry = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'McasActivityFromInfrequentCountry' }).Enabled + McasImpossibleTravel = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'McasImpossibleTravel' }).Enabled + McasMultipleFailedLogins = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'McasMultipleFailedLogins' }).Enabled + McasMultipleStorageDeletion = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'McasMultipleStorageDeletion' }).Enabled + McasMultipleVMCreation = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'McasMultipleVMCreation' }).Enabled + McasMultipleVMDeletion = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'McasMultipleVMDeletion' }).Enabled + McasSuspiciousAdminActivities = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'McasSuspiciousAdminActivities' }).Enabled + McasSuspiciousCloudCreation = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'McasSuspiciousCloudCreation' }).Enabled + McasSuspiciousCloudTrailLoggingChange = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'McasSuspiciousCloudTrailLoggingChange' }).Enabled + McasTerminatedEmployeeActivity = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'McasTerminatedEmployeeActivity' }).Enabled + OdbDownload = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'OdbDownload' }).Enabled + OdbSyncDownload = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'OdbSyncDownload' }).Enabled + PeerCumulativeExfiltrationDetector = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'PeerCumulativeExfiltrationDetector' }).Enabled + PhysicalAccess = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'PhysicalAccess' }).Enabled + PotentialHighImpactUser = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'PotentialHighImpactUser' }).Enabled + Print = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'Print' }).Enabled + PriorityUserGroupMember = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'PriorityUserGroupMember' }).Enabled + SecurityAlertDefenseEvasion = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SecurityAlertDefenseEvasion' }).Enabled + SecurityAlertUnwantedSoftware = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SecurityAlertUnwantedSoftware' }).Enabled + SpoAccessRequest = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoAccessRequest' }).Enabled + SpoApprovedAccess = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoApprovedAccess' }).Enabled + SpoDownload = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoDownload' }).Enabled + SpoDownloadV2 = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoDownloadV2' }).Enabled + SpoFileAccessed = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoFileAccessed' }).Enabled + SpoFileDeleted = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoFileDeleted' }).Enabled + SpoFileDeletedFromFirstStageRecycleBin = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoFileDeletedFromFirstStageRecycleBin' }).Enabled + SpoFileDeletedFromSecondStageRecycleBin = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoFileDeletedFromSecondStageRecycleBin' }).Enabled + SpoFileLabelDowngraded = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoFileLabelDowngraded' }).Enabled + SpoFileLabelRemoved = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoFileLabelRemoved' }).Enabled + SpoFileSharing = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoFileSharing' }).Enabled + SpoFolderDeleted = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoFolderDeleted' }).Enabled + SpoFolderDeletedFromFirstStageRecycleBin = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoFolderDeletedFromFirstStageRecycleBin' }).Enabled + SpoFolderDeletedFromSecondStageRecycleBin = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoFolderDeletedFromSecondStageRecycleBin' }).Enabled + SpoFolderSharing = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoFolderSharing' }).Enabled + SpoSiteExternalUserAdded = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoSiteExternalUserAdded' }).Enabled + SpoSiteInternalUserAdded = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoSiteInternalUserAdded' }).Enabled + SpoSiteLabelRemoved = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoSiteLabelRemoved' }).Enabled + SpoSiteSharing = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoSiteSharing' }).Enabled + SpoSyncDownload = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'SpoSyncDownload' }).Enabled + TeamsChannelFileSharedExternal = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'TeamsChannelFileSharedExternal' }).Enabled + TeamsChannelMemberAddedExternal = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'TeamsChannelMemberAddedExternal' }).Enabled + TeamsChatFileSharedExternal = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'TeamsChatFileSharedExternal' }).Enabled + TeamsFileDownload = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'TeamsFileDownload' }).Enabled + TeamsFolderSharedExternal = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'TeamsFolderSharedExternal' }).Enabled + TeamsMemberAddedExternal = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'TeamsMemberAddedExternal' }).Enabled + TeamsSensitiveMessage = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'TeamsSensitiveMessage' }).Enabled + UserHistory = ($tenantSettings.Indicators | Where-Object -FilterScript { $_.Name -eq 'UserHistory' }).Enabled + AWSS3BlockPublicAccessDisabled = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'AWSS3BlockPublicAccessDisabled' }).Enabled + AWSS3BucketDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'AWSS3BucketDeleted' }).Enabled + AWSS3PublicAccessEnabled = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'AWSS3PublicAccessEnabled' }).Enabled + AWSS3ServerLoggingDisabled = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'AWSS3ServerLoggingDisabled' }).Enabled + AzureElevateAccessToAllSubscriptions = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'AzureElevateAccessToAllSubscriptions' }).Enabled + AzureResourceThreatProtectionSettingsUpdated = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'AzureResourceThreatProtectionSettingsUpdated' }).Enabled + AzureSQLServerAuditingSettingsUpdated = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'AzureSQLServerAuditingSettingsUpdated' }).Enabled + AzureSQLServerFirewallRuleDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'AzureSQLServerFirewallRuleDeleted' }).Enabled + AzureSQLServerFirewallRuleUpdated = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'AzureSQLServerFirewallRuleUpdated' }).Enabled + AzureStorageAccountOrContainerDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'AzureStorageAccountOrContainerDeleted' }).Enabled + BoxContentAccess = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'BoxContentAccess' }).Enabled + BoxContentDelete = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'BoxContentDelete' }).Enabled + BoxContentDownload = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'BoxContentDownload' }).Enabled + BoxContentExternallyShared = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'BoxContentExternallyShared' }).Enabled + CCFinancialRegulatoryRiskyTextSent = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'CCFinancialRegulatoryRiskyTextSent' }).Enabled + CCInappropriateContentSent = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'CCInappropriateContentSent' }).Enabled + CCInappropriateImagesSent = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'CCInappropriateImagesSent' }).Enabled + DropboxContentAccess = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'DropboxContentAccess' }).Enabled + DropboxContentDelete = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'DropboxContentDelete' }).Enabled + DropboxContentDownload = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'DropboxContentDownload' }).Enabled + DropboxContentExternallyShared = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'DropboxContentExternallyShared' }).Enabled + GoogleDriveContentAccess = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'GoogleDriveContentAccess' }).Enabled + GoogleDriveContentDelete = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'GoogleDriveContentDelete' }).Enabled + GoogleDriveContentExternallyShared = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'GoogleDriveContentExternallyShared' }).Enabled + PowerBIDashboardsDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'PowerBIDashboardsDeleted' }).Enabled + PowerBIReportsDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'PowerBIReportsDeleted' }).Enabled + PowerBIReportsDownloaded = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'PowerBIReportsDownloaded' }).Enabled + PowerBIReportsExported = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'PowerBIReportsExported' }).Enabled + PowerBIReportsViewed = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'PowerBIReportsViewed' }).Enabled + PowerBISemanticModelsDeleted = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'PowerBISemanticModelsDeleted' }).Enabled + PowerBISensitivityLabelDowngradedForArtifacts = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'PowerBISensitivityLabelDowngradedForArtifacts' }).Enabled + PowerBISensitivityLabelRemovedFromArtifacts = ($tenantSettings.ExtensibleIndicators | Where-Object -FilterScript { $_.Name -eq 'PowerBISensitivityLabelRemovedFromArtifacts' }).Enabled HistoricTimeSpan = $tenantSettings.TimeSpan.HistoricTimeSpan InScopeTimeSpan = $tenantSettings.TimeSpan.InScopeTimeSpan EnableTeam = [Boolean]($tenantSettings.FeatureSettings.EnableTeam) } - $AnalyticsNewInsight = $tenantSettings.NotificationPreferences | Where-Object -FilterScript {$_.NotificationType -eq 'AnalyticsNewInsight'} + $AnalyticsNewInsight = $tenantSettings.NotificationPreferences | Where-Object -FilterScript { $_.NotificationType -eq 'AnalyticsNewInsight' } if ($null -ne $AnalyticsNewInsight) { $tenantSettingsHash.Add('AnalyticsNewInsightEnabled', [Boolean]$AnalyticsNewInsight.Enabled) } - $AnalyticsTurnedOff = $tenantSettings.NotificationPreferences | Where-Object -FilterScript {$_.NotificationType -eq 'AnalyticsTurnedOff'} + $AnalyticsTurnedOff = $tenantSettings.NotificationPreferences | Where-Object -FilterScript { $_.NotificationType -eq 'AnalyticsTurnedOff' } if ($null -ne $AnalyticsTurnedOff) { $tenantSettingsHash.Add('AnalyticsTurnedOffEnabled', [Boolean]$AnalyticsTurnedOff.Enabled) } - $highSeverityAlerts = $tenantSettings.NotificationPreferences | Where-Object -FilterScript {$_.NotificationType -eq 'HighSeverityAlerts'} + $highSeverityAlerts = $tenantSettings.NotificationPreferences | Where-Object -FilterScript { $_.NotificationType -eq 'HighSeverityAlerts' } if ($null -ne $highSeverityAlerts) { $tenantSettingsHash.Add('HighSeverityAlertsEnabled', [Boolean]$highSeverityAlerts.Enabled) $tenantSettingsHash.Add('HighSeverityAlertsRoleGroups', [Array]$highSeverityAlerts.RoleGroups) } - $policiesHealth = $tenantSettings.NotificationPreferences | Where-Object -FilterScript {$_.NotificationType -eq 'PoliciesHealth'} + $policiesHealth = $tenantSettings.NotificationPreferences | Where-Object -FilterScript { $_.NotificationType -eq 'PoliciesHealth' } if ($null -ne $policiesHealth) { $tenantSettingsHash.Add('PoliciesHealthEnabled', [Boolean]$policiesHealth.Enabled) @@ -977,7 +977,7 @@ function Get-TargetResource # Adaptive Protection $AdaptiveProtectionEnabledValue = $false if ($null -ne $tenantSettings.DynamicRiskPreventionSettings -and ` - $null -ne $tenantSettings.DynamicRiskPreventionSettings.DynamicRiskScenarioSettings) + $null -ne $tenantSettings.DynamicRiskPreventionSettings.DynamicRiskScenarioSettings) { if ($tenantSettings.DynamicRiskPreventionSettings.DynamicRiskScenarioSettings.ActivationStatus -eq 0) { @@ -1786,33 +1786,33 @@ function Set-TargetResource $setParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters - $indicatorsProperties = @('AnomalyDetections','CopyToPersonalCloud','CopyToUSB','CumulativeExfiltrationDetector', ` - 'EmailExternal','EmployeeAccessedEmployeePatientData','EmployeeAccessedFamilyData', ` - 'EmployeeAccessedHighVolumePatientData','EmployeeAccessedNeighbourData', ` - 'EmployeeAccessedRestrictedData','EpoBrowseToChildAbuseSites','EpoBrowseToCriminalActivitySites', ` - 'EpoBrowseToCultSites','EpoBrowseToGamblingSites','EpoBrowseToHackingSites', ` - 'EpoBrowseToHateIntoleranceSites','EpoBrowseToIllegalSoftwareSites','EpoBrowseToKeyloggerSites', ` - 'EpoBrowseToLlmSites','EpoBrowseToMalwareSites','EpoBrowseToPhishingSites', ` - 'EpoBrowseToPornographySites','EpoBrowseToUnallowedDomain','EpoBrowseToViolenceSites', ` - 'EpoCopyToClipboardFromSensitiveFile','EpoCopyToNetworkShare','EpoFileArchived', ` - 'EpoFileCopiedToRemoteDesktopSession','EpoFileDeleted','EpoFileDownloadedFromBlacklistedDomain', ` - 'EpoFileDownloadedFromEnterpriseDomain','EpoFileRenamed','EpoFileStagedToCentralLocation', ` - 'EpoHiddenFileCreated','EpoRemovableMediaMount','EpoSensitiveFileRead','Mcas3rdPartyAppDownload', ` - 'Mcas3rdPartyAppFileDelete','Mcas3rdPartyAppFileSharing','McasActivityFromInfrequentCountry', ` - 'McasImpossibleTravel','McasMultipleFailedLogins','McasMultipleStorageDeletion', ` - 'McasMultipleVMCreation','McasMultipleVMDeletion','McasSuspiciousAdminActivities', ` - 'McasSuspiciousCloudCreation','McasSuspiciousCloudTrailLoggingChange','McasTerminatedEmployeeActivity', ` - 'OdbDownload','OdbSyncDownload','PeerCumulativeExfiltrationDetector','PhysicalAccess', ` - 'PotentialHighImpactUser','Print','PriorityUserGroupMember','SecurityAlertDefenseEvasion', ` - 'SecurityAlertUnwantedSoftware','SpoAccessRequest','SpoApprovedAccess','SpoDownload','SpoDownloadV2', ` - 'SpoFileAccessed','SpoFileDeleted','SpoFileDeletedFromFirstStageRecycleBin', ` - 'SpoFileDeletedFromSecondStageRecycleBin','SpoFileLabelDowngraded','SpoFileLabelRemoved', ` - 'SpoFileSharing','SpoFolderDeleted','SpoFolderDeletedFromFirstStageRecycleBin', ` - 'SpoFolderDeletedFromSecondStageRecycleBin','SpoFolderSharing','SpoSiteExternalUserAdded', ` - 'SpoSiteInternalUserAdded','SpoSiteLabelRemoved','SpoSiteSharing','SpoSyncDownload', ` - 'TeamsChannelFileSharedExternal','TeamsChannelMemberAddedExternal','TeamsChatFileSharedExternal', ` - 'TeamsFileDownload','TeamsFolderSharedExternal','TeamsMemberAddedExternal','TeamsSensitiveMessage', ` - 'UserHistory') + $indicatorsProperties = @('AnomalyDetections', 'CopyToPersonalCloud', 'CopyToUSB', 'CumulativeExfiltrationDetector', ` + 'EmailExternal', 'EmployeeAccessedEmployeePatientData', 'EmployeeAccessedFamilyData', ` + 'EmployeeAccessedHighVolumePatientData', 'EmployeeAccessedNeighbourData', ` + 'EmployeeAccessedRestrictedData', 'EpoBrowseToChildAbuseSites', 'EpoBrowseToCriminalActivitySites', ` + 'EpoBrowseToCultSites', 'EpoBrowseToGamblingSites', 'EpoBrowseToHackingSites', ` + 'EpoBrowseToHateIntoleranceSites', 'EpoBrowseToIllegalSoftwareSites', 'EpoBrowseToKeyloggerSites', ` + 'EpoBrowseToLlmSites', 'EpoBrowseToMalwareSites', 'EpoBrowseToPhishingSites', ` + 'EpoBrowseToPornographySites', 'EpoBrowseToUnallowedDomain', 'EpoBrowseToViolenceSites', ` + 'EpoCopyToClipboardFromSensitiveFile', 'EpoCopyToNetworkShare', 'EpoFileArchived', ` + 'EpoFileCopiedToRemoteDesktopSession', 'EpoFileDeleted', 'EpoFileDownloadedFromBlacklistedDomain', ` + 'EpoFileDownloadedFromEnterpriseDomain', 'EpoFileRenamed', 'EpoFileStagedToCentralLocation', ` + 'EpoHiddenFileCreated', 'EpoRemovableMediaMount', 'EpoSensitiveFileRead', 'Mcas3rdPartyAppDownload', ` + 'Mcas3rdPartyAppFileDelete', 'Mcas3rdPartyAppFileSharing', 'McasActivityFromInfrequentCountry', ` + 'McasImpossibleTravel', 'McasMultipleFailedLogins', 'McasMultipleStorageDeletion', ` + 'McasMultipleVMCreation', 'McasMultipleVMDeletion', 'McasSuspiciousAdminActivities', ` + 'McasSuspiciousCloudCreation', 'McasSuspiciousCloudTrailLoggingChange', 'McasTerminatedEmployeeActivity', ` + 'OdbDownload', 'OdbSyncDownload', 'PeerCumulativeExfiltrationDetector', 'PhysicalAccess', ` + 'PotentialHighImpactUser', 'Print', 'PriorityUserGroupMember', 'SecurityAlertDefenseEvasion', ` + 'SecurityAlertUnwantedSoftware', 'SpoAccessRequest', 'SpoApprovedAccess', 'SpoDownload', 'SpoDownloadV2', ` + 'SpoFileAccessed', 'SpoFileDeleted', 'SpoFileDeletedFromFirstStageRecycleBin', ` + 'SpoFileDeletedFromSecondStageRecycleBin', 'SpoFileLabelDowngraded', 'SpoFileLabelRemoved', ` + 'SpoFileSharing', 'SpoFolderDeleted', 'SpoFolderDeletedFromFirstStageRecycleBin', ` + 'SpoFolderDeletedFromSecondStageRecycleBin', 'SpoFolderSharing', 'SpoSiteExternalUserAdded', ` + 'SpoSiteInternalUserAdded', 'SpoSiteLabelRemoved', 'SpoSiteSharing', 'SpoSyncDownload', ` + 'TeamsChannelFileSharedExternal', 'TeamsChannelMemberAddedExternal', 'TeamsChatFileSharedExternal', ` + 'TeamsFileDownload', 'TeamsFolderSharedExternal', 'TeamsMemberAddedExternal', 'TeamsSensitiveMessage', ` + 'UserHistory') $indicatorValues = @() foreach ($indicatorProperty in $indicatorsProperties) @@ -1823,15 +1823,15 @@ function Set-TargetResource } } - $extensibleIndicatorsProperties = @('AWSS3BlockPublicAccessDisabled','AWSS3BucketDeleted','AWSS3PublicAccessEnabled',` - 'AWSS3ServerLoggingDisabled','AzureElevateAccessToAllSubscriptions','AzureResourceThreatProtectionSettingsUpdated', ` - 'AzureSQLServerAuditingSettingsUpdated','AzureSQLServerFirewallRuleDeleted','AzureSQLServerFirewallRuleUpdated', ` - 'AzureStorageAccountOrContainerDeleted','BoxContentAccess','BoxContentDelete','BoxContentDownload','BoxContentExternallyShared', ` - 'CCFinancialRegulatoryRiskyTextSent','CCInappropriateContentSent','CCInappropriateImagesSent','DropboxContentAccess', ` - 'DropboxContentDelete','DropboxContentDownload','DropboxContentExternallyShared','GoogleDriveContentAccess', ` - 'GoogleDriveContentDelete','GoogleDriveContentExternallyShared','PowerBIDashboardsDeleted','PowerBIReportsDeleted', ` - 'PowerBIReportsDownloaded','PowerBIReportsExported','PowerBIReportsViewed','PowerBISemanticModelsDeleted', ` - 'PowerBISensitivityLabelDowngradedForArtifacts','PowerBISensitivityLabelRemovedFromArtifacts') + $extensibleIndicatorsProperties = @('AWSS3BlockPublicAccessDisabled', 'AWSS3BucketDeleted', 'AWSS3PublicAccessEnabled', ` + 'AWSS3ServerLoggingDisabled', 'AzureElevateAccessToAllSubscriptions', 'AzureResourceThreatProtectionSettingsUpdated', ` + 'AzureSQLServerAuditingSettingsUpdated', 'AzureSQLServerFirewallRuleDeleted', 'AzureSQLServerFirewallRuleUpdated', ` + 'AzureStorageAccountOrContainerDeleted', 'BoxContentAccess', 'BoxContentDelete', 'BoxContentDownload', 'BoxContentExternallyShared', ` + 'CCFinancialRegulatoryRiskyTextSent', 'CCInappropriateContentSent', 'CCInappropriateImagesSent', 'DropboxContentAccess', ` + 'DropboxContentDelete', 'DropboxContentDownload', 'DropboxContentExternallyShared', 'GoogleDriveContentAccess', ` + 'GoogleDriveContentDelete', 'GoogleDriveContentExternallyShared', 'PowerBIDashboardsDeleted', 'PowerBIReportsDeleted', ` + 'PowerBIReportsDownloaded', 'PowerBIReportsExported', 'PowerBIReportsViewed', 'PowerBISemanticModelsDeleted', ` + 'PowerBISensitivityLabelDowngradedForArtifacts', 'PowerBISensitivityLabelRemovedFromArtifacts') $extensibleIndicatorsValues = @() foreach ($extensibleIndicatorsProperty in $extensibleIndicatorsProperties) @@ -1848,10 +1848,10 @@ function Set-TargetResource $tenantSettingsValue = "{`"Region`":`"WW`", `"FeatureSettings`":$($featureSettingsValue), " + ` - "`"IntelligentDetections`":$($intelligentDetectionValue)" + "`"IntelligentDetections`":$($intelligentDetectionValue)" if ($null -ne $AdaptiveProtectionEnabled) { - Write-Verbose -Message "Adding Adaptive Protection setting to the set parameters." + Write-Verbose -Message 'Adding Adaptive Protection setting to the set parameters.' $AdaptiveProtectionActivatonStatus = 1 if ($AdaptiveProtectionEnabled) { @@ -1865,19 +1865,19 @@ function Set-TargetResource $tenantSettingsValue += ", `"DynamicRiskPreventionSettings`":$dynamicRiskPreventionSettings" } - $tenantSettingsValue += "}" + $tenantSettingsValue += '}' # CREATE if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating new Insider Risk Policy {$Name} with values:`r`nIndicators: $($indicatorValues)`r`n`r`nExtensibleIndicators: $($extensibleIndicatorsValues)`r`n`r`nTenantSettings: $($tenantSettingsValue)`r`n`r`nSessionRecordingSettings: $($sessionRecordingValues)" New-InsiderRiskPolicy -Name $Name -InsiderRiskScenario $InsiderRiskScenario ` - -Indicators $indicatorValues ` - -ExtensibleIndicators $extensibleIndicatorsValues ` - -TenantSetting $tenantSettingsValue ` - -HistoricTimeSpan $HistoricTimeSpan ` - -InScopeTimeSpan $InScopeTimeSpan ` - -SessionRecordingSettings $sessionRecordingValues + -Indicators $indicatorValues ` + -ExtensibleIndicators $extensibleIndicatorsValues ` + -TenantSetting $tenantSettingsValue ` + -HistoricTimeSpan $HistoricTimeSpan ` + -InScopeTimeSpan $InScopeTimeSpan ` + -SessionRecordingSettings $sessionRecordingValues } # UPDATE elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCPolicyConfig/MSFT_SCPolicyConfig.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCPolicyConfig/MSFT_SCPolicyConfig.psm1 index e0f76fbaa1..fca3493151 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCPolicyConfig/MSFT_SCPolicyConfig.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCPolicyConfig/MSFT_SCPolicyConfig.psm1 @@ -177,25 +177,25 @@ function Get-TargetResource $DlpNetworkShareGroupsObject = ConvertFrom-Json $instance.DlpNetworkShareGroups # AdvancedClassificationEnabled - $AdvancedClassificationEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'AdvancedClassificationEnabled'}).Value + $AdvancedClassificationEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'AdvancedClassificationEnabled' }).Value # BandwidthLimitEnabled - $BandwidthLimitEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'BandwidthLimitEnabledValue'}).Value + $BandwidthLimitEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'BandwidthLimitEnabledValue' }).Value # DailyBandwidthLimitInMB - $DailyBandwidthLimitInMBValue = [UInt32]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'DailyBandwidthLimitInMB'}).Value + $DailyBandwidthLimitInMBValue = [UInt32]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'DailyBandwidthLimitInMB' }).Value # PathExclusion - $PathExclusionValue = [Array]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'PathExclusion'}).Value + $PathExclusionValue = [Array]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'PathExclusion' }).Value # MacPathExclusion - $MacPathExclusionValue = [Array]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'MacPathExclusion'}).Value + $MacPathExclusionValue = [Array]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'MacPathExclusion' }).Value # MacDefaultPathExclusionsEnabled - $MacDefaultPathExclusionsEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'MacDefaultPathExclusionsEnabled'}).Value + $MacDefaultPathExclusionsEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'MacDefaultPathExclusionsEnabled' }).Value #EvidenceStoreSettings - $entry = $EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'EvidenceStoreSettings'} + $entry = $EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'EvidenceStoreSettings' } if ($null -ne $entry) { $entry = ConvertFrom-Json $entry.Value @@ -208,10 +208,10 @@ function Get-TargetResource } # NetworkPathEnforcementEnabled - $NetworkPathEnforcementEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'NetworkPathEnforcementEnabled'}).Value + $NetworkPathEnforcementEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'NetworkPathEnforcementEnabled' }).Value # NetworkPathExclusion - $NetworkPathExclusionValue = ($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'NetworkPathExclusion'}).Value + $NetworkPathExclusionValue = ($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'NetworkPathExclusion' }).Value # DlpAppGroups $DlpAppGroupsValue = @() @@ -237,7 +237,7 @@ function Get-TargetResource } # UnallowedApp - $entries = [Array]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'UnallowedApp'}) + $entries = [Array]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'UnallowedApp' }) $UnallowedAppValue = @() foreach ($entry in $entries) { @@ -249,7 +249,7 @@ function Get-TargetResource } # UnallowedCloudSyncApp - $entries = [Array]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'UnallowedCloudSyncApp'}) + $entries = [Array]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'UnallowedCloudSyncApp' }) $UnallowedCloudSyncAppValue = @() foreach ($entry in $entries) { @@ -261,10 +261,10 @@ function Get-TargetResource } # IncludePredefinedUnallowedBluetoothApps - $IncludePredefinedUnallowedBluetoothAppsValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'IncludePredefinedUnallowedBluetoothApps'}).Value + $IncludePredefinedUnallowedBluetoothAppsValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'IncludePredefinedUnallowedBluetoothApps' }).Value # UnallowedBluetoothApp - $entries = [Array]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'UnallowedBluetoothApp'}) + $entries = [Array]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'UnallowedBluetoothApp' }) $UnallowedBluetoothAppValue = @() foreach ($entry in $entries) { @@ -276,7 +276,7 @@ function Get-TargetResource } # UnallowedBrowser - $entries = [Array]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'UnallowedBrowser'}) + $entries = [Array]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'UnallowedBrowser' }) $UnallowedBrowserValue = @() foreach ($entry in $entries) { @@ -288,17 +288,17 @@ function Get-TargetResource } # CloudAppMode - $CloudAppModeValue = ($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'CloudAppMode'}).Value + $CloudAppModeValue = ($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'CloudAppMode' }).Value # CloudAppRestrictionList - $CloudAppRestrictionListValue = [Array]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'CloudAppRestrictionList'}).Value + $CloudAppRestrictionListValue = [Array]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'CloudAppRestrictionList' }).Value # SiteGroups $SiteGroupsValue = @() foreach ($siteGroup in $SiteGroupsObject) { $entry = @{ - Id = $siteGroup.Id + Id = $siteGroup.Id Name = $siteGroup.Name } @@ -317,11 +317,11 @@ function Get-TargetResource } # CustomBusinessJustificationNotification - $CustomBusinessJustificationNotificationValue = [Uint32]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'CustomBusinessJustificationNotification'}).Value + $CustomBusinessJustificationNotificationValue = [Uint32]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'CustomBusinessJustificationNotification' }).Value if (-not [System.String]::IsNullOrEmpty($EndpointDlpGlobalSettingsValue.Setting)) { - $entities = $EndpointDlpGlobalSettingsValue | Where-Object -FilterScript {$_.Setting -eq 'BusinessJustificationList'} + $entities = $EndpointDlpGlobalSettingsValue | Where-Object -FilterScript { $_.Setting -eq 'BusinessJustificationList' } # BusinessJustificationList if ($null -ne $entities) @@ -340,13 +340,13 @@ function Get-TargetResource } # serverDlpEnabled - $serverDlpEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'serverDlpEnabled'}).Value + $serverDlpEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'serverDlpEnabled' }).Value # AuditFileActivity - $AuditFileActivityValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'AuditFileActivity'}).Value + $AuditFileActivityValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'AuditFileActivity' }).Value # VPNSettings - $entity = $EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'VPNSettings'} + $entity = $EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'VPNSettings' } if ($null -ne $entity) { $entity = ConvertFrom-Json ($entity.value) @@ -400,7 +400,7 @@ function Get-TargetResource foreach ($media in $group.removableMedia) { $current = @{ - deviceId = $media.deviceId + deviceId = $media.deviceId removableMediaVID = $media.removableMediaVID name = $media.name alias = $media.alias @@ -429,9 +429,9 @@ function Get-TargetResource } $QuarantineParametersValue = @() - if ($null -ne ($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'QuarantineParameters'})) + if ($null -ne ($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'QuarantineParameters' })) { - $quarantineInfo = [Array]($EndpointDlpGlobalSettingsValue | Where-Object {$_.Setting -eq 'QuarantineParameters'}).Value + $quarantineInfo = [Array]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'QuarantineParameters' }).Value $quarantineInfo = ConvertFrom-Json $quarantineInfo[0] $QuarantineParametersValue = @{ EnableQuarantineForCloudSyncApps = $quarantineInfo.EnableQuarantineForCloudSyncApps @@ -837,8 +837,8 @@ function Set-TargetResource foreach ($domain in $CloudAppRestrictionList) { $EndpointDlpGlobalSettingsValue += @{ - Setting = 'CloudAppRestrictionList' - Value = "$($domain.ToString())" + Setting = 'CloudAppRestrictionList' + Value = "$($domain.ToString())" } } @@ -881,7 +881,7 @@ function Set-TargetResource { $entry = @{ Setting = 'VPNSettings' - Value = @{ + Value = @{ serverAddress = @() } } @@ -974,7 +974,7 @@ function Set-TargetResource foreach ($group in $DLPRemovableMediaGroups) { $entry = @{ - groupName = $group.groupName + groupName = $group.groupName removableMedia = @( ) } @@ -1354,85 +1354,85 @@ function Export-TargetResource if ($null -ne $Results.QuarantineParameters) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'QuarantineParameters' ` - -IsCIMArray:$true + -ParameterName 'QuarantineParameters' ` + -IsCIMArray:$true } if ($null -ne $Results.BusinessJustificationList) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'BusinessJustificationList' ` - -IsCIMArray:$true + -ParameterName 'BusinessJustificationList' ` + -IsCIMArray:$true } if ($null -ne $Results.DLPAppGroups) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'DLPAppGroups' ` - -IsCIMArray:$true + -ParameterName 'DLPAppGroups' ` + -IsCIMArray:$true } if ($null -ne $Results.DLPNetworkShareGroups) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'DLPNetworkShareGroups' ` - -IsCIMArray:$true + -ParameterName 'DLPNetworkShareGroups' ` + -IsCIMArray:$true } if ($null -ne $Results.DLPPrinterGroups) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'DLPPrinterGroups' ` - -IsCIMArray:$true + -ParameterName 'DLPPrinterGroups' ` + -IsCIMArray:$true } if ($null -ne $Results.DLPRemovableMediaGroups) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'DLPRemovableMediaGroups' ` - -IsCIMArray:$true + -ParameterName 'DLPRemovableMediaGroups' ` + -IsCIMArray:$true } if ($null -ne $Results.SiteGroups) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'SiteGroups' ` - -IsCIMArray:$true + -ParameterName 'SiteGroups' ` + -IsCIMArray:$true } if ($null -ne $Results.UnallowedApp) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'UnallowedApp' ` - -IsCIMArray:$true + -ParameterName 'UnallowedApp' ` + -IsCIMArray:$true } if ($null -ne $Results.UnallowedCloudSyncApp) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'UnallowedCloudSyncApp' ` - -IsCIMArray:$true + -ParameterName 'UnallowedCloudSyncApp' ` + -IsCIMArray:$true } if ($null -ne $Results.UnallowedBluetoothApp) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'UnallowedBluetoothApp' ` - -IsCIMArray:$true + -ParameterName 'UnallowedBluetoothApp' ` + -IsCIMArray:$true } if ($null -ne $Results.UnallowedBrowser) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'UnallowedBrowser' ` - -IsCIMArray:$true + -ParameterName 'UnallowedBrowser' ` + -IsCIMArray:$true } if ($null -ne $Results.EvidenceStoreSettings) { $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'EvidenceStoreSettings' ` - -IsCIMArray:$false + -ParameterName 'EvidenceStoreSettings' ` + -IsCIMArray:$false } $dscContent += $currentDSCBlock @@ -1467,14 +1467,14 @@ function ConvertTo-QuarantineParametersString ) $content = [System.Text.StringBuilder]::new() - [void]$content.AppendLine(" MSFT_PolicyConfigQuarantineParameters") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigQuarantineParameters') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" EnableQuarantineForCloudSyncApps = `$$($ObjectHash.EnableQuarantineForCloudSyncApps)") [void]$content.AppendLine(" QuarantinePath = '$($ObjectHash.QuarantinePath.ToString())'") [void]$content.AppendLine(" MacQuarantinePath = '$($ObjectHash.MacQuarantinePath)'") [void]$content.AppendLine(" ShouldReplaceFile = `$$($ObjectHash.ShouldReplaceFile.ToString())") [void]$content.AppendLine(" FileReplacementText = '$($ObjectHash.FileReplacementText)'") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' }') return $content.ToString() } @@ -1493,12 +1493,12 @@ function ConvertTo-BusinessJustificationListString [void]$content.Append('@(') foreach ($instance in $ObjectHash) { - [void]$content.AppendLine(" MSFT_PolicyConfigBusinessJustificationList") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigBusinessJustificationList') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" Id = '$($instance.Id)'") [void]$content.AppendLine(" Enable = `$$($instance.Enable)") [void]$content.AppendLine(" justificationText = '$($instance.justificationText)'") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' }') } [void]$content.Append(' )') $result = $content.ToString() @@ -1519,22 +1519,22 @@ function ConvertTo-DLPAppGroupsString [void]$content.Append('@(') foreach ($instance in $ObjectHash) { - [void]$content.AppendLine(" MSFT_PolicyConfigDLPAppGroups") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigDLPAppGroups') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" Name = '$($instance.Name)'") [void]$content.AppendLine(" Id = '$($instance.Id)'") [void]$content.AppendLine(" Description = '$($instance.Description)'") - [void]$content.AppendLine(" Apps = @(") + [void]$content.AppendLine(' Apps = @(') foreach ($app in $instance.Apps) { - [void]$content.AppendLine(" MSFT_PolicyConfigDLPApp") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigDLPApp') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" ExecutableName = '$($app.ExecutableName)'") [void]$content.AppendLine(" Name = '$($app.Name)'") [void]$content.AppendLine(" Quarantine = `$$($app.Quarantine)") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' }') } - [void]$content.AppendLine(" )}") + [void]$content.AppendLine(' )}') } [void]$content.Append(' )') $result = $content.ToString() @@ -1555,11 +1555,11 @@ function ConvertTo-DLPNetworkShareGroupsString [void]$content.Append('@(') foreach ($instance in $ObjectHash) { - [void]$content.AppendLine(" MSFT_PolicyConfigDLPNetworkShareGroups") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigDLPNetworkShareGroups') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" groupName = '$($instance.groupName)'") [void]$content.AppendLine(" groupId = '$($instance.groupId)'") - [void]$content.Append(" networkPaths = @(") + [void]$content.Append(' networkPaths = @(') $countPath = 1 foreach ($path in $instance.networkPaths) { @@ -1571,7 +1571,7 @@ function ConvertTo-DLPNetworkShareGroupsString $countPath++ } [void]$content.AppendLine(')') - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' }') } [void]$content.Append(' )') $result = $content.ToString() @@ -1588,22 +1588,22 @@ function ConvertTo-EvidenceStoreSettingsString $ObjectHash ) $content = [System.Text.StringBuilder]::new() - [void]$content.AppendLine(" MSFT_PolicyConfigEvidenceStoreSettings") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigEvidenceStoreSettings') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" FileEvidenceIsEnabled = `$$($ObjectHash.FileEvidenceIsEnabled)") [void]$content.AppendLine(" NumberOfDaysToRetain = $($ObjectHash.NumberOfDaysToRetain)") - [void]$content.AppendLine(" StorageAccounts = @(") + [void]$content.AppendLine(' StorageAccounts = @(') foreach ($storageAccount in $ObjectHash.StorageAccounts) { - [void]$content.AppendLine(" MSFT_PolicyConfigStorageAccount") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigStorageAccount') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" Name = '$($storageAccount.Name)'") [void]$content.AppendLine(" BlobUri = '$($storageAccount.BlobUri)'") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' }') } - [void]$content.AppendLine(" )") + [void]$content.AppendLine(' )') [void]$content.AppendLine(" Store = '$($ObjectHash.Store)'") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' }') return $content.ToString() } @@ -1621,33 +1621,33 @@ function ConvertTo-DLPPrinterGroupsString [void]$content.Append('@(') foreach ($instance in $ObjectHash) { - [void]$content.AppendLine(" MSFT_PolicyConfigDLPPrinterGroups") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigDLPPrinterGroups') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" groupName = '$($instance.groupName)'") [void]$content.AppendLine(" groupId = '$($instance.groupId)'") - [void]$content.AppendLine(" printers = @(") + [void]$content.AppendLine(' printers = @(') foreach ($printer in $instance.printers) { - [void]$content.AppendLine(" MSFT_PolicyConfigPrinter") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigPrinter') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" universalPrinter = `$$($printer.universalPrinter)") [void]$content.AppendLine(" usbPrinter = `$$($printer.usbPrinter)") [void]$content.AppendLine(" usbPrinterId = '$($printer.usbPrinterId)'") [void]$content.AppendLine(" name = '$($printer.name)'") [void]$content.AppendLine(" alias = '$($printer.alias)'") [void]$content.AppendLine(" usbPrinterVID = '$($printer.usbPrinterVID)'") - [void]$content.AppendLine(" ipRange = MSFT_PolicyConfigIPRange") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' ipRange = MSFT_PolicyConfigIPRange') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" fromAddress = '$($printer.ipRange.fromAddress)'") [void]$content.AppendLine(" toAddress = '$($printer.ipRange.toAddress)'") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' }') [void]$content.AppendLine(" corporatePrinter = `$$($printer.corporatePrinter)") [void]$content.AppendLine(" printToLocal = `$$($printer.printToLocal)") [void]$content.AppendLine(" printToFile = `$$($printer.printToFile)") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' }') } - [void]$content.AppendLine(" )") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' )') + [void]$content.AppendLine(' }') } [void]$content.Append(')') $result = $content.ToString() @@ -1668,14 +1668,14 @@ function ConvertTo-DLPRemovableMediaGroupsString [void]$content.Append('@(') foreach ($instance in $ObjectHash) { - [void]$content.AppendLine(" MSFT_PolicyConfigDLPRemovableMediaGroups") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigDLPRemovableMediaGroups') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" groupName = '$($instance.groupName)'") - [void]$content.AppendLine(" removableMedias = @(") + [void]$content.AppendLine(' removableMedias = @(') foreach ($media in $instance.removableMedia) { - [void]$content.AppendLine(" MSFT_PolicyConfigRemovableMedia") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigRemovableMedia') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" deviceId = '$($media.deviceId)'") [void]$content.AppendLine(" removableMediaVID = '$($media.removableMediaVID)'") [void]$content.AppendLine(" name = '$($media.name)'") @@ -1684,10 +1684,10 @@ function ConvertTo-DLPRemovableMediaGroupsString [void]$content.AppendLine(" instancePathId = '$($media.instancePathId)'") [void]$content.AppendLine(" serialNumberId = '$($media.serialNumberId)'") [void]$content.AppendLine(" hardwareId = '$($media.hardwareId)'") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' }') } - [void]$content.AppendLine(" )") - [void]$content.AppendLine( "}") + [void]$content.AppendLine(' )') + [void]$content.AppendLine( '}') } [void]$content.Append(' )') $result = $content.ToString() @@ -1707,23 +1707,23 @@ function ConvertTo-SiteGroupsString [void]$content.Append('@(') foreach ($instance in $ObjectHash) { - [void]$content.AppendLine(" MSFT_PolicyConfigDLPSiteGroups") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigDLPSiteGroups') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" Id = '$($instance.Id)'") [void]$content.AppendLine(" Name = '$($instance.Name)'") - [void]$content.AppendLine(" Addresses = @(") + [void]$content.AppendLine(' Addresses = @(') foreach ($address in $instance.addresses) { - [void]$content.AppendLine(" MSFT_PolicyConfigSiteGroupAddress") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigSiteGroupAddress') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" MatchType = '$($address.MatchType)'") [void]$content.AppendLine(" Url = '$($address.Url)'") [void]$content.AppendLine(" AddressLower = '$($address.AddressLower)'") [void]$content.AppendLine(" AddressUpper = '$($address.AddressUpper)'") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' }') } - [void]$content.AppendLine(" )") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' )') + [void]$content.AppendLine(' }') } [void]$content.Append(' )') $result = $content.ToString() @@ -1744,11 +1744,11 @@ function ConvertTo-AppsString [void]$content.Append('@(') foreach ($instance in $ObjectHash) { - [void]$content.AppendLine(" MSFT_PolicyConfigApp") - [void]$content.AppendLine(" {") + [void]$content.AppendLine(' MSFT_PolicyConfigApp') + [void]$content.AppendLine(' {') [void]$content.AppendLine(" Value = '$($instance.Value)'") [void]$content.AppendLine(" Executable = '$($instance.Executable)'") - [void]$content.AppendLine(" }") + [void]$content.AppendLine(' }') } [void]$content.Append(')') $result = $content.ToString() diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.psm1 index 81c0a104ea..92f7516c3c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.psm1 @@ -648,7 +648,7 @@ function Export-TargetResource try { - [array]$Alerts = Get-ProtectionAlert -ErrorAction Stop | Where-Object -FilterScript {-not $_.IsSystemRule} + [array]$Alerts = Get-ProtectionAlert -ErrorAction Stop | Where-Object -FilterScript { -not $_.IsSystemRule } $totalAlerts = $Alerts.Length if ($null -eq $totalAlerts) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.psm1 index 432a91ccfb..f8626b0ad5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.psm1 @@ -217,12 +217,12 @@ function Get-TargetResource SkypeLocation = @() SkypeLocationException = @() Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword - AccessTokens = $AccessTokens + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } if ($PolicyObject.DynamicScopeLocation.Count -gt 0) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.psm1 index 171c460360..acc49ae62f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.psm1 @@ -83,7 +83,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $RoleGroup = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $RoleGroup = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } else { @@ -102,7 +102,7 @@ function Get-TargetResource Name = $RoleGroup.Name DisplayName = $RoleGroup.DisplayName Description = $RoleGroup.Description - Roles = $RoleGroup.Roles -replace "^.*\/(?=[^\/]*$)" + Roles = $RoleGroup.Roles -replace '^.*\/(?=[^\/]*$)' Ensure = 'Present' Credential = $Credential ApplicationId = $ApplicationId @@ -221,7 +221,8 @@ function Set-TargetResource { $NewRoleGroupParams.Add('DisplayName', $Name) } - else { + else + { $NewRoleGroupParams.Add('DisplayName', $DisplayName) } # Remove Description Parameter if null or Empty as the creation fails with $null parameter @@ -236,7 +237,7 @@ function Set-TargetResource # Create Role Group if ($Members.Length -gt 0) { - $NewRoleGroupParams.Add("Members", $Members) + $NewRoleGroupParams.Add('Members', $Members) } New-RoleGroup @NewRoleGroupParams } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.psm1 index 853a4786e5..fbd769032c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.psm1 @@ -83,7 +83,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $RoleGroup = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $RoleGroup = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } else { @@ -224,11 +224,11 @@ function Set-TargetResource # CASE: Role Group Membership should be removed elseif ($Ensure -eq 'Absent' -and $currentRoleGroupConfig.Ensure -eq 'Present') { - foreach ($member in $Members) - { - Write-Verbose -Message "Removing Member {$member} from Role Group {$Name}" - Remove-RoleGroupMember -Identity $Name -Member $member - } + foreach ($member in $Members) + { + Write-Verbose -Message "Removing Member {$member} from Role Group {$Name}" + Remove-RoleGroupMember -Identity $Name -Member $member + } } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.psm1 index 706ca7a061..777360615c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.psm1 @@ -174,19 +174,19 @@ function Get-M365DSCSCMapSecurityFilter $CertificatePassword ) $result = @{ - FilterName = $Filter.FilterName - Action = $Filter.Action - Users = $Filter.Users - Description = $Filter.Description - Filters = $Filter.Filters - Region = $Filter.Region - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - CertificatePath = $CertificatePath - CertificatePassword = $CertificatePassword - Ensure = 'Present' + FilterName = $Filter.FilterName + Action = $Filter.Action + Users = $Filter.Users + Description = $Filter.Description + Filters = $Filter.Filters + Region = $Filter.Region + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + Ensure = 'Present' } return $result } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.psm1 index 0d5a97675e..c09fdbd22c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.psm1 @@ -1,82 +1,82 @@ $allTrainableClassifiers = @( - [PSCustomObject]@{ Name = "Actuary reports"; Id = "b27df2ee-fd14-4ce9-b02f-4070a5d68132" } - [PSCustomObject]@{ Name = "Agreements"; Id = "7f12e403-5335-4da8-a91e-6c2210b7a2b1" } - [PSCustomObject]@{ Name = "Asset Management"; Id = "716fb550-90cd-493b-b29b-ceed41ee8a6f" } - [PSCustomObject]@{ Name = "Bank statement"; Id = "f426bd16-e42e-4397-824b-f17dedc5bb1c" } - [PSCustomObject]@{ Name = "Budget"; Id = "6f207592-f71e-4b4f-8c07-ebc4bd4965b9" } - [PSCustomObject]@{ Name = "Business Context"; Id = "08b772df-bf93-457f-be23-b5cbf02005fd" } - [PSCustomObject]@{ Name = "Business plan"; Id = "693f8221-ae4e-4612-80f5-746efee167c3" } - [PSCustomObject]@{ Name = "Completion Certificates"; Id = "b2580781-286b-4ad2-ab47-84e84ff331e5" } - [PSCustomObject]@{ Name = "Compliance policies"; Id = "fdad8089-651b-4877-8b66-be105b2e57da" } - [PSCustomObject]@{ Name = "Construction specifications"; Id = "bfde18ef-b4b9-4f30-9965-ef8d00861a2c" } - [PSCustomObject]@{ Name = "Control System and SCADA files"; Id = "59f1f471-687d-453b-a73e-0b0e9f350812" } - [PSCustomObject]@{ Name = "Corporate Sabotage"; Id = "d88960c3-6101-43d9-9250-8c43c71d638a" } - [PSCustomObject]@{ Name = "Credit Report"; Id = "07ce7d30-690a-4a1c-a331-8df9c944f1ab" } - [PSCustomObject]@{ Name = "Customer Complaints"; Id = "8137d8fc-fb7a-40db-9009-284f962fde96" } - [PSCustomObject]@{ Name = "Customer Files"; Id = "fdff9df2-03ba-4372-be97-82c0d2515118" } - [PSCustomObject]@{ Name = "Discrimination"; Id = "a65c4ab6-a155-11eb-921c-6c0b84aa8ea5" } - [PSCustomObject]@{ Name = "Employee disciplinary action files"; Id = "769d56c1-e737-4fc1-8673-8c99bbe24a07" } - [PSCustomObject]@{ Name = "Employee Insurance files"; Id = "fa982a9f-9454-4885-a2bf-94a155df2f33" } - [PSCustomObject]@{ Name = "Employee Pension Records"; Id = "f9ae0bbc-a1e0-4b7e-a96a-eb60b26b4434" } - [PSCustomObject]@{ Name = "Employee Stocks and Financial Bond Records"; Id = "a67b2b59-c5f0-4c66-a6c4-ca6973adfd94" } - [PSCustomObject]@{ Name = "Employment Agreement"; Id = "2a2baab7-b82c-4166-bbe4-55f9d3fd1129" } - [PSCustomObject]@{ Name = "Enterprise Risk Management"; Id = "eed09aae-6f32-47c7-9c99-9d17bad48783" } - [PSCustomObject]@{ Name = "Environmental permits and clearances"; Id = "1b7d3e51-0ecf-41bd-9794-966c94a889ba" } - [PSCustomObject]@{ Name = "Facility Permits"; Id = "914c5379-9d05-47cb-98f0-f5a2be059b5a" } - [PSCustomObject]@{ Name = "factory Incident Investigation reports"; Id = "86186144-d507-4603-bac7-50b56ba05c70" } - [PSCustomObject]@{ Name = "Finance"; Id = "1771481d-a337-4dbf-8e64-af8da0cc3ee9" } - [PSCustomObject]@{ Name = "Finance policies and procedures"; Id = "6556c5eb-0819-4618-ba2e-59925925655e" } - [PSCustomObject]@{ Name = "Financial Audit Reports"; Id = "b04b2a4e-22f8-4024-8adc-e2caaad1c2e2" } - [PSCustomObject]@{ Name = "Financial statement"; Id = "c31bfef9-8045-4a35-88a3-74b8681615c2" } - [PSCustomObject]@{ Name = "Freight Documents"; Id = "785917ed-db01-43c7-8153-8a6fc393efa3" } - [PSCustomObject]@{ Name = "Garnishment"; Id = "65e827c3-f8e8-4bc8-b08c-c31e3132b832" } - [PSCustomObject]@{ Name = "Gifts \u0026 entertainment"; Id = "3b3d817a-9190-465b-af2d-9e856f894059" } - [PSCustomObject]@{ Name = "Health/Medical forms"; Id = "7cc60f30-9e96-4d51-b26f-3d7a9df56338" } - [PSCustomObject]@{ Name = "Healthcare"; Id = "dcbada08-65bf-4561-b140-25d8fee4d143" } - [PSCustomObject]@{ Name = "HR"; Id = "11631f87-7ffe-4052-b173-abda16b231f3" } - [PSCustomObject]@{ Name = "Invoice"; Id = "bf7df7c3-fce4-4ffd-ab90-26f6463f3a00" } - [PSCustomObject]@{ Name = "IP"; Id = "495fad07-d6e4-4da4-9c64-5b9b109a5f59" } - [PSCustomObject]@{ Name = "IT"; Id = "77a140be-c29f-4155-9dc4-c3e247e47560" } - [PSCustomObject]@{ Name = "IT Infra and Network Security Documents"; Id = "bc55de38-cb72-43e6-952f-8422f584f229" } - [PSCustomObject]@{ Name = "Lease Deeds"; Id = "841f54ad-3e31-4ddd-aea0-e7f0cd6b3d18" } - [PSCustomObject]@{ Name = "Legal Affairs"; Id = "ba38aa0f-8c86-4c73-87db-95147a0f4420" } - [PSCustomObject]@{ Name = "Legal Agreements"; Id = "bee9cefb-88bd-410f-ab3e-67cab21cef46" } - [PSCustomObject]@{ Name = "Letter of Credits"; Id = "fd85acd5-59dd-49b2-a4c3-df7075885a82" } - [PSCustomObject]@{ Name = "License agreement"; Id = "b399eb17-c9c4-4205-951b-43f38eb8dffe" } - [PSCustomObject]@{ Name = "Loan agreements and offer letters"; Id = "5771fa57-34a1-48b3-93df-778b304daa54" } - [PSCustomObject]@{ Name = "M&A Files"; Id = "eeffbf7c-fd04-40ef-a156-b37bf61832f7" } - [PSCustomObject]@{ Name = "Manufacturing batch records"; Id = "834b2353-509a-4605-b4f1-fc2172a0d97c" } - [PSCustomObject]@{ Name = "Marketing Collaterals"; Id = "fcaa6d2a-601c-4bdc-947e-af1178a646ac" } - [PSCustomObject]@{ Name = "Meeting notes"; Id = "e7ff9a9e-4689-4192-b927-e6c6bdf099fc" } - [PSCustomObject]@{ Name = "Money laundering"; Id = "adbbb20e-b175-46e7-8ba2-cf3f3179d0ed" } - [PSCustomObject]@{ Name = "MoU Files (Memorandum of understanding)"; Id = "cb37c277-4b88-49c6-81fb-2eeca8c52bb9" } - [PSCustomObject]@{ Name = "Network Design files"; Id = "12587d70-9596-4c21-b09f-f1abe9d6ca13" } - [PSCustomObject]@{ Name = "Non disclosure agreement"; Id = "8dfd10db-0c72-4be4-a4f2-f615fe7aeb1c" } - [PSCustomObject]@{ Name = "OSHA records"; Id = "b11b771e-7dd1-4434-873a-d648a16e969e" } - [PSCustomObject]@{ Name = "Paystub"; Id = "31c11384-2d64-4635-9335-018295c64268" } - [PSCustomObject]@{ Name = "Personal Financial Information"; Id = "6901c616-5857-432f-b3da-f5234fa1d342" } - [PSCustomObject]@{ Name = "Procurement"; Id = "8fa64a47-6e77-4b4c-91a5-0f67525cebf5" } - [PSCustomObject]@{ Name = "Profanity"; Id = "4b0aa61d-37dc-4596-a1f1-fc5a5b21d56b" } - [PSCustomObject]@{ Name = "Project documents"; Id = "e062df90-816c-47ca-8913-db647510d3b5" } - [PSCustomObject]@{ Name = "Quality assurance files"; Id = "97b1e0d3-7788-4dd4-bb18-48ea77796743" } - [PSCustomObject]@{ Name = "Quotation"; Id = "3882e681-c437-42d8-ac75-1f9b7481fe13" } - [PSCustomObject]@{ Name = "Regulatory Collusion"; Id = "911b7815-6883-4022-a882-9cbe9462f114" } - [PSCustomObject]@{ Name = "Resume"; Id = "14b2da41-0427-47e9-a11b-c924e1d05689" } - [PSCustomObject]@{ Name = "Safety Records"; Id = "938fb100-5b1f-4bbb-aba7-73d9c89d086f" } - [PSCustomObject]@{ Name = "Sales and revenue"; Id = "9d6b864d-28c6-4be3-a9d0-cd40434a847f" } - [PSCustomObject]@{ Name = "Software Product Development Files"; Id = "813aa6d8-0727-48d8-acb7-06e1819ee339" } - [PSCustomObject]@{ Name = "Source code"; Id = "8aef6743-61aa-44b9-9ae5-3bb3d77df535" } - [PSCustomObject]@{ Name = "Standard Operating Procedures and Manuals"; Id = "32f23ad4-2ca1-4495-8048-8dc567891644" } - [PSCustomObject]@{ Name = "Statement of Accounts"; Id = "fe3676a6-0f5d-4990-bb46-9b2b31d7746a" } - [PSCustomObject]@{ Name = "Statement of Work"; Id = "611c95f9-b1ef-4253-8b36-d8ae19d02fb0" } - [PSCustomObject]@{ Name = "Stock manipulation"; Id = "1140cd79-ad87-4043-a562-c768acacc6ba" } - [PSCustomObject]@{ Name = "Strategic planning documents"; Id = "9332b317-2ca4-413a-b983-92a1bd88c6f3" } - [PSCustomObject]@{ Name = "Targeted Harassment"; Id = "a02ddb8e-3c93-44ac-87c1-2f682b1cb78e" } - [PSCustomObject]@{ Name = "Tax"; Id = "9722b51a-f920-4a81-8390-b188a0692840" } - [PSCustomObject]@{ Name = "Threat"; Id = "ef2edb64-6982-4648-b0ad-c0d8a861501b" } - [PSCustomObject]@{ Name = "Unauthorized disclosure"; Id = "839aecf8-c67b-4270-8aaf-378127b23b7f" } - [PSCustomObject]@{ Name = "Wire transfer"; Id = "05fc5ed0-58ef-4306-b65c-11b0a43895c2" } - [PSCustomObject]@{ Name = "Work Schedules"; Id = "25bb9d2d-a5b5-45b1-882e-b2581a183873" } + [PSCustomObject]@{ Name = 'Actuary reports'; Id = 'b27df2ee-fd14-4ce9-b02f-4070a5d68132' } + [PSCustomObject]@{ Name = 'Agreements'; Id = '7f12e403-5335-4da8-a91e-6c2210b7a2b1' } + [PSCustomObject]@{ Name = 'Asset Management'; Id = '716fb550-90cd-493b-b29b-ceed41ee8a6f' } + [PSCustomObject]@{ Name = 'Bank statement'; Id = 'f426bd16-e42e-4397-824b-f17dedc5bb1c' } + [PSCustomObject]@{ Name = 'Budget'; Id = '6f207592-f71e-4b4f-8c07-ebc4bd4965b9' } + [PSCustomObject]@{ Name = 'Business Context'; Id = '08b772df-bf93-457f-be23-b5cbf02005fd' } + [PSCustomObject]@{ Name = 'Business plan'; Id = '693f8221-ae4e-4612-80f5-746efee167c3' } + [PSCustomObject]@{ Name = 'Completion Certificates'; Id = 'b2580781-286b-4ad2-ab47-84e84ff331e5' } + [PSCustomObject]@{ Name = 'Compliance policies'; Id = 'fdad8089-651b-4877-8b66-be105b2e57da' } + [PSCustomObject]@{ Name = 'Construction specifications'; Id = 'bfde18ef-b4b9-4f30-9965-ef8d00861a2c' } + [PSCustomObject]@{ Name = 'Control System and SCADA files'; Id = '59f1f471-687d-453b-a73e-0b0e9f350812' } + [PSCustomObject]@{ Name = 'Corporate Sabotage'; Id = 'd88960c3-6101-43d9-9250-8c43c71d638a' } + [PSCustomObject]@{ Name = 'Credit Report'; Id = '07ce7d30-690a-4a1c-a331-8df9c944f1ab' } + [PSCustomObject]@{ Name = 'Customer Complaints'; Id = '8137d8fc-fb7a-40db-9009-284f962fde96' } + [PSCustomObject]@{ Name = 'Customer Files'; Id = 'fdff9df2-03ba-4372-be97-82c0d2515118' } + [PSCustomObject]@{ Name = 'Discrimination'; Id = 'a65c4ab6-a155-11eb-921c-6c0b84aa8ea5' } + [PSCustomObject]@{ Name = 'Employee disciplinary action files'; Id = '769d56c1-e737-4fc1-8673-8c99bbe24a07' } + [PSCustomObject]@{ Name = 'Employee Insurance files'; Id = 'fa982a9f-9454-4885-a2bf-94a155df2f33' } + [PSCustomObject]@{ Name = 'Employee Pension Records'; Id = 'f9ae0bbc-a1e0-4b7e-a96a-eb60b26b4434' } + [PSCustomObject]@{ Name = 'Employee Stocks and Financial Bond Records'; Id = 'a67b2b59-c5f0-4c66-a6c4-ca6973adfd94' } + [PSCustomObject]@{ Name = 'Employment Agreement'; Id = '2a2baab7-b82c-4166-bbe4-55f9d3fd1129' } + [PSCustomObject]@{ Name = 'Enterprise Risk Management'; Id = 'eed09aae-6f32-47c7-9c99-9d17bad48783' } + [PSCustomObject]@{ Name = 'Environmental permits and clearances'; Id = '1b7d3e51-0ecf-41bd-9794-966c94a889ba' } + [PSCustomObject]@{ Name = 'Facility Permits'; Id = '914c5379-9d05-47cb-98f0-f5a2be059b5a' } + [PSCustomObject]@{ Name = 'factory Incident Investigation reports'; Id = '86186144-d507-4603-bac7-50b56ba05c70' } + [PSCustomObject]@{ Name = 'Finance'; Id = '1771481d-a337-4dbf-8e64-af8da0cc3ee9' } + [PSCustomObject]@{ Name = 'Finance policies and procedures'; Id = '6556c5eb-0819-4618-ba2e-59925925655e' } + [PSCustomObject]@{ Name = 'Financial Audit Reports'; Id = 'b04b2a4e-22f8-4024-8adc-e2caaad1c2e2' } + [PSCustomObject]@{ Name = 'Financial statement'; Id = 'c31bfef9-8045-4a35-88a3-74b8681615c2' } + [PSCustomObject]@{ Name = 'Freight Documents'; Id = '785917ed-db01-43c7-8153-8a6fc393efa3' } + [PSCustomObject]@{ Name = 'Garnishment'; Id = '65e827c3-f8e8-4bc8-b08c-c31e3132b832' } + [PSCustomObject]@{ Name = 'Gifts \u0026 entertainment'; Id = '3b3d817a-9190-465b-af2d-9e856f894059' } + [PSCustomObject]@{ Name = 'Health/Medical forms'; Id = '7cc60f30-9e96-4d51-b26f-3d7a9df56338' } + [PSCustomObject]@{ Name = 'Healthcare'; Id = 'dcbada08-65bf-4561-b140-25d8fee4d143' } + [PSCustomObject]@{ Name = 'HR'; Id = '11631f87-7ffe-4052-b173-abda16b231f3' } + [PSCustomObject]@{ Name = 'Invoice'; Id = 'bf7df7c3-fce4-4ffd-ab90-26f6463f3a00' } + [PSCustomObject]@{ Name = 'IP'; Id = '495fad07-d6e4-4da4-9c64-5b9b109a5f59' } + [PSCustomObject]@{ Name = 'IT'; Id = '77a140be-c29f-4155-9dc4-c3e247e47560' } + [PSCustomObject]@{ Name = 'IT Infra and Network Security Documents'; Id = 'bc55de38-cb72-43e6-952f-8422f584f229' } + [PSCustomObject]@{ Name = 'Lease Deeds'; Id = '841f54ad-3e31-4ddd-aea0-e7f0cd6b3d18' } + [PSCustomObject]@{ Name = 'Legal Affairs'; Id = 'ba38aa0f-8c86-4c73-87db-95147a0f4420' } + [PSCustomObject]@{ Name = 'Legal Agreements'; Id = 'bee9cefb-88bd-410f-ab3e-67cab21cef46' } + [PSCustomObject]@{ Name = 'Letter of Credits'; Id = 'fd85acd5-59dd-49b2-a4c3-df7075885a82' } + [PSCustomObject]@{ Name = 'License agreement'; Id = 'b399eb17-c9c4-4205-951b-43f38eb8dffe' } + [PSCustomObject]@{ Name = 'Loan agreements and offer letters'; Id = '5771fa57-34a1-48b3-93df-778b304daa54' } + [PSCustomObject]@{ Name = 'M&A Files'; Id = 'eeffbf7c-fd04-40ef-a156-b37bf61832f7' } + [PSCustomObject]@{ Name = 'Manufacturing batch records'; Id = '834b2353-509a-4605-b4f1-fc2172a0d97c' } + [PSCustomObject]@{ Name = 'Marketing Collaterals'; Id = 'fcaa6d2a-601c-4bdc-947e-af1178a646ac' } + [PSCustomObject]@{ Name = 'Meeting notes'; Id = 'e7ff9a9e-4689-4192-b927-e6c6bdf099fc' } + [PSCustomObject]@{ Name = 'Money laundering'; Id = 'adbbb20e-b175-46e7-8ba2-cf3f3179d0ed' } + [PSCustomObject]@{ Name = 'MoU Files (Memorandum of understanding)'; Id = 'cb37c277-4b88-49c6-81fb-2eeca8c52bb9' } + [PSCustomObject]@{ Name = 'Network Design files'; Id = '12587d70-9596-4c21-b09f-f1abe9d6ca13' } + [PSCustomObject]@{ Name = 'Non disclosure agreement'; Id = '8dfd10db-0c72-4be4-a4f2-f615fe7aeb1c' } + [PSCustomObject]@{ Name = 'OSHA records'; Id = 'b11b771e-7dd1-4434-873a-d648a16e969e' } + [PSCustomObject]@{ Name = 'Paystub'; Id = '31c11384-2d64-4635-9335-018295c64268' } + [PSCustomObject]@{ Name = 'Personal Financial Information'; Id = '6901c616-5857-432f-b3da-f5234fa1d342' } + [PSCustomObject]@{ Name = 'Procurement'; Id = '8fa64a47-6e77-4b4c-91a5-0f67525cebf5' } + [PSCustomObject]@{ Name = 'Profanity'; Id = '4b0aa61d-37dc-4596-a1f1-fc5a5b21d56b' } + [PSCustomObject]@{ Name = 'Project documents'; Id = 'e062df90-816c-47ca-8913-db647510d3b5' } + [PSCustomObject]@{ Name = 'Quality assurance files'; Id = '97b1e0d3-7788-4dd4-bb18-48ea77796743' } + [PSCustomObject]@{ Name = 'Quotation'; Id = '3882e681-c437-42d8-ac75-1f9b7481fe13' } + [PSCustomObject]@{ Name = 'Regulatory Collusion'; Id = '911b7815-6883-4022-a882-9cbe9462f114' } + [PSCustomObject]@{ Name = 'Resume'; Id = '14b2da41-0427-47e9-a11b-c924e1d05689' } + [PSCustomObject]@{ Name = 'Safety Records'; Id = '938fb100-5b1f-4bbb-aba7-73d9c89d086f' } + [PSCustomObject]@{ Name = 'Sales and revenue'; Id = '9d6b864d-28c6-4be3-a9d0-cd40434a847f' } + [PSCustomObject]@{ Name = 'Software Product Development Files'; Id = '813aa6d8-0727-48d8-acb7-06e1819ee339' } + [PSCustomObject]@{ Name = 'Source code'; Id = '8aef6743-61aa-44b9-9ae5-3bb3d77df535' } + [PSCustomObject]@{ Name = 'Standard Operating Procedures and Manuals'; Id = '32f23ad4-2ca1-4495-8048-8dc567891644' } + [PSCustomObject]@{ Name = 'Statement of Accounts'; Id = 'fe3676a6-0f5d-4990-bb46-9b2b31d7746a' } + [PSCustomObject]@{ Name = 'Statement of Work'; Id = '611c95f9-b1ef-4253-8b36-d8ae19d02fb0' } + [PSCustomObject]@{ Name = 'Stock manipulation'; Id = '1140cd79-ad87-4043-a562-c768acacc6ba' } + [PSCustomObject]@{ Name = 'Strategic planning documents'; Id = '9332b317-2ca4-413a-b983-92a1bd88c6f3' } + [PSCustomObject]@{ Name = 'Targeted Harassment'; Id = 'a02ddb8e-3c93-44ac-87c1-2f682b1cb78e' } + [PSCustomObject]@{ Name = 'Tax'; Id = '9722b51a-f920-4a81-8390-b188a0692840' } + [PSCustomObject]@{ Name = 'Threat'; Id = 'ef2edb64-6982-4648-b0ad-c0d8a861501b' } + [PSCustomObject]@{ Name = 'Unauthorized disclosure'; Id = '839aecf8-c67b-4270-8aaf-378127b23b7f' } + [PSCustomObject]@{ Name = 'Wire transfer'; Id = '05fc5ed0-58ef-4306-b65c-11b0a43895c2' } + [PSCustomObject]@{ Name = 'Work Schedules'; Id = '25bb9d2d-a5b5-45b1-882e-b2581a183873' } ) function Get-TargetResource @@ -539,7 +539,7 @@ function Get-TargetResource $currConditions = $label.Conditions | ConvertFrom-Json $getConditions = @{ - Groups = @() + Groups = @() Operator = '' } @@ -551,7 +551,7 @@ function Get-TargetResource $groups = foreach ($group in $currConditions.$($operator)) { $grpObject = @{ - Name = '' + Name = '' Operator = '' } @@ -559,7 +559,7 @@ function Get-TargetResource $grpObject.Operator = $grpOperator $grpName = '' - [array]$sensitiveInformationTypes = foreach ($item in $group.$grpOperator | Where-Object { $_.Key -eq 'CCSI'}) + [array]$sensitiveInformationTypes = foreach ($item in $group.$grpOperator | Where-Object { $_.Key -eq 'CCSI' }) { if ([String]::IsNullOrEmpty($grpName)) { @@ -577,10 +577,10 @@ function Get-TargetResource } $settingsObject = @{ - name = ($item.Settings | Where-Object { $_.Key -eq 'name' }).Value + name = ($item.Settings | Where-Object { $_.Key -eq 'name' }).Value confidencelevel = ($item.Settings | Where-Object { $_.Key -eq 'confidencelevel' }).Value - mincount = ($item.Settings | Where-Object { $_.Key -eq 'mincount' }).Value - maxcount = ($item.Settings | Where-Object { $_.Key -eq 'maxcount' }).Value + mincount = ($item.Settings | Where-Object { $_.Key -eq 'mincount' }).Value + maxcount = ($item.Settings | Where-Object { $_.Key -eq 'maxcount' }).Value } if ($null -ne ($item.Settings | Where-Object { $_.Key -eq 'classifiertype' })) @@ -592,7 +592,7 @@ function Get-TargetResource $settingsObject } - [array]$trainableClassifiers = foreach ($item in $group.$grpOperator | Where-Object { $_.Key -eq 'ContentMatchesModule'}) + [array]$trainableClassifiers = foreach ($item in $group.$grpOperator | Where-Object { $_.Key -eq 'ContentMatchesModule' }) { if ([String]::IsNullOrEmpty($grpName)) { @@ -601,7 +601,7 @@ function Get-TargetResource @{ name = ($item.Settings | Where-Object { $_.Key -eq 'name' }).Value - id = $item.Value + id = $item.Value } } @@ -959,7 +959,7 @@ function Set-TargetResource Write-Verbose 'Generating required JSON string for AutoLabelingSettings' Write-Verbose 'Retrieving all existing Sensitive Information Types' - $existingSITs = Get-DlpSensitiveInformationType | Select-Object -Property Name,Id, RulePackId + $existingSITs = Get-DlpSensitiveInformationType | Select-Object -Property Name, Id, RulePackId # Convert the AutoLabelingSettings to the correct JSON format, ready to be inserted into the label cmdlets $autoLabelingSettingsHT = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $AutoLabelingSettings @@ -980,40 +980,40 @@ function Set-TargetResource [array]$settingsCollection = foreach ($setting in ($sit.Keys | Where-Object { $_ -ne 'id' })) { @{ - Key = $setting + Key = $setting Value = $sit[$setting] } } $settingsCollection += @{ - Key = "rulepackage" - Value = $currentSIT.RulePackId + Key = 'rulepackage' + Value = $currentSIT.RulePackId } $settingsCollection += @{ - Key = "groupname" - Value = $group.Name + Key = 'groupname' + Value = $group.Name } - if ($autoLabelingSettingsHT.ContainsKey("PolicyTip")) + if ($autoLabelingSettingsHT.ContainsKey('PolicyTip')) { $settingsCollection += @{ - Key = "policytip" - Value = $autoLabelingSettingsHT.PolicyTip + Key = 'policytip' + Value = $autoLabelingSettingsHT.PolicyTip } } - if ($autoLabelingSettingsHT.ContainsKey("AutoApplyType") -and $autoLabelingSettingsHT.AutoApplyType -eq 'Recommend') + if ($autoLabelingSettingsHT.ContainsKey('AutoApplyType') -and $autoLabelingSettingsHT.AutoApplyType -eq 'Recommend') { $settingsCollection += @{ - Key = "autoapplytype" - Value = $autoLabelingSettingsHT.AutoApplyType + Key = 'autoapplytype' + Value = $autoLabelingSettingsHT.AutoApplyType } } $groupCollection += @{ - Key = 'CCSI' - Value = $currentSIT.Id + Key = 'CCSI' + Value = $currentSIT.Id Properties = $null - Settings = $settingsCollection + Settings = $settingsCollection } } @@ -1024,10 +1024,10 @@ function Set-TargetResource if ($null -ne $currentTrainableClassifier) { if ([String]::IsNullOrEmpty($trainableClassifier.id) -eq $false -and ` - $trainableClassifier.id -ne $currentTrainableClassifier.Id) + $trainableClassifier.id -ne $currentTrainableClassifier.Id) { Write-Verbose ("[WARNING] Provided ID ($($trainableClassifier.id)) does not match the known " + ` - "ID ($($currentTrainableClassifier.id)) for trainable classifier '$($trainableClassifier.name)'.") + "ID ($($currentTrainableClassifier.id)) for trainable classifier '$($trainableClassifier.name)'.") } $requiredId = $currentTrainableClassifier.Id } @@ -1043,36 +1043,36 @@ function Set-TargetResource [array]$settingsCollection = foreach ($key in ($trainableClassifier.Keys | Where-Object { $_ -ne 'id' })) { @{ - Key = $key + Key = $key Value = $trainableClassifier[$key] } } $settingsCollection += @{ - Key = "groupname" - Value = $group.Name + Key = 'groupname' + Value = $group.Name } - if ($autoLabelingSettingsHT.ContainsKey("PolicyTip")) + if ($autoLabelingSettingsHT.ContainsKey('PolicyTip')) { $settingsCollection += @{ - Key = "policytip" - Value = $autoLabelingSettingsHT.PolicyTip + Key = 'policytip' + Value = $autoLabelingSettingsHT.PolicyTip } } - if ($autoLabelingSettingsHT.ContainsKey("AutoApplyType") -and $autoLabelingSettingsHT.AutoApplyType -eq 'Recommend') + if ($autoLabelingSettingsHT.ContainsKey('AutoApplyType') -and $autoLabelingSettingsHT.AutoApplyType -eq 'Recommend') { $settingsCollection += @{ - Key = "autoapplytype" - Value = $autoLabelingSettingsHT.AutoApplyType + Key = 'autoapplytype' + Value = $autoLabelingSettingsHT.AutoApplyType } } $groupCollection += @{ - Key = 'ContentMatchesModule' - Value = $requiredId + Key = 'ContentMatchesModule' + Value = $requiredId Properties = $null - Settings = $settingsCollection + Settings = $settingsCollection } } @@ -2162,7 +2162,7 @@ function ConvertTo-AutoLabelingSettingsString $AutoLabelingSettings ) - $StringContent = "" + $StringContent = '' foreach ($autoLabelingSetting in $AutoLabelingSettings) { $StringContent += " MSFT_SCSLAutoLabelingSettings`r`n" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCUnifiedAuditLogRetentionPolicy/MSFT_SCUnifiedAuditLogRetentionPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCUnifiedAuditLogRetentionPolicy/MSFT_SCUnifiedAuditLogRetentionPolicy.psm1 index f7b15aa1e3..bbd70a101c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCUnifiedAuditLogRetentionPolicy/MSFT_SCUnifiedAuditLogRetentionPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCUnifiedAuditLogRetentionPolicy/MSFT_SCUnifiedAuditLogRetentionPolicy.psm1 @@ -21,7 +21,7 @@ function Get-TargetResource $RecordTypes, [Parameter()] - [ValidateSet("SevenDays", "OneMonth", "ThreeMonths", "SixMonths", "NineMonths", "TwelveMonths", "ThreeYears", "FiveYears", "SevenYears", "TenYears")] + [ValidateSet('SevenDays', 'OneMonth', 'ThreeMonths', 'SixMonths', 'NineMonths', 'TwelveMonths', 'ThreeYears', 'FiveYears', 'SevenYears', 'TenYears')] [System.String] $RetentionDuration, @@ -147,7 +147,7 @@ function Set-TargetResource $RecordTypes, [Parameter(Mandatory = $true)] - [ValidateSet("SevenDays", "OneMonth", "ThreeMonths", "SixMonths", "NineMonths", "TwelveMonths", "ThreeYears", "FiveYears", "SevenYears", "TenYears")] + [ValidateSet('SevenDays', 