Release 1.25.129.2

microsoft · Jan 29, 2025 · 69e38e9 · 69e38e9
1 parent 447773b
commit 69e38e9
Show file tree

Hide file tree

Showing 5 changed files with 66 additions and 33 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,14 @@
 # Change log for Microsoft365DSC
 
-# UNRELEASED
+# 1.25.129.2
+
+* M365DSCRuleEvaluation
+  * Only provide the ManagedIdentity parameter for resources which supports it.
+* SCDLPComplianceRule
+  * Added the comments property on creation.
+* SCPolicyConfig
+  * Changed parsing logic to account for $null or missing properties in the
+    API response.
 
 # 1.25.129.1
 

diff --git a/...s/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 b/...s/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1
@@ -173,7 +173,6 @@ function Test-TargetResource
             ApplicationId         = $PSBoundParameters.ApplicationId
             TenantId              = $PSBoundParameters.TenantId
             CertificateThumbprint = $PSBoundParameters.CertificateThumbprint
-            ManagedIdentity       = $PSBoundParameters.ManagedIdentity
         }
 
         if ($null -ne $PSBoundParameters.ApplicationSecret)
@@ -189,6 +188,20 @@ function Test-TargetResource
         Import-Module $module -Force -Function 'Export-TargetResource' | Out-Null
         $cmdName = "MSFT_$ResourceTypeName\Export-TargetResource"
 
+        # Ensure the referenced resource supports ManagedIdentity before adding the parameter.
+        try
+        {
+            $exportFunctionInfo = (Get-Command -Module "MSFT_$ResourceTypeName") | Where-Object -FilterScript {$_.Name -eq 'Export-TargetResource'}
+            if ($exportFunctionInfo.Parameters.Name -Contains 'ManagedIdentity')
+            {
+                $params.Add('ManagedIdentity', $PSBoundParameters.ManagedIdentity)
+            }
+        }
+        catch
+        {
+            Write-Verbose $_
+        }
+
         [Array]$instances = &$cmdName @params
 
         $DSCStringContent = @"

diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1
@@ -923,13 +923,8 @@ function Set-TargetResource
         $CreationParams.Remove('ApplicationSecret') | Out-Null
         $CreationParams.Remove('AccessTokens') | Out-Null
 
-        $NewruleParam = @{
-            Name         = $CreationParams.Name
-            Policy       = $CreationParams.Policy
-            AdvancedRule = $CreationParams.AdvancedRule
-        }
         Write-Verbose -Message "Calling New-DLPComplianceRule with Values: $(Convert-M365DscHashtableToString -Hashtable $CreationParams)"
-        New-DLPComplianceRule @NewruleParam
+        New-DLPComplianceRule @CreationParams
     }
     elseif (('Present' -eq $Ensure) -and ('Present' -eq $CurrentRule.Ensure))
     {
@@ -1390,7 +1385,6 @@ function Test-TargetResource
     $ValuesToCheck.Remove('ContentContainsSensitiveInformation') | Out-Null
     $ValuesToCheck.Remove('ExceptIfContentContainsSensitiveInformation') | Out-Null
 
-
     $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues `
         -Source $($MyInvocation.MyCommand.Source) `
         -DesiredValues $PSBoundParameters `

diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCPolicyConfig/MSFT_SCPolicyConfig.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCPolicyConfig/MSFT_SCPolicyConfig.psm1
@@ -177,10 +177,16 @@ function Get-TargetResource
         $DlpNetworkShareGroupsObject = ConvertFrom-Json $instance.DlpNetworkShareGroups
 
         # AdvancedClassificationEnabled
-        $AdvancedClassificationEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'AdvancedClassificationEnabled' }).Value
+        $AdvancedClassificationEnabledValue = [Boolean]::Parse(($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'AdvancedClassificationEnabled' }).Value)
 
         # BandwidthLimitEnabled
-        $BandwidthLimitEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'BandwidthLimitEnabledValue' }).Value
+        $toBeParsed = ($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'BandwidthLimitEnabled' }).Value
+        $parsedValue = $null
+        if ($null -ne $toBeParsed)
+        {
+            $parsedValue = [Boolean]::Parse($toBeParsed)
+        }
+        $BandwidthLimitEnabledValue = $parsedValue
 
         # DailyBandwidthLimitInMB
         $DailyBandwidthLimitInMBValue = [UInt32]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'DailyBandwidthLimitInMB' }).Value
@@ -192,7 +198,7 @@ function Get-TargetResource
         $MacPathExclusionValue = [Array]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'MacPathExclusion' }).Value
 
         # MacDefaultPathExclusionsEnabled
-        $MacDefaultPathExclusionsEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'MacDefaultPathExclusionsEnabled' }).Value
+        $MacDefaultPathExclusionsEnabledValue = [Boolean]::Parse(($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'MacDefaultPathExclusionsEnabled' }).Value)
 
         #EvidenceStoreSettings
         $entry = $EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'EvidenceStoreSettings' }
@@ -208,7 +214,7 @@ function Get-TargetResource
         }
 
         # NetworkPathEnforcementEnabled
-        $NetworkPathEnforcementEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'NetworkPathEnforcementEnabled' }).Value
+        $NetworkPathEnforcementEnabledValue = [Boolean]::Parse(($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'NetworkPathEnforcementEnabled' }).Value)
 