'OneMonth', 'ThreeMonths', 'SixMonths', 'NineMonths', 'TwelveMonths', 'ThreeYears', 'FiveYears', 'SevenYears', 'TenYears')] [System.String] $RetentionDuration, @@ -233,7 +233,7 @@ function Set-TargetResource $UpdateParameters = ([Hashtable]$BoundParameters).Clone() $UpdateParameters.Remove('Verbose') | Out-Null $UpdateParameters.Remove('Name') | Out-Null - $UpdateParameters.Add('Identity', $currentInstance.Identity) | Out-Null + $UpdateParameters.Add('Identity', $currentInstance.Identity) | Out-Null $keys = $UpdateParameters.Keys foreach ($key in $keys) @@ -282,7 +282,7 @@ function Test-TargetResource $RecordTypes, [Parameter(Mandatory = $true)] - [ValidateSet("SevenDays", "OneMonth", "ThreeMonths", "SixMonths", "NineMonths", "TwelveMonths", "ThreeYears", "FiveYears", "SevenYears", "TenYears")] + [ValidateSet('SevenDays', 'OneMonth', 'ThreeMonths', 'SixMonths', 'NineMonths', 'TwelveMonths', 'ThreeYears', 'FiveYears', 'SevenYears', 'TenYears')] [System.String] $RetentionDuration, @@ -394,7 +394,7 @@ function Export-TargetResource $ManagedIdentity ) - $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` + $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters #Ensure the proper dependencies are installed in the current environment. @@ -437,19 +437,19 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Name = $config.Name - Priority = $config.Priority - RetentionDuration = $config.RetentionDuration - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId + Name = $config.Name + Priority = $config.Priority + RetentionDuration = $config.RetentionDuration + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId CertificateThumbprint = $CertificateThumbprint - ApplicationSecret = $ApplicationSecret + ApplicationSecret = $ApplicationSecret } $Results = Get-TargetResource @Params - $Results.Remove("Identity") | Out-Null + $Results.Remove('Identity') | Out-Null $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCUnifiedAuditLogRetentionPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_SCUnifiedAuditLogRetentionPolicy/settings.json index b975389e7d..3626ebcbf5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCUnifiedAuditLogRetentionPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCUnifiedAuditLogRetentionPolicy/settings.json @@ -1,5 +1,5 @@ { "resourceName": "SCUnifiedAuditLogRetentionPolicy", "description": "The resource configured the Unified Audit Log Retention Policy in the Security and Compliance.", - "permissions":[] + "permissions": [] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 index 687543a436..3d02a61f7c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 @@ -451,7 +451,7 @@ function Test-TargetResource 'ExternalServicesEnabled', ` 'EmailAttestationRequired', ` 'EmailAttestationReAuthDays', - 'ConditionalAccessPolicy', ` + 'ConditionalAccessPolicy', ` 'EnableRestrictedAccessControl') Write-Verbose -Message "Test-TargetResource returned $TestResult" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.psm1 index 2d206db2ee..d5ff15a26c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.psm1 @@ -173,7 +173,7 @@ function Get-TargetResource try { $SPOSharingSettings = Get-PnPTenant -ErrorAction Stop - $MySite = Get-PnPTenantSite -Filter "Url -like '-my.sharepoint.'" | Where-Object -FilterScript { $_.Template -notmatch "^RedirectSite#" } + $MySite = Get-PnPTenantSite -Filter "Url -like '-my.sharepoint.'" | Where-Object -FilterScript { $_.Template -notmatch '^RedirectSite#' } if ($null -ne $MySite) { @@ -199,41 +199,41 @@ function Get-TargetResource $DefaultLinkPermission = $SPOSharingSettings.DefaultLinkPermission } $results = @{ - IsSingleInstance = 'Yes' - SharingCapability = $SPOSharingSettings.SharingCapability - ShowEveryoneClaim = $SPOSharingSettings.ShowEveryoneClaim - ShowAllUsersClaim = $SPOSharingSettings.ShowAllUsersClaim - ShowEveryoneExceptExternalUsersClaim = $SPOSharingSettings.ShowEveryoneExceptExternalUsersClaim - ProvisionSharedWithEveryoneFolder = $SPOSharingSettings.ProvisionSharedWithEveryoneFolder - EnableGuestSignInAcceleration = $SPOSharingSettings.EnableGuestSignInAcceleration - BccExternalSharingInvitations = $SPOSharingSettings.BccExternalSharingInvitations - BccExternalSharingInvitationsList = $SPOSharingSettings.BccExternalSharingInvitationsList - RequireAnonymousLinksExpireInDays = $SPOSharingSettings.RequireAnonymousLinksExpireInDays - ExternalUserExpireInDays = $SPOSharingSettings.ExternalUserExpireInDays - ExternalUserExpirationRequired = $SPOSharingSettings.ExternalUserExpirationRequired - SharingAllowedDomainList = $allowDomains - SharingBlockedDomainList = $blockDomains - SharingDomainRestrictionMode = $SPOSharingSettings.SharingDomainRestrictionMode - DefaultSharingLinkType = $SPOSharingSettings.DefaultSharingLinkType - PreventExternalUsersFromResharing = $SPOSharingSettings.PreventExternalUsersFromResharing - ShowPeoplePickerSuggestionsForGuestUsers = $SPOSharingSettings.ShowPeoplePickerSuggestionsForGuestUsers - FileAnonymousLinkType = $SPOSharingSettings.FileAnonymousLinkType - FolderAnonymousLinkType = $SPOSharingSettings.FolderAnonymousLinkType - NotifyOwnersWhenItemsReshared = $SPOSharingSettings.NotifyOwnersWhenItemsReshared - DefaultLinkPermission = $DefaultLinkPermission + IsSingleInstance = 'Yes' + SharingCapability = $SPOSharingSettings.SharingCapability + ShowEveryoneClaim = $SPOSharingSettings.ShowEveryoneClaim + ShowAllUsersClaim = $SPOSharingSettings.ShowAllUsersClaim + ShowEveryoneExceptExternalUsersClaim = $SPOSharingSettings.ShowEveryoneExceptExternalUsersClaim + ProvisionSharedWithEveryoneFolder = $SPOSharingSettings.ProvisionSharedWithEveryoneFolder + EnableGuestSignInAcceleration = $SPOSharingSettings.EnableGuestSignInAcceleration + BccExternalSharingInvitations = $SPOSharingSettings.BccExternalSharingInvitations + BccExternalSharingInvitationsList = $SPOSharingSettings.BccExternalSharingInvitationsList + RequireAnonymousLinksExpireInDays = $SPOSharingSettings.RequireAnonymousLinksExpireInDays + ExternalUserExpireInDays = $SPOSharingSettings.ExternalUserExpireInDays + ExternalUserExpirationRequired = $SPOSharingSettings.ExternalUserExpirationRequired + SharingAllowedDomainList = $allowDomains + SharingBlockedDomainList = $blockDomains + SharingDomainRestrictionMode = $SPOSharingSettings.SharingDomainRestrictionMode + DefaultSharingLinkType = $SPOSharingSettings.DefaultSharingLinkType + PreventExternalUsersFromResharing = $SPOSharingSettings.PreventExternalUsersFromResharing + ShowPeoplePickerSuggestionsForGuestUsers = $SPOSharingSettings.ShowPeoplePickerSuggestionsForGuestUsers + FileAnonymousLinkType = $SPOSharingSettings.FileAnonymousLinkType + FolderAnonymousLinkType = $SPOSharingSettings.FolderAnonymousLinkType + NotifyOwnersWhenItemsReshared = $SPOSharingSettings.NotifyOwnersWhenItemsReshared + DefaultLinkPermission = $DefaultLinkPermission #DEPRECATED #RequireAcceptingAccountMatchInvitedAccount = $SPOSharingSettings.RequireAcceptingAccountMatchInvitedAccount - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificatePassword = $CertificatePassword - CertificatePath = $CertificatePath - CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent - Ensure = 'Present' - AccessTokens = $AccessTokens + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificatePassword = $CertificatePassword + CertificatePath = $CertificatePath + CertificateThumbprint = $CertificateThumbprint + Managedidentity = $ManagedIdentity.IsPresent + Ensure = 'Present' + AccessTokens = $AccessTokens } if (-not [System.String]::IsNullOrEmpty($MySiteSharingCapability)) @@ -526,7 +526,7 @@ function Set-TargetResource Set-PnPTenant @CurrentParameters | Out-Null if ($SetMySharingCapability) { - $mysite = Get-PnPTenantSite -Filter "Url -like '-my.sharepoint.'" | Where-Object -FilterScript { $_.Template -notmatch "^RedirectSite#" } + $mysite = Get-PnPTenantSite -Filter "Url -like '-my.sharepoint.'" | Where-Object -FilterScript { $_.Template -notmatch '^RedirectSite#' } Set-PnPTenantSite -Identity $mysite.Url -SharingCapability $MySiteSharingCapability } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 index b52a11dd1a..ae9cc174be 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 @@ -206,13 +206,13 @@ function Get-TargetResource # Additional Properties via REST $parametersToRetrieve = @('ExemptNativeUsersFromTenantLevelRestricedAccessControl', - 'AllowSelectSGsInODBListInTenant', - 'DenySelectSGsInODBListInTenant', - 'DenySelectSecurityGroupsInSPSitesList', - 'AllowSelectSecurityGroupsInSPSitesList') + 'AllowSelectSGsInODBListInTenant', + 'DenySelectSGsInODBListInTenant', + 'DenySelectSecurityGroupsInSPSitesList', + 'AllowSelectSecurityGroupsInSPSitesList') $response = Invoke-PnPSPRestMethod -Method Get ` - -Url "$($Global:MSCloudLoginConnectionProfile.PnP.AdminUrl)/_api/SPO.Tenant?`$select=$($parametersToRetrieve -join ',')" + -Url "$($Global:MSCloudLoginConnectionProfile.PnP.AdminUrl)/_api/SPO.Tenant?`$select=$($parametersToRetrieve -join ',')" return @{ @@ -505,46 +505,46 @@ function Set-TargetResource if ($null -ne $ExemptNativeUsersFromTenantLevelRestricedAccessControl) { $needToUpdate = $true - $paramsToUpdate.Add("ExemptNativeUsersFromTenantLevelRestricedAccessControl", $ExemptNativeUsersFromTenantLevelRestricedAccessControl) + $paramsToUpdate.Add('ExemptNativeUsersFromTenantLevelRestricedAccessControl', $ExemptNativeUsersFromTenantLevelRestricedAccessControl) } if ($null -ne $AllowSelectSGsInODBListInTenant) { $needToUpdate = $true - $paramsToUpdate.Add("AllowSelectSGsInODBListInTenant", $AllowSelectSGsInODBListInTenant) + $paramsToUpdate.Add('AllowSelectSGsInODBListInTenant', $AllowSelectSGsInODBListInTenant) } if ($null -ne $DenySelectSGsInODBListInTenant) { $needToUpdate = $true - $paramsToUpdate.Add("DenySelectSGsInODBListInTenant", $DenySelectSGsInODBListInTenant) + $paramsToUpdate.Add('DenySelectSGsInODBListInTenant', $DenySelectSGsInODBListInTenant) } if ($null -ne $DenySelectSecurityGroupsInSPSitesList) { $needToUpdate = $true - $paramsToUpdate.Add("DenySelectSecurityGroupsInSPSitesList", $DenySelectSecurityGroupsInSPSitesList) + $paramsToUpdate.Add('DenySelectSecurityGroupsInSPSitesList', $DenySelectSecurityGroupsInSPSitesList) } if ($null -ne $AllowSelectSecurityGroupsInSPSitesList) { $needToUpdate = $true - $paramsToUpdate.Add("AllowSelectSecurityGroupsInSPSitesList", $AllowSelectSecurityGroupsInSPSitesList) + $paramsToUpdate.Add('AllowSelectSecurityGroupsInSPSitesList', $AllowSelectSecurityGroupsInSPSitesList) } if ($needToUpdate) { - Write-Verbose -Message "Updating properties via REST PATCH call." + Write-Verbose -Message 'Updating properties via REST PATCH call.' Invoke-PnPSPRestMethod -Method PATCH ` - -Url "$($Global:MSCloudLoginConnectionProfile.PnP.AdminUrl)/_api/SPO.Tenant" ` - -Content $paramsToUpdate + -Url "$($Global:MSCloudLoginConnectionProfile.PnP.AdminUrl)/_api/SPO.Tenant" ` + -Content $paramsToUpdate } } catch { - if ($_.Exception.Message.Contains("The requested operation is part of an experimental feature that is not supported in the current environment.")) + if ($_.Exception.Message.Contains('The requested operation is part of an experimental feature that is not supported in the current environment.')) { - Write-Verbose -Message "Updating via REST: The associated feature is not available in the given tenant." + Write-Verbose -Message 'Updating via REST: The associated feature is not available in the given tenant.' } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelAlertRule/MSFT_SentinelAlertRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelAlertRule/MSFT_SentinelAlertRule.psm1 index 77911ab204..e4dd52b9d4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelAlertRule/MSFT_SentinelAlertRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelAlertRule/MSFT_SentinelAlertRule.psm1 @@ -177,18 +177,18 @@ function Get-TargetResource if (-not [System.String]::IsNullOrEmpty($Id)) { $instance = Get-M365DSCSentinelAlertRule -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -TenantId $TenantId ` - -Id $Id + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -TenantId $TenantId ` + -Id $Id } if ($null -eq $instance) { $instances = Get-M365DSCSentinelAlertRule -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -TenantId $TenantId - $instance = $instances | Where-Object -FilterScript {$_.properties.displayName -eq $DisplayName} + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -TenantId $TenantId + $instance = $instances | Where-Object -FilterScript { $_.properties.displayName -eq $DisplayName } } if ($null -eq $instance) { @@ -209,7 +209,7 @@ function Get-TargetResource if ($null -ne $instance.properties.customDetails) { $detailAsHash = @{} - $instance.properties.customDetails.psobject.properties | foreach { $detailAsHash[$_.Name] = $_.Value } + $instance.properties.customDetails.psobject.properties | ForEach-Object { $detailAsHash[$_.Name] = $_.Value } foreach ($key in $detailAsHash.Keys) { $CustomDetailsValue += @{ @@ -226,7 +226,7 @@ function Get-TargetResource foreach ($mapping in $instance.properties.entityMappings) { $entity = @{ - entityType = $mapping.entityType + entityType = $mapping.entityType fieldMappings = @() } @@ -266,7 +266,7 @@ function Get-TargetResource { $info = $instance.properties.incidentConfiguration $IncidentConfigurationValue = @{ - createIncident = [Boolean]::Parse($info.createIncident.ToString()) + createIncident = [Boolean]::Parse($info.createIncident.ToString()) groupingConfiguration = @{ enabled = $info.groupingConfiguration.enabled reopenClosedIncident = $info.groupingConfiguration.reopenClosedIncident @@ -280,42 +280,42 @@ function Get-TargetResource } $results = @{ - ProductFilter = $instance.properties.ProductFilter - Enabled = $instance.properties.Enabled - Severity = $instance.properties.Severity - Tactics = $instance.properties.Tactics - Techniques = $instance.properties.Techniques - SubTechniques = $instance.properties.SubTechniques - Query = $instance.properties.Query - QueryFrequency = $instance.properties.QueryFrequency - QueryPeriod = $instance.properties.QueryPeriod - TriggerOperator = $instance.properties.TriggerOperator - TriggerThreshold = $instance.properties.TriggerThreshold - SuppressionDuration = $instance.properties.SuppressionDuration - SuppressionEnabled = $instance.properties.SuppressionEnabled - AlertRuleTemplateName = $instance.properties.AlertRuleTemplateName - DisplayNamesExcludeFilter = $instance.properties.DisplayNamesExcludeFilter - DisplayNamesFilter = $instance.properties.DisplayNamesFilter - SeveritiesFilter = $instance.properties.SeveritiesFilter - DisplayName = $instance.properties.displayName - EventGroupingSettings = $EventGroupingValueSettingsValue - CustomDetails = $CustomDetailsValue - EntityMappings = $EntityMappingsValue - AlertDetailsOverride = $AlertDetailsOverrideValue - IncidentConfiguration = $IncidentConfigurationValue - SubscriptionId = $SubscriptionId - ResourceGroupName = $ResourceGroupName - WorkspaceName = $WorkspaceName - Id = $instance.name - Kind = $instance.kind - Description = $instance.properties.description - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens + ProductFilter = $instance.properties.ProductFilter + Enabled = $instance.properties.Enabled + Severity = $instance.properties.Severity + Tactics = $instance.properties.Tactics + Techniques = $instance.properties.Techniques + SubTechniques = $instance.properties.SubTechniques + Query = $instance.properties.Query + QueryFrequency = $instance.properties.QueryFrequency + QueryPeriod = $instance.properties.QueryPeriod + TriggerOperator = $instance.properties.TriggerOperator + TriggerThreshold = $instance.properties.TriggerThreshold + SuppressionDuration = $instance.properties.SuppressionDuration + SuppressionEnabled = $instance.properties.SuppressionEnabled + AlertRuleTemplateName = $instance.properties.AlertRuleTemplateName + DisplayNamesExcludeFilter = $instance.properties.DisplayNamesExcludeFilter + DisplayNamesFilter = $instance.properties.DisplayNamesFilter + SeveritiesFilter = $instance.properties.SeveritiesFilter + DisplayName = $instance.properties.displayName + EventGroupingSettings = $EventGroupingValueSettingsValue + CustomDetails = $CustomDetailsValue + EntityMappings = $EntityMappingsValue + AlertDetailsOverride = $AlertDetailsOverrideValue + IncidentConfiguration = $IncidentConfigurationValue + SubscriptionId = $SubscriptionId + ResourceGroupName = $ResourceGroupName + WorkspaceName = $WorkspaceName + Id = $instance.name + Kind = $instance.kind + Description = $instance.properties.description + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return [System.Collections.Hashtable] $results } @@ -506,7 +506,7 @@ function Set-TargetResource if ($Kind -eq 'Fusion') { $instance = @{ - kind = $Kind + kind = $Kind properties = @{ alertRuleTemplateName = $AlertRuleTemplateName enabled = $Enabled @@ -516,7 +516,7 @@ function Set-TargetResource elseif ($Kind -eq 'MicrosoftSecurityIncidentCreation') { $instance = @{ - kind = $Kind + kind = $Kind properties = @{ displayName = $DisplayName description = $Description @@ -531,30 +531,30 @@ function Set-TargetResource elseif ($Kind -eq 'Scheduled') { $instance = @{ - kind = $Kind + kind = $Kind properties = @{ - displayName = $DisplayName - enabled = $Enabled - description = $Description - query = $Query - queryFrequency = $QueryFrequency - queryPeriod = $QueryPeriod - severity = $Severity - suppressionDuration = $SuppressionDuration - suppressionEnabled = $SuppressionEnabled - triggerOperator = $TriggerOperator - triggerThreshold = $TriggerThreshold - eventGroupingSettings = @{ + displayName = $DisplayName + enabled = $Enabled + description = $Description + query = $Query + queryFrequency = $QueryFrequency + queryPeriod = $QueryPeriod + severity = $Severity + suppressionDuration = $SuppressionDuration + suppressionEnabled = $SuppressionEnabled + triggerOperator = $TriggerOperator + triggerThreshold = $TriggerThreshold + eventGroupingSettings = @{ aggregationKind = $EventGroupingSettings.aggregationKind } - customDetails = @{} - alertDetailsOverride = @{ + customDetails = @{} + alertDetailsOverride = @{ alertDisplayNameFormat = $AlertDetailsOverride.alertDisplayNameFormat alertDescriptionFormat = $AlertDetailsOverride.alertDescriptionFormat alertDynamicProperties = @() } - entityMappings = @() - incidentConfiguration = @{ + entityMappings = @() + incidentConfiguration = @{ createIncident = $IncidentConfiguration.createIncident groupingConfiguration = @{ enabled = $IncidentConfiguration.groupingConfiguration.enabled @@ -566,17 +566,17 @@ function Set-TargetResource groupByCustomDetails = $IncidentConfiguration.groupingConfiguration.groupByCustomDetails } } - productFilter = $ProductFilter - displayNamesExcludeFilter = $DisplayNamesExcludeFilter - displayNamesFilter = $DisplayNamesFilter - severitiesFilter = $AlertSeverity + productFilter = $ProductFilter + displayNamesExcludeFilter = $DisplayNamesExcludeFilter + displayNamesFilter = $DisplayNamesFilter + severitiesFilter = $AlertSeverity } } foreach ($entity in $EntityMappings) { $entry = @{ - entityType = $entity.entityType + entityType = $entity.entityType fieldMappings = @() } @@ -607,26 +607,26 @@ function Set-TargetResource elseif ($Kind -eq 'NRT') { $instance = @{ - kind = $Kind + kind = $Kind properties = @{ - displayName = $DisplayName - enabled = $Enabled - description = $Description - query = $Query - severity = $Severity - suppressionDuration = $SuppressionDuration - suppressionEnabled = $SuppressionEnabled - eventGroupingSettings = @{ + displayName = $DisplayName + enabled = $Enabled + description = $Description + query = $Query + severity = $Severity + suppressionDuration = $SuppressionDuration + suppressionEnabled = $SuppressionEnabled + eventGroupingSettings = @{ aggregationKind = $EventGroupingSettings.aggregationKind } - alertDetailsOverride = @{ + alertDetailsOverride = @{ alertDisplayNameFormat = $AlertDetailsOverride.alertDisplayNameFormat alertDescriptionFormat = $AlertDetailsOverride.alertDescriptionFormat alertDynamicProperties = @() } - entityMappings = @() - customDetails = @{} - incidentConfiguration = @{ + entityMappings = @() + customDetails = @{} + incidentConfiguration = @{ createIncident = $IncidentConfiguration.createIncident groupingConfiguration = @{ enabled = $IncidentConfiguration.groupingConfiguration.enabled @@ -638,9 +638,9 @@ function Set-TargetResource groupByCustomDetails = $IncidentConfiguration.groupingConfiguration.groupByCustomDetails } } - techniques = $Techniques - subTechniques = $SubTechniques - tactics = $Tactics + techniques = $Techniques + subTechniques = $SubTechniques + tactics = $Tactics } } @@ -653,7 +653,7 @@ function Set-TargetResource foreach ($entity in $EntityMappings) { $entry = @{ - entityType = $entity.entityType + entityType = $entity.entityType fieldMappings = @() } @@ -688,31 +688,31 @@ function Set-TargetResource { Write-Verbose -Message "Creating new Alert Rule {$DisplayName}" New-M365DSCSentinelAlertRule -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -TenantId $TenantId ` - -Body $instance + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -TenantId $TenantId ` + -Body $instance } # UPDATE - elseif($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') + elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating Alert Rule {$DisplayName}" New-M365DSCSentinelAlertRule -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -TenantId $TenantId ` - -Body $instance ` - -Id $currentInstance.Id + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -TenantId $TenantId ` + -Body $instance ` + -Id $currentInstance.Id } # REMOVE elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Removing Alert Rule {$DisplayName}" Remove-M365DSCSentinelAlertRule -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -TenantId $TenantId ` - -Id $currentInstance.Id + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -TenantId $TenantId ` + -Id $currentInstance.Id } } @@ -997,14 +997,14 @@ function Export-TargetResource } Write-Host " |---[$i/$($workspaces.Length)] $($workspace.Name)" -NoNewline - $subscriptionId = $workspace.ResourceId.Split('/')[2] + $subscriptionId = $workspace.ResourceId.Split('/')[2] $resourceGroupName = $workspace.ResourceGroupName - $workspaceName = $workspace.Name + $workspaceName = $workspace.Name $rules = Get-M365DSCSentinelAlertRule -SubscriptionId $subscriptionId ` - -ResourceGroupName $resourceGroupName ` - -WorkspaceName $workspaceName ` - -TenantId $TenantId + -ResourceGroupName $resourceGroupName ` + -WorkspaceName $workspaceName ` + -TenantId $TenantId $j = 1 if ($currentWatchLists.Length -eq 0 ) @@ -1320,7 +1320,7 @@ function New-M365DSCSentinelAlertRule if ($null -eq $Id) { - $uri += "providers/Microsoft.OperationalInsights/workspaces/$($WorkspaceName)/providers/Microsoft.SecurityInsights/alertrules/$((New-GUID).ToString())?api-version=2024-04-01-preview" + $uri += "providers/Microsoft.OperationalInsights/workspaces/$($WorkspaceName)/providers/Microsoft.SecurityInsights/alertrules/$((New-Guid).ToString())?api-version=2024-04-01-preview" } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelSetting/MSFT_SentinelSetting.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelSetting/MSFT_SentinelSetting.psm1 index 5d13b0e142..8f54467eb3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelSetting/MSFT_SentinelSetting.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelSetting/MSFT_SentinelSetting.psm1 @@ -84,11 +84,11 @@ function Get-TargetResource $WorkspaceNameValue = $WorkspaceName if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $entry = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $WorkspaceName} + $entry = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $WorkspaceName } $instance = Get-AzSentinelSetting -ResourceGroupName $entry.ResourceGroupName ` - -WorkspaceName $entry.Name ` - -SubscriptionId $SubscriptionId ` - -ErrorAction SilentlyContinue + -WorkspaceName $entry.Name ` + -SubscriptionId $SubscriptionId ` + -ErrorAction SilentlyContinue $ResourceGroupNameValue = $entry.ResourceGroupName $WorkspaceNameValue = $entry.Name } @@ -96,9 +96,9 @@ function Get-TargetResource { Write-Verbose -Message "Retrieving Sentinel Settings for {$WorkspaceName}" $instance = Get-AzSentinelSetting -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -ErrorAction SilentlyContinue ` - -SubscriptionId $SubscriptionId + -WorkspaceName $WorkspaceName ` + -ErrorAction SilentlyContinue ` + -SubscriptionId $SubscriptionId } if ($null -eq $instance) { @@ -106,35 +106,35 @@ function Get-TargetResource } Write-Verbose -Message "Found an instance of Sentinel Workspace {$Workspace}" - $Anomalies = $instance | Where-Object -FilterScript {$_.Name -eq 'Anomalies'} + $Anomalies = $instance | Where-Object -FilterScript { $_.Name -eq 'Anomalies' } $AnomaliesIsEnabledValue = $false if ($null -ne $Anomalies) { - Write-Verbose -Message "Anomalies instance found." + Write-Verbose -Message 'Anomalies instance found.' $AnomaliesIsEnabledValue = $Anomalies.IsEnabled } - $EntityAnalytics = $instance | Where-Object -FilterScript {$_.Name -eq 'EntityAnalytics'} + $EntityAnalytics = $instance | Where-Object -FilterScript { $_.Name -eq 'EntityAnalytics' } $EntityAnalyticsIsEnabledValue = $false if ($null -ne $EntityAnalytics) { - Write-Verbose -Message "EntityAnalytics instance found." + Write-Verbose -Message 'EntityAnalytics instance found.' $EntityAnalyticsIsEnabledValue = $EntityAnalytics.IsEnabled } - $EyesOn = $instance | Where-Object -FilterScript {$_.Name -eq 'EyesOn'} + $EyesOn = $instance | Where-Object -FilterScript { $_.Name -eq 'EyesOn' } $EyesOnIsEnabledValue = $false if ($null -ne $EyesOn) { - Write-Verbose -Message "EyesOn instance found." + Write-Verbose -Message 'EyesOn instance found.' $EyesOnIsEnabledValue = $EyesOn.IsEnabled } - $Ueba = $instance | Where-Object -FilterScript {$_.Name -eq 'Ueba'} + $Ueba = $instance | Where-Object -FilterScript { $_.Name -eq 'Ueba' } $UebaDataSourceValue = $null if ($null -ne $Ueba) { - Write-Verbose -Message "UEBA Data source instance found." + Write-Verbose -Message 'UEBA Data source instance found.' $UebaDataSourceValue = $Ueba.DataSource } @@ -242,33 +242,33 @@ function Set-TargetResource { Write-Verbose -Message "Updating Anomalies IsEnabled value to {$AnomaliesIsEnabled}" Update-AzSentinelSetting -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -SettingsName "Anomalies" ` - -Enabled $AnomaliesIsEnabled | Out-Null + -WorkspaceName $WorkspaceName ` + -SettingsName 'Anomalies' ` + -Enabled $AnomaliesIsEnabled | Out-Null } if ($PSBoundParameters.ContainsKey('EntityAnalyticsIsEnabled')) { Write-Verbose -Message "Updating Entity Analytics IsEnabled value to {$EntityAnalyticsIsEnabled}" Update-AzSentinelSetting -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -SettingsName "EntityAnalytics" ` - -Enabled $EntityAnalyticsIsEnabled | Out-Null + -WorkspaceName $WorkspaceName ` + -SettingsName 'EntityAnalytics' ` + -Enabled $EntityAnalyticsIsEnabled | Out-Null } if ($PSBoundParameters.ContainsKey('EyesOnIsEnabled')) { Write-Verbose -Message "Updating Eyes On IsEnabled value to {$EyesOnIsEnabled}" Update-AzSentinelSetting -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -SettingsName "EyesOn" ` - -Enabled $EyesOnIsEnabled | Out-Null + -WorkspaceName $WorkspaceName ` + -SettingsName 'EyesOn' ` + -Enabled $EyesOnIsEnabled | Out-Null } if ($PSBoundParameters.ContainsKey('UebaDataSource')) { Write-Verbose -Message "Updating UEBA Data Source value to {$UebaDataSource}" Update-AzSentinelSetting -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -SettingsName "Ueba" ` - -DataSource $UebaDataSource | Out-Null + -WorkspaceName $WorkspaceName ` + -SettingsName 'Ueba' ` + -DataSource $UebaDataSource | Out-Null } } @@ -448,16 +448,16 @@ function Export-TargetResource $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results + -Results $Results $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` - -ConnectionMode $ConnectionMode ` - -ModulePath $PSScriptRoot ` - -Results $Results ` - -Credential $Credential + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $Results ` + -Credential $Credential $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` - -FileName $Global:PartialExportFileName + -FileName $Global:PartialExportFileName $i++ Write-Host $Global:M365DSCEmojiGreenCheckMark } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelThreatIntelligenceIndicator/MSFT_SentinelThreatIntelligenceIndicator.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelThreatIntelligenceIndicator/MSFT_SentinelThreatIntelligenceIndicator.psm1 index 5f7e93dfba..15590bef76 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelThreatIntelligenceIndicator/MSFT_SentinelThreatIntelligenceIndicator.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelThreatIntelligenceIndicator/MSFT_SentinelThreatIntelligenceIndicator.psm1 @@ -130,19 +130,19 @@ function Get-TargetResource { Write-Verbose -Message "Retrieving indicator by id {$Id}" $instance = Get-M365DSCSentinelThreatIntelligenceIndicator -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -TenantId $TenantId ` - -Id $Id + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -TenantId $TenantId ` + -Id $Id } if ($null -eq $instance) { Write-Verbose -Message "Retrieving indicator by DisplayName {$DisplayName}" $instances = Get-M365DSCSentinelThreatIntelligenceIndicator -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -TenantId $TenantId - $instance = $instances | Where-Object -FilterScript {$_.properties.displayName -eq $DisplayName} + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -TenantId $TenantId + $instance = $instances | Where-Object -FilterScript { $_.properties.displayName -eq $DisplayName } } if ($null -eq $instance) { @@ -308,7 +308,7 @@ function Set-TargetResource $currentInstance = Get-TargetResource @PSBoundParameters $instanceParameters = @{ - kind = 'indicator' + kind = 'indicator' properties = @{ confidence = $Confidence description = $Description @@ -349,31 +349,31 @@ function Set-TargetResource { Write-Verbose -Message "Creating a new indicator {$DisplayName}" New-M365DSCSentinelThreatIntelligenceIndicator -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -TenantId $TenantId ` - -Body $instanceParameters + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -TenantId $TenantId ` + -Body $instanceParameters } # UPDATE elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating indicator {$DisplayName}" Set-M365DSCSentinelThreatIntelligenceIndicator -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -TenantId $TenantId ` - -Body $instanceParameters ` - -Id $currentInstance.Id + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -TenantId $TenantId ` + -Body $instanceParameters ` + -Id $currentInstance.Id } # REMOVE elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Removing indicator {$DisplayName}" Remove-M365DSCSentinelThreatIntelligenceIndicator -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -TenantId $TenantId ` - -Id $currentInstance.Id + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -TenantId $TenantId ` + -Id $currentInstance.Id } } @@ -587,14 +587,14 @@ function Export-TargetResource } Write-Host " |---[$i/$($workspaces.Length)] $($workspace.Name)" -NoNewline - $subscriptionId = $workspace.ResourceId.Split('/')[2] + $subscriptionId = $workspace.ResourceId.Split('/')[2] $resourceGroupName = $workspace.ResourceGroupName - $workspaceName = $workspace.Name + $workspaceName = $workspace.Name $indicators = Get-M365DSCSentinelThreatIntelligenceIndicator -SubscriptionId $subscriptionId ` - -ResourceGroupName $resourceGroupName ` - -WorkspaceName $workspaceName ` - -TenantId $TenantId + -ResourceGroupName $resourceGroupName ` + -WorkspaceName $workspaceName ` + -TenantId $TenantId $j = 1 if ($currentWatchLists.Length -eq 0 ) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelWatchlist/MSFT_SentinelWatchlist.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelWatchlist/MSFT_SentinelWatchlist.psm1 index 38cce01c28..19b7c297c5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelWatchlist/MSFT_SentinelWatchlist.