         # NetworkPathExclusion
         $NetworkPathExclusionValue = ($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'NetworkPathExclusion' }).Value
@@ -229,7 +235,7 @@ function Get-TargetResource
                 $app = @{
                     ExecutableName = $appEntry.ExecutableName
                     Name           = $appEntry.Name
-                    Quarantine     = [Boolean]$appEntry.Quarantine
+                    Quarantine     = [Boolean]::Parse($appEntry.Quarantine)
                 }
                 $entry.Apps += $app
             }
@@ -261,7 +267,13 @@ function Get-TargetResource
         }
 
         # IncludePredefinedUnallowedBluetoothApps
-        $IncludePredefinedUnallowedBluetoothAppsValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'IncludePredefinedUnallowedBluetoothApps' }).Value
+        $toBeParsed = ($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'IncludePredefinedUnallowedBluetoothApps' }).Value
+        $parsedValue = $null
+        if ($null -ne $toBeParsed)
+        {
+            $parsedValue = [Boolean]::Parse($toBeParsed)
+        }
+        $IncludePredefinedUnallowedBluetoothAppsValue = $parsedValue
 
         # UnallowedBluetoothApp
         $entries = [Array]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'UnallowedBluetoothApp' })
@@ -340,10 +352,10 @@ function Get-TargetResource
             }
 
             # serverDlpEnabled
-            $serverDlpEnabledValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'serverDlpEnabled' }).Value
+            $serverDlpEnabledValue = [Boolean]::Parse(($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'serverDlpEnabled' }).Value)
 
             # AuditFileActivity
-            $AuditFileActivityValue = [Boolean]($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'AuditFileActivity' }).Value
+            $AuditFileActivityValue = [Boolean]::Parse(($EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'AuditFileActivity' }).Value)
 
             # VPNSettings
             $entity = $EndpointDlpGlobalSettingsValue | Where-Object { $_.Setting -eq 'VPNSettings' }
@@ -842,7 +854,7 @@ function Set-TargetResource
         }
     }
 
-    if ($null -ne $CloudAppMode)
+    if (-not [System.String]::IsNullOrEmpty($CloudAppMode))
     {
         $EndpointDlpGlobalSettingsValue += @{
             Setting = 'CloudAppMode'
@@ -1006,9 +1018,13 @@ function Set-TargetResource
         DlpAppGroups              = $DLPAppGroupsValue
         DlpPrinterGroups          = ConvertTo-Json $DlpPrinterGroupsValue -Depth 10 -Compress
         DLPRemovableMediaGroups   = ConvertTo-Json $DLPRemovableMediaGroupsValue -Depth 10 -Compress
-        EnableSpoAipMigration     = $EnableSpoAipMigration
         EndpointDlpGlobalSettings = $EndpointDlpGlobalSettingsValue
     }
+    $CurrentPolicyConfig = Get-TargetResource @PSBoundParameters
+    if ($EnableSpoAipMigration -ne $CurrentPolicyConfig.EnableSpoAipMigration)
+    {
+        $params.Add("EnableSpoAipMigration", $EnableSpoAipMigration)
+    }
     Write-Verbose -Message "Updating policy config with values:`r`n$(Convert-M365DscHashtableToString -Hashtable $params)"
     Set-PolicyConfig @params
 }
@@ -1185,6 +1201,7 @@ function Test-TargetResource
 
     #Compare Cim instances
     $testResult = $true
+    $testTargetResource = $true
     foreach ($key in $PSBoundParameters.Keys)
     {
         $source = $PSBoundParameters.$key
@@ -1197,6 +1214,7 @@ function Test-TargetResource
 
             if (-not $testResult)
             {
+                $testTargetResource = $false
                 break
             }
 
@@ -1209,9 +1227,12 @@ function Test-TargetResource
         -DesiredValues $PSBoundParameters `
         -ValuesToCheck $ValuesToCheck.Keys
 
-    Write-Verbose -Message "Test-TargetResource returned $testResult"
-
-    return $testResult
+    if (-not $testResult)
+    {
+        $testTargetResource = $false
+    }
+    Write-Verbose -Message "Test-TargetResource returned $testTargetResource"
+    return $testTargetResource
 }
 
 function Export-TargetResource

diff --git a/Modules/Microsoft365DSC/Microsoft365DSC.psd1 b/Modules/Microsoft365DSC/Microsoft365DSC.psd1
@@ -11,7 +11,7 @@
   # RootModule = ''
 
   # Version number of this module.
-  ModuleVersion     = '1.25.129.1'
+  ModuleVersion     = '1.25.129.2'
 
   # Supported PSEditions
   # CompatiblePSEditions = @()
@@ -147,16 +147,13 @@
       IconUri      = 'https://github.com/microsoft/Microsoft365DSC/blob/Dev/Modules/Microsoft365DSC/Dependencies/Images/Logo.png?raw=true'
 
       # ReleaseNotes of this module
-      ReleaseNotes = '* AADRoleEligibilityScheduleRequest
-  * Changed the mapping logic to find Id of a custom role.
-* AADServicePrincipal
-  * Fixes a regression issue when trying to export instances, the authentication
-    parameters were no longer returned by the Get-TargetResource function.
-* IntuneDeviceConfigurationPolicyiOS
-  * Fixes [#5594] https://github.com/microsoft/Microsoft365DSC/issues/5594
-* MISC
-  * AAD Workload
-    * Improved performance of various resources during export.'
+      ReleaseNotes = '* M365DSCRuleEvaluation
+  * Only provide the ManagedIdentity parameter for resources which supports it.
+* SCDLPComplianceRule
+  * Added the comments property on creation.
+* SCPolicyConfig
+  * Changed parsing logic to account for $null or missing properties in the
+    API response.'
 
       # Flag to indicate whether the module requires explicit user acceptance for install/update
       # RequireLicenseAcceptance = $false