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SentinelWatchlist/MSFT_SentinelWatchlist.psm1 @@ -115,29 +115,29 @@ function Get-TargetResource { if (-not [System.String]::IsNullOrEmpty($Id)) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.properties.watchListId -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.properties.watchListId -eq $Id } } if ($null -eq $instance) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.name -eq $Name} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.name -eq $Name } } } else { $watchLists = Get-M365DSCSentinelWatchlist -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceName ` - -WorkspaceName $workspaceName ` - -TenantId $TenantId + -ResourceGroupName $ResourceName ` + -WorkspaceName $workspaceName ` + -TenantId $TenantId if (-not [System.String]::IsNullOrEmpty($Id)) { - $instance = $watchLists | Where-Object -FilterScript {$_.properties.watchListId -eq $Id} + $instance = $watchLists | Where-Object -FilterScript { $_.properties.watchListId -eq $Id } } if ($null -eq $instance) { - $instance = $watchLists | Where-Object -FilterScript {$_.name -eq $Name} + $instance = $watchLists | Where-Object -FilterScript { $_.name -eq $Name } } } if ($null -eq $instance) @@ -291,7 +291,7 @@ function Set-TargetResource $body = @{ properties = @{ displayName = $DisplayName - provider = "Microsoft" + provider = 'Microsoft' itemsSearchKey = $ItemsSearchKey sourceType = $SourceType description = $Description @@ -303,7 +303,7 @@ function Set-TargetResource if ($null -ne $RawContent) { - Write-Verbose -Message "Adding rawContent and contentType to the payload" + Write-Verbose -Message 'Adding rawContent and contentType to the payload' $body.properties.Add('rawContent', $RawContent) $body.properties.Add('contentType', 'text/csv') } @@ -313,21 +313,21 @@ function Set-TargetResource { Write-Verbose -Message "Configuring watchlist {$Name}" Set-M365DSCSentinelWatchlist -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -WatchListAlias $Alias ` - -Body $body ` - -TenantId $TenantId + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -WatchListAlias $Alias ` + -Body $body ` + -TenantId $TenantId } # REMOVE elseif ($Ensure -eq 'Absent') { Write-Verbose -Message "Removing watchlist {$Name}" Remove-M365DSCSentinelWatchlist -SubscriptionId $SubscriptionId ` - -ResourceGroupName $ResourceGroupName ` - -WorkspaceName $WorkspaceName ` - -WatchListAlias $Alias ` - -TenantId $TenantId + -ResourceGroupName $ResourceGroupName ` + -WorkspaceName $WorkspaceName ` + -WatchListAlias $Alias ` + -TenantId $TenantId } } @@ -520,14 +520,14 @@ function Export-TargetResource foreach ($workspace in $workspaces) { Write-Host " |---[$i/$($workspaces.Length)] $($workspace.Name)" -NoNewline - $subscriptionId = $workspace.ResourceId.Split('/')[2] + $subscriptionId = $workspace.ResourceId.Split('/')[2] $resourceGroupName = $workspace.ResourceGroupName - $workspaceName = $workspace.Name + $workspaceName = $workspace.Name $currentWatchLists = Get-M365DSCSentinelWatchlist -SubscriptionId $subscriptionId ` - -ResourceGroupName $resourceGroupName ` - -WorkspaceName $workspaceName ` - -TenantId $TenantId + -ResourceGroupName $resourceGroupName ` + -WorkspaceName $workspaceName ` + -TenantId $TenantId $j = 1 if ($currentWatchLists.Length -eq 0 ) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/MSFT_TeamsAppSetupPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/MSFT_TeamsAppSetupPolicy.psm1 index c758827f73..2379a710c6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/MSFT_TeamsAppSetupPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/MSFT_TeamsAppSetupPolicy.psm1 @@ -262,9 +262,9 @@ function Set-TargetResource $CreateParameters.Remove('Verbose') | Out-Null Write-Verbose -Message "Creating {$Identity} with Parameters:`r`n$(Convert-M365DscHashtableToString -Hashtable $CreateParameters)" - $CreateParameters.AppPresetList = $appPresetValues + $CreateParameters.AppPresetList = $appPresetValues $CreateParameters.AppPresetMeetingList = $appPresetMeetingValues - $CreateParameters.PinnedAppBarApps = $pinnedAppBarAppsValue + $CreateParameters.PinnedAppBarApps = $pinnedAppBarAppsValue $CreateParameters.PinnedMessageBarApps = $pinnedMessageBarAppsValue New-CsTeamsAppSetupPolicy @CreateParameters | Out-Null @@ -275,9 +275,9 @@ function Set-TargetResource $UpdateParameters.Remove('Verbose') | Out-Null Write-Verbose -Message "Updating {$Identity}" - $UpdateParameters.AppPresetList = $appPresetValues + $UpdateParameters.AppPresetList = $appPresetValues $UpdateParameters.AppPresetMeetingList = $appPresetMeetingValues - $UpdateParameters.PinnedAppBarApps = $pinnedAppBarAppsValue + $UpdateParameters.PinnedAppBarApps = $pinnedAppBarAppsValue $UpdateParameters.PinnedMessageBarApps = $pinnedMessageBarAppsValue Set-CsTeamsAppSetupPolicy @UpdateParameters | Out-Null diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/MSFT_TeamsCallQueue.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/MSFT_TeamsCallQueue.psm1 index bdeec1a64e..411c4bf3b7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/MSFT_TeamsCallQueue.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/MSFT_TeamsCallQueue.psm1 @@ -9,7 +9,7 @@ function Get-TargetResource $Name, [Parameter()] - [ValidateRange(15,180)] + [ValidateRange(15, 180)] [System.UInt16] $AgentAlertTime, @@ -34,7 +34,7 @@ function Get-TargetResource $MusicOnHoldAudioFileId, [Parameter()] - [ValidateSet("DisconnectWithBusy","Forward","Voicemail","SharedVoicemail")] + [ValidateSet('DisconnectWithBusy', 'Forward', 'Voicemail', 'SharedVoicemail')] [System.String] $OverflowAction, @@ -43,12 +43,12 @@ function Get-TargetResource $OverflowActionTarget, [Parameter()] - [ValidateRange(0,200)] + [ValidateRange(0, 200)] [System.UInt16] $OverflowThreshold, [Parameter()] - [ValidateSet("Disconnect","Forward","Voicemail","SharedVoicemail")] + [ValidateSet('Disconnect', 'Forward', 'Voicemail', 'SharedVoicemail')] [System.String] $TimeoutAction, @@ -57,12 +57,12 @@ function Get-TargetResource $TimeoutActionTarget, [Parameter()] - [ValidateRange(0,2700)] + [ValidateRange(0, 2700)] [System.UInt16] $TimeoutThreshold, [Parameter()] - [ValidateSet("Attendant","Serial","RoundRobin","LongestIdle")] + [ValidateSet('Attendant', 'Serial', 'RoundRobin', 'LongestIdle')] [System.String] $RoutingMethod, @@ -257,12 +257,12 @@ function Get-TargetResource { Write-Host -Message "Getting Office 365 queue $Name" $queue = Get-CsCallQueue -NameFilter $Name ` - -ErrorAction SilentlyContinue | Where-Object -FilterScript {$_.Name -eq $Name} + -ErrorAction SilentlyContinue | Where-Object -FilterScript { $_.Name -eq $Name } } else { Write-Host -Message "Retrieving queue $Name from the exported instances" - $queue = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + $queue = $Script:exportedInstances | Where-Object -FilterScript { $_.Name -eq $Name } } @@ -353,7 +353,7 @@ function Set-TargetResource $Name, [Parameter()] - [ValidateRange(15,180)] + [ValidateRange(15, 180)] [System.UInt16] $AgentAlertTime, @@ -378,7 +378,7 @@ function Set-TargetResource $MusicOnHoldAudioFileId, [Parameter()] - [ValidateSet("DisconnectWithBusy","Forward","Voicemail","SharedVoicemail")] + [ValidateSet('DisconnectWithBusy', 'Forward', 'Voicemail', 'SharedVoicemail')] [System.String] $OverflowAction, @@ -387,12 +387,12 @@ function Set-TargetResource $OverflowActionTarget, [Parameter()] - [ValidateRange(0,200)] + [ValidateRange(0, 200)] [System.UInt16] $OverflowThreshold, [Parameter()] - [ValidateSet("Disconnect","Forward","Voicemail","SharedVoicemail")] + [ValidateSet('Disconnect', 'Forward', 'Voicemail', 'SharedVoicemail')] [System.String] $TimeoutAction, @@ -401,12 +401,12 @@ function Set-TargetResource $TimeoutActionTarget, [Parameter()] - [ValidateRange(0,2700)] + [ValidateRange(0, 2700)] [System.UInt16] $TimeoutThreshold, [Parameter()] - [ValidateSet("Attendant","Serial","RoundRobin","LongestIdle")] + [ValidateSet('Attendant', 'Serial', 'RoundRobin', 'LongestIdle')] [System.String] $RoutingMethod, @@ -635,7 +635,7 @@ function Test-TargetResource $Name, [Parameter()] - [ValidateRange(15,180)] + [ValidateRange(15, 180)] [System.UInt16] $AgentAlertTime, @@ -660,7 +660,7 @@ function Test-TargetResource $MusicOnHoldAudioFileId, [Parameter()] - [ValidateSet("DisconnectWithBusy","Forward","Voicemail","SharedVoicemail")] + [ValidateSet('DisconnectWithBusy', 'Forward', 'Voicemail', 'SharedVoicemail')] [System.String] $OverflowAction, @@ -669,12 +669,12 @@ function Test-TargetResource $OverflowActionTarget, [Parameter()] - [ValidateRange(0,200)] + [ValidateRange(0, 200)] [System.UInt16] $OverflowThreshold, [Parameter()] - [ValidateSet("Disconnect","Forward","Voicemail","SharedVoicemail")] + [ValidateSet('Disconnect', 'Forward', 'Voicemail', 'SharedVoicemail')] [System.String] $TimeoutAction, @@ -683,12 +683,12 @@ function Test-TargetResource $TimeoutActionTarget, [Parameter()] - [ValidateRange(0,2700)] + [ValidateRange(0, 2700)] [System.UInt16] $TimeoutThreshold, [Parameter()] - [ValidateSet("Attendant","Serial","RoundRobin","LongestIdle")] + [ValidateSet('Attendant', 'Serial', 'RoundRobin', 'LongestIdle')] [System.String] $RoutingMethod, @@ -940,7 +940,8 @@ function Export-TargetResource $Script:ExportMode = $true $Script:MaxSize = 1000 [array] $Script:exportedInstances = Get-CsCallQueue -ErrorAction Stop -First $Script:MaxSize - if ($Script:exportedInstances.Count -eq $Script:MaxSize){ + if ($Script:exportedInstances.Count -eq $Script:MaxSize) + { Write-Verbose -Message "WARNING: CsCallQueue isn't exporting all of them, you reach the max size." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannel/MSFT_TeamsChannel.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannel/MSFT_TeamsChannel.psm1 index 940dec7561..6d23a4d767 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannel/MSFT_TeamsChannel.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannel/MSFT_TeamsChannel.psm1 @@ -421,7 +421,7 @@ function Export-TargetResource Write-Host "`r`n" -NoNewline foreach ($team in $Teams) { - if($null -ne $team.GroupId) + if ($null -ne $team.GroupId) { $channels = Get-TeamChannel -GroupId $team.GroupId $i = 1 diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelTab/MSFT_TeamsChannelTab.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelTab/MSFT_TeamsChannelTab.psm1 index f860d32bb3..f2ae6eaa49 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelTab/MSFT_TeamsChannelTab.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelTab/MSFT_TeamsChannelTab.psm1 @@ -97,7 +97,7 @@ function Get-TargetResource DisplayName = $DisplayName TeamName = $TeamName ChannelName = $ChannelName - Ensure = "Absent" + Ensure = 'Absent' } try @@ -356,7 +356,7 @@ function Set-TargetResource $CurrentParameters.Remove('ChannelName') | Out-Null $CurrentParameters.Add('TeamsTabId', $tabInstance.Id) Write-Verbose -Message "Params: $($CurrentParameters | Out-String)" - Update-MgBetaTeamChannelTab @CurrentParameters | Out-Null + Update-MgBetaTeamChannelTab @CurrentParameters | Out-Null } elseif ($Ensure -eq 'Present' -and ($tab.Ensure -eq 'Absent')) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 index ebfd75aaa1..32942f4199 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 @@ -13,7 +13,7 @@ function Get-TargetResource $GroupId, [Parameter(Mandatory = $true)] - [ValidateSet('ApplicationAccessPolicy','CallingLineIdentity','OnlineAudioConferencingRoutingPolicy','OnlineVoicemailPolicy','OnlineVoiceRoutingPolicy','TeamsAudioConferencingPolicy','TeamsCallHoldPolicy','TeamsCallParkPolicy','TeamsChannelsPolicy','TeamsComplianceRecordingPolicy','TeamsCortanaPolicy','TeamsEmergencyCallingPolicy','TeamsEnhancedEncryptionPolicy','TeamsFeedbackPolicy','TeamsFilesPolicy','TeamsIPPhonePolicy','TeamsMediaLoggingPolicy','TeamsMeetingBroadcastPolicy','TeamsMeetingPolicy','TeamsMessagingPolicy','TeamsMobilityPolicy','TeamsRoomVideoTeleConferencingPolicy','TeamsShiftsPolicy','TeamsUpdateManagementPolicy','TeamsVdiPolicy','TeamsVideoInteropServicePolicy','TenantDialPlan','ExternalAccessPolicy','TeamsAppSetupPolicy','TeamsCallingPolicy','TeamsEventsPolicy','TeamsMeetingBrandingPolicy','TeamsMeetingTemplatePermissionPolicy','TeamsVerticalPackagePolicy')] + [ValidateSet('ApplicationAccessPolicy', 'CallingLineIdentity', 'OnlineAudioConferencingRoutingPolicy', 'OnlineVoicemailPolicy', 'OnlineVoiceRoutingPolicy', 'TeamsAudioConferencingPolicy', 'TeamsCallHoldPolicy', 'TeamsCallParkPolicy', 'TeamsChannelsPolicy', 'TeamsComplianceRecordingPolicy', 'TeamsCortanaPolicy', 'TeamsEmergencyCallingPolicy', 'TeamsEnhancedEncryptionPolicy', 'TeamsFeedbackPolicy', 'TeamsFilesPolicy', 'TeamsIPPhonePolicy', 'TeamsMediaLoggingPolicy', 'TeamsMeetingBroadcastPolicy', 'TeamsMeetingPolicy', 'TeamsMessagingPolicy', 'TeamsMobilityPolicy', 'TeamsRoomVideoTeleConferencingPolicy', 'TeamsShiftsPolicy', 'TeamsUpdateManagementPolicy', 'TeamsVdiPolicy', 'TeamsVideoInteropServicePolicy', 'TenantDialPlan', 'ExternalAccessPolicy', 'TeamsAppSetupPolicy', 'TeamsCallingPolicy', 'TeamsEventsPolicy', 'TeamsMeetingBrandingPolicy', 'TeamsMeetingTemplatePermissionPolicy', 'TeamsVerticalPackagePolicy')] [System.String] $PolicyType, @@ -75,10 +75,12 @@ function Get-TargetResource try { Write-Verbose -Message "Getting Group with Id {$GroupId}" - if ($GroupId -match '\b[A-Fa-f0-9]{8}(?:-[A-Fa-f0-9]{4}){3}-[A-Fa-f0-9]{12}\b' -and $GroupId -ne '00000000-0000-0000-0000-000000000000'){ + if ($GroupId -match '\b[A-Fa-f0-9]{8}(?:-[A-Fa-f0-9]{4}){3}-[A-Fa-f0-9]{12}\b' -and $GroupId -ne '00000000-0000-0000-0000-000000000000') + { $Group = Find-CsGroup -SearchQuery $GroupId -ExactMatchOnly $true -ErrorAction SilentlyContinue } - else { + else + { $Group = $null } if ($null -eq $Group) @@ -157,7 +159,7 @@ function Set-TargetResource $GroupId, [Parameter(Mandatory = $true)] - [ValidateSet('ApplicationAccessPolicy','CallingLineIdentity','OnlineAudioConferencingRoutingPolicy','OnlineVoicemailPolicy','OnlineVoiceRoutingPolicy','TeamsAudioConferencingPolicy','TeamsCallHoldPolicy','TeamsCallParkPolicy','TeamsChannelsPolicy','TeamsComplianceRecordingPolicy','TeamsCortanaPolicy','TeamsEmergencyCallingPolicy','TeamsEnhancedEncryptionPolicy','TeamsFeedbackPolicy','TeamsFilesPolicy','TeamsIPPhonePolicy','TeamsMediaLoggingPolicy','TeamsMeetingBroadcastPolicy','TeamsMeetingPolicy','TeamsMessagingPolicy','TeamsMobilityPolicy','TeamsRoomVideoTeleConferencingPolicy','TeamsShiftsPolicy','TeamsUpdateManagementPolicy','TeamsVdiPolicy','TeamsVideoInteropServicePolicy','TenantDialPlan','ExternalAccessPolicy','TeamsAppSetupPolicy','TeamsCallingPolicy','TeamsEventsPolicy','TeamsMeetingBrandingPolicy','TeamsMeetingTemplatePermissionPolicy','TeamsVerticalPackagePolicy')] + [ValidateSet('ApplicationAccessPolicy', 'CallingLineIdentity', 'OnlineAudioConferencingRoutingPolicy', 'OnlineVoicemailPolicy', 'OnlineVoiceRoutingPolicy', 'TeamsAudioConferencingPolicy', 'TeamsCallHoldPolicy', 'TeamsCallParkPolicy', 'TeamsChannelsPolicy', 'TeamsComplianceRecordingPolicy', 'TeamsCortanaPolicy', 'TeamsEmergencyCallingPolicy', 'TeamsEnhancedEncryptionPolicy', 'TeamsFeedbackPolicy', 'TeamsFilesPolicy', 'TeamsIPPhonePolicy', 'TeamsMediaLoggingPolicy', 'TeamsMeetingBroadcastPolicy', 'TeamsMeetingPolicy', 'TeamsMessagingPolicy', 'TeamsMobilityPolicy', 'TeamsRoomVideoTeleConferencingPolicy', 'TeamsShiftsPolicy', 'TeamsUpdateManagementPolicy', 'TeamsVdiPolicy', 'TeamsVideoInteropServicePolicy', 'TenantDialPlan', 'ExternalAccessPolicy', 'TeamsAppSetupPolicy', 'TeamsCallingPolicy', 'TeamsEventsPolicy', 'TeamsMeetingBrandingPolicy', 'TeamsMeetingTemplatePermissionPolicy', 'TeamsVerticalPackagePolicy')] [System.String] $PolicyType, @@ -277,7 +279,7 @@ function Test-TargetResource $GroupId, [Parameter(Mandatory = $true)] - [ValidateSet('ApplicationAccessPolicy','CallingLineIdentity','OnlineAudioConferencingRoutingPolicy','OnlineVoicemailPolicy','OnlineVoiceRoutingPolicy','TeamsAudioConferencingPolicy','TeamsCallHoldPolicy','TeamsCallParkPolicy','TeamsChannelsPolicy','TeamsComplianceRecordingPolicy','TeamsCortanaPolicy','TeamsEmergencyCallingPolicy','TeamsEnhancedEncryptionPolicy','TeamsFeedbackPolicy','TeamsFilesPolicy','TeamsIPPhonePolicy','TeamsMediaLoggingPolicy','TeamsMeetingBroadcastPolicy','TeamsMeetingPolicy','TeamsMessagingPolicy','TeamsMobilityPolicy','TeamsRoomVideoTeleConferencingPolicy','TeamsShiftsPolicy','TeamsUpdateManagementPolicy','TeamsVdiPolicy','TeamsVideoInteropServicePolicy','TenantDialPlan','ExternalAccessPolicy','TeamsAppSetupPolicy','TeamsCallingPolicy','TeamsEventsPolicy','TeamsMeetingBrandingPolicy','TeamsMeetingTemplatePermissionPolicy','TeamsVerticalPackagePolicy')] + [ValidateSet('ApplicationAccessPolicy', 'CallingLineIdentity', 'OnlineAudioConferencingRoutingPolicy', 'OnlineVoicemailPolicy', 'OnlineVoiceRoutingPolicy', 'TeamsAudioConferencingPolicy', 'TeamsCallHoldPolicy', 'TeamsCallParkPolicy', 'TeamsChannelsPolicy', 'TeamsComplianceRecordingPolicy', 'TeamsCortanaPolicy', 'TeamsEmergencyCallingPolicy', 'TeamsEnhancedEncryptionPolicy', 'TeamsFeedbackPolicy', 'TeamsFilesPolicy', 'TeamsIPPhonePolicy', 'TeamsMediaLoggingPolicy', 'TeamsMeetingBroadcastPolicy', 'TeamsMeetingPolicy', 'TeamsMessagingPolicy', 'TeamsMobilityPolicy', 'TeamsRoomVideoTeleConferencingPolicy', 'TeamsShiftsPolicy', 'TeamsUpdateManagementPolicy', 'TeamsVdiPolicy', 'TeamsVideoInteropServicePolicy', 'TenantDialPlan', 'ExternalAccessPolicy', 'TeamsAppSetupPolicy', 'TeamsCallingPolicy', 'TeamsEventsPolicy', 'TeamsMeetingBrandingPolicy', 'TeamsMeetingTemplatePermissionPolicy', 'TeamsVerticalPackagePolicy')] [System.String] $PolicyType, diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsM365App/MSFT_TeamsM365App.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsM365App/MSFT_TeamsM365App.psm1 index ee499942df..c25212738f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsM365App/MSFT_TeamsM365App.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsM365App/MSFT_TeamsM365App.psm1 @@ -74,7 +74,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $instance = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $instance = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } else { @@ -234,20 +234,20 @@ function Set-TargetResource { Write-Verbose -Message "Removing Users Assignments for {$($usersToAdd)}" Update-M365TeamsApp -Id $Id ` - -IsBlocked $IsBlocked ` - -AppAssignmentType $AssignmentType ` - -OperationType 'Remove' ` - -Users $usersToRemove + -IsBlocked $IsBlocked ` + -AppAssignmentType $AssignmentType ` + -OperationType 'Remove' ` + -Users $usersToRemove } if ($usersToAdd.Length -gt 0) { Write-Verbose -Message "Removing Users Assignments for {$($usersToAdd)}" Update-M365TeamsApp -Id $Id ` - -IsBlocked $IsBlocked ` - -AppAssignmentType $AssignmentType ` - -OperationType 'Add' ` - -Users $usersToAdd + -IsBlocked $IsBlocked ` + -AppAssignmentType $AssignmentType ` + -OperationType 'Add' ` + -Users $usersToAdd } #endregion @@ -273,20 +273,20 @@ function Set-TargetResource { Write-Verbose -Message "Removing Group Assignments for {$($groupsToRemove)}" Update-M365TeamsApp -Id $Id ` - -IsBlocked $IsBlocked ` - -AppAssignmentType $AssignmentType ` - -OperationType 'Remove' ` - -Groups $groupsToRemove + -IsBlocked $IsBlocked ` + -AppAssignmentType $AssignmentType ` + -OperationType 'Remove' ` + -Groups $groupsToRemove } if ($groupsToAdd.Length -gt 0) { Write-Verbose -Message "Adding Group Assignments for {$($groupsToAdd)}" Update-M365TeamsApp -Id $Id ` - -IsBlocked $IsBlocked ` - -AppAssignmentType $AssignmentType ` - -OperationType 'Add' ` - -Groups $groupsToAdd + -IsBlocked $IsBlocked ` + -AppAssignmentType $AssignmentType ` + -OperationType 'Add' ` + -Groups $groupsToAdd } #endregion } @@ -294,8 +294,8 @@ function Set-TargetResource { Write-Verbose -Message "Updating core settings for app {$Id}" Update-M365TeamsApp -Id $Id ` - -IsBlocked $IsBlocked ` - -AppAssignmentType $AssignmentType + -IsBlocked $IsBlocked ` + -AppAssignmentType $AssignmentType } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/MSFT_TeamsMessagingPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/MSFT_TeamsMessagingPolicy.psm1 index 92e0513144..ee64f5a2e6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/MSFT_TeamsMessagingPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/MSFT_TeamsMessagingPolicy.psm1 @@ -179,7 +179,7 @@ function Get-TargetResource $currentPolicy = $currentPolicy.Split(':')[1] } return @{ - Identity = $currentPolicy + Identity = $currentPolicy AllowCommunicationComplianceEndUserReporting = $policy.AllowCommunicationComplianceEndUserReporting AllowGiphy = $policy.AllowGiphy AllowFluidCollaborate = $policy.AllowFluidCollaborate diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/MSFT_TeamsOrgWideAppSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/MSFT_TeamsOrgWideAppSettings.psm1 index 2f032f78bd..808449ce9d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/MSFT_TeamsOrgWideAppSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/MSFT_TeamsOrgWideAppSettings.psm1 @@ -50,7 +50,7 @@ function Get-TargetResource { $settings = Get-CsTeamsSettingsCustomApp -ErrorAction Stop return @{ - IsSingleInstance = 'Yes' + IsSingleInstance = 'Yes' IsSideloadedAppsInteractionEnabled = $settings.IsSideloadedAppsInteractionEnabled Credential = $Credential AccessTokens = $AccessTokens @@ -59,7 +59,7 @@ function Get-TargetResource } catch { - if ($_.Exception.Message -like "*Resource not found.*") + if ($_.Exception.Message -like '*Resource not found.*') { Write-Warning -Message "The API doesn't exist for the selected environment." } @@ -222,9 +222,9 @@ function Export-TargetResource { $dscContent = '' $params = @{ - IsSingleInstance = 'Yes' - Credential = $Credential - AccessTokens = $AccessTokens + IsSingleInstance = 'Yes' + Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params @@ -236,7 +236,7 @@ function Export-TargetResource } $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results + -Results $Results $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` -ConnectionMode $ConnectionMode ` -ModulePath $PSScriptRoot ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/MSFT_TeamsPstnUsage.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/MSFT_TeamsPstnUsage.psm1 index 7dade8dee8..d1a7909943 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/MSFT_TeamsPstnUsage.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/MSFT_TeamsPstnUsage.psm1 @@ -166,7 +166,7 @@ function Set-TargetResource $SetParameters.Remove('TenantId') | Out-Null $SetParameters.Remove('CertificateThumbprint') | Out-Null $SetParameters.Remove('ManagedIdentity') | Out-Null - $SetParameters.Remove('AccessTokens') | Out-Null + $SetParameters.Remove('AccessTokens') | Out-Null if ($Ensure -eq 'Present' -and $CurrentValues.Ensure -eq 'Absent') { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/MSFT_TeamsShiftsPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/MSFT_TeamsShiftsPolicy.psm1 index 702bd1c042..37a2982a75 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/MSFT_TeamsShiftsPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/MSFT_TeamsShiftsPolicy.psm1 @@ -225,7 +225,7 @@ function Set-TargetResource if ($PSBoundParameters.ContainsKey('EnableShiftPresence')) { - Write-Verbose -Message "The EnableShiftPresence parameter was used but is deprecated. It will be ignored." + Write-Verbose -Message 'The EnableShiftPresence parameter was used but is deprecated. It will be ignored.' $PSBoundParameters.Remove('EnableShiftPresence') | Out-Null } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/MSFT_TeamsTemplatesPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/MSFT_TeamsTemplatesPolicy.psm1 index c74fe4e136..8554f7b9cf 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/MSFT_TeamsTemplatesPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/MSFT_TeamsTemplatesPolicy.psm1 @@ -195,7 +195,7 @@ function Set-TargetResource $allTemplates = Get-CsTeamTemplateList foreach ($hiddenTemplate in $HiddenTemplates) { - $template = $allTemplates | Where-Object -FilterScript {$_.Name -eq $hiddenTemplate} + $template = $allTemplates | Where-Object -FilterScript { $_.Name -eq $hiddenTemplate } $hideTemplatesValues += New-CsTeamsHiddenTemplate -Id $template.Id } $SetParameters.HiddenTemplates = $hideTemplatesValues diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.psm1 index 401cf324d0..929262de24 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.psm1 @@ -207,13 +207,13 @@ function Set-TargetResource { $PSBoundParameters.Remove('OptimizeDeviceDialing') | Out-Null - Write-Verbose -Message "Parameter OptimizeDeviceDialing has been deprecated and must not be used, removing it from PSBoundParameters." + Write-Verbose -Message 'Parameter OptimizeDeviceDialing has been deprecated and must not be used, removing it from PSBoundParameters.' } if ($PSBoundParameters.ContainsKey('ExternalAccessPrefix')) { $PSBoundParameters.Remove('ExternalAccessPrefix') | Out-Null - Write-Verbose -Message "Parameter ExternalAccessPrefix has been deprecated and must not be used, removing it from PSBoundParameters." + Write-Verbose -Message 'Parameter ExternalAccessPrefix has been deprecated and must not be used, removing it from PSBoundParameters.' } if ($Ensure -eq 'Present' -and $CurrentValues.Ensure -eq 'Absent') @@ -399,13 +399,13 @@ function Test-TargetResource { $PSBoundParameters.Remove('OptimizeDeviceDialing') | Out-Null - Write-Verbose -Message "Parameter OptimizeDeviceDialing has been deprecated and must not be used, removing it from PSBoundParameters." + Write-Verbose -Message 'Parameter OptimizeDeviceDialing has been deprecated and must not be used, removing it from PSBoundParameters.' } if ($PSBoundParameters.ContainsKey('ExternalAccessPrefix')) { $PSBoundParameters.Remove('ExternalAccessPrefix') | Out-Null - Write-Verbose -Message "Parameter ExternalAccessPrefix has been deprecated and must not be used, removing it from PSBoundParameters." + Write-Verbose -Message 'Parameter ExternalAccessPrefix has been deprecated and must not be used, removing it from PSBoundParameters.' } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/MSFT_TeamsUpgradeConfiguration.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/MSFT_TeamsUpgradeConfiguration.psm1 index d1b3b66a5a..4219381e06 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/MSFT_TeamsUpgradeConfiguration.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/MSFT_TeamsUpgradeConfiguration.psm1 @@ -160,7 +160,7 @@ function Set-TargetResource $SetParameters.Remove('TenantId') | Out-Null $SetParameters.Remove('CertificateThumbprint') | Out-Null $SetParameters.Remove('ManagedIdentity') | Out-Null - $SetParameters.Add("Identity", "Global") + $SetParameters.Add('Identity', 'Global') $SetParameters.Remove('AccessTokens') | Out-Null Write-Verbose -Message "Updating with Values: $(Convert-M365DscHashtableToString -Hashtable $SetParameters)" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/MSFT_TeamsUpgradePolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/MSFT_TeamsUpgradePolicy.psm1 index 7bbc0ac35a..3788ba9b77 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/MSFT_TeamsUpgradePolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/MSFT_TeamsUpgradePolicy.psm1 @@ -166,8 +166,8 @@ function Set-TargetResource { Write-Verbose -Message "Granting TeamsUpgradePolicy {$Identity} to all Users with MigrateMeetingsToTeams=$MigrateMeetingsToTeams" Grant-CsTeamsUpgradePolicy -PolicyName $Identity ` - -MigrateMeetingsToTeams:$MigrateMeetingsToTeams ` - -Global + -MigrateMeetingsToTeams:$MigrateMeetingsToTeams ` + -Global } else { @@ -175,8 +175,8 @@ function Set-TargetResource { Write-Verbose -Message "Granting TeamsUpgradePolicy {$Identity} to User {$user} with MigrateMeetingsToTeams=$MigrateMeetingsToTeams" Grant-CsTeamsUpgradePolicy -PolicyName $Identity ` - -Identity $user ` - -MigrateMeetingsToTeams:$MigrateMeetingsToTeams + -Identity $user ` + -MigrateMeetingsToTeams:$MigrateMeetingsToTeams } } } @@ -243,7 +243,7 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters - $ValuesToCheck.Remove("Users") | Out-Null + $ValuesToCheck.Remove('Users') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/MSFT_TeamsUserPolicyAssignment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/MSFT_TeamsUserPolicyAssignment.psm1 index 76c6feb52f..649b7a09f1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/MSFT_TeamsUserPolicyAssignment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/MSFT_TeamsUserPolicyAssignment.psm1 @@ -144,133 +144,133 @@ function Get-TargetResource return $null } - $CallingLineIdentityValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'CallingLineIdentity'}).PolicyName + $CallingLineIdentityValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'CallingLineIdentity' }).PolicyName if ([System.String]::IsNullOrEmpty($CallingLineIdentityValue)) { $CallingLineIdentityValue = 'Global' } - $ExternalAccessPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'ExternalAccessPolicy'}).PolicyName + $ExternalAccessPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'ExternalAccessPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($ExternalAccessPolicyValue)) { $ExternalAccessPolicyValue = 'Global' } - $OnlineVoicemailPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'OnlineVoicemailPolicy'}).PolicyName + $OnlineVoicemailPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'OnlineVoicemailPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($OnlineVoicemailPolicyValue)) { $OnlineVoicemailPolicyValue = 'Global' } - $OnlineVoiceRoutingPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'OnlineVoiceRoutingPolicy'}).PolicyName + $OnlineVoiceRoutingPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'OnlineVoiceRoutingPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($OnlineVoiceRoutingPolicyValue)) { $OnlineVoiceRoutingPolicyValue = 'Global' } - $TeamsAppPermissionPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsAppPermissionPolicy'}).PolicyName + $TeamsAppPermissionPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsAppPermissionPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsAppPermissionPolicyValue)) { $TeamsAppPermissionPolicyValue = 'Global' } - $TeamsAppSetupPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsAppSetupPolicy'}).PolicyName + $TeamsAppSetupPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsAppSetupPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsAppSetupPolicyValue)) { $TeamsAppSetupPolicyValue = 'Global' } - $TeamsAudioConferencingPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsAudioConferencingPolicy'}).PolicyName + $TeamsAudioConferencingPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsAudioConferencingPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsAudioConferencingPolicyValue)) { $TeamsAudioConferencingPolicyValue = 'Global' } - $TeamsCallHoldPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsCallHoldPolicy'}).PolicyName + $TeamsCallHoldPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsCallHoldPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsCallHoldPolicyValue)) { $TeamsCallHoldPolicyValue = 'Global' } - $TeamsCallingPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsCallingPolicy'}).PolicyName + $TeamsCallingPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsCallingPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsCallingPolicyValue)) { $TeamsCallingPolicyValue = 'Global' } - $TeamsCallParkPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsCallParkPolicy'}).PolicyName + $TeamsCallParkPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsCallParkPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsCallParkPolicyValue)) { $TeamsCallParkPolicyValue = 'Global' } - $TeamsChannelsPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsChannelsPolicy'}).PolicyName + $TeamsChannelsPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsChannelsPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsChannelsPolicyValue)) { $TeamsChannelsPolicyValue = 'Global' } - $TeamsEmergencyCallingPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsEmergencyCallingPolicy'}).PolicyName + $TeamsEmergencyCallingPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsEmergencyCallingPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsEmergencyCallingPolicyValue)) { $TeamsEmergencyCallingPolicyValue = 'Global' } - $TeamsEmergencyCallRoutingPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsEmergencyCallRoutingPolicy'}).PolicyName + $TeamsEmergencyCallRoutingPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsEmergencyCallRoutingPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsEmergencyCallRoutingPolicyValue)) { $TeamsEmergencyCallRoutingPolicyValue = 'Global' } - $TeamsEnhancedEncryptionPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsEnhancedEncryptionPolicy'}).PolicyName + $TeamsEnhancedEncryptionPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsEnhancedEncryptionPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsEnhancedEncryptionPolicyValue)) { $TeamsEnhancedEncryptionPolicyValue = 'Global' } - $TeamsEventsPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsEventsPolicy'}).PolicyName + $TeamsEventsPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsEventsPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsEventsPolicyValue)) { $TeamsEventsPolicyValue = 'Global' } - $TeamsMeetingBroadcastPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsMeetingBroadcastPolicy'}).PolicyName + $TeamsMeetingBroadcastPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsMeetingBroadcastPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsMeetingBroadcastPolicyValue)) { $TeamsMeetingBroadcastPolicyValue = 'Global' } - $TeamsMeetingPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsMeetingPolicy'}).PolicyName + $TeamsMeetingPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsMeetingPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsMeetingPolicyValue)) { $TeamsMeetingPolicyValue = 'Global' } - $TeamsMessagingPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsMessagingPolicy'}).PolicyName + $TeamsMessagingPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsMessagingPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsMessagingPolicyValue)) { $TeamsMessagingPolicyValue = 'Global' } - $TeamsMobilityPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsMobilityPolicy'}).PolicyName + $TeamsMobilityPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsMobilityPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsMobilityPolicyValue)) { $TeamsMobilityPolicyValue = 'Global' } - $TeamsUpdateManagementPolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsUpdateManagementPolicy'}).PolicyName + $TeamsUpdateManagementPolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsUpdateManagementPolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsUpdateManagementPolicyValue)) { $TeamsUpdateManagementPolicyValue = 'Global' } - $TeamsUpgradePolicyValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TeamsUpgradePolicy'}).PolicyName + $TeamsUpgradePolicyValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TeamsUpgradePolicy' }).PolicyName if ([System.String]::IsNullOrEmpty($TeamsUpgradePolicyValue)) { $TeamsUpgradePolicyValue = 'Global' } - $TenantDialPlanValue = ($assignment | Where-Object -FilterScript {$_.PolicyType -eq 'TenantDialPlan'}).PolicyName + $TenantDialPlanValue = ($assignment | Where-Object -FilterScript { $_.PolicyType -eq 'TenantDialPlan' }).PolicyName if ([System.String]::IsNullOrEmpty($TenantDialPlanValue)) { $TenantDialPlanValue = 'Global'