Skip to content

Commit

Permalink
Merge branch 'Dev' into fix/graph-limited-requests
Browse files Browse the repository at this point in the history
  • Loading branch information
FabienTschanz authored Nov 27, 2024
2 parents b34833c + adabd5f commit 7efc31b
Show file tree
Hide file tree
Showing 29 changed files with 1,862 additions and 305 deletions.
8 changes: 8 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -24,11 +24,19 @@
* Fixes an issue where assignment wasn't properly set if the
groupId was null.
FIXES [#5430](https://github.com/microsoft/Microsoft365DSC/issues/5430)
* IntuneRoleAssignment
* Improve verbose output and fix copy-pasted variables.
* IntuneRoleScopeTag
* Initial release.
* TeamsUserPolicyAssignment
* Added support for the Global policies.
* TeamsUpgradePolicy
* DEPRECATED: Users properties. Use the TeamsUserPolicyAssignment resource
instead.
* M365DSCUtil
* When exporting generate the instance names of resources with their mandatory
keys instead of random GUIDs , this makes exports idempotent again
FIXES [#5469](https://github.com/microsoft/Microsoft365DSC/issues/5469)
* MISC
* Removed hardcoded Graph urls and replaced by MSCloudLoginAssistant values.
* Add separate module handling for PowerShell Core.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -689,7 +689,7 @@ function Set-TargetResource
{
Write-Verbose -Message "Adding new owner {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}"
$ownerObject = @{
'@odata.id' = $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "v1.0/directoryObjects/{$($directoryObject.Id)}"
'@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/directoryObjects/{$($directoryObject.Id)}"
}
try
{
Expand Down Expand Up @@ -751,15 +751,15 @@ function Set-TargetResource
{
Write-Verbose -Message "Adding new member {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}"
$memberObject = @{
'@odata.id' = $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "v1.0/directoryObjects/{$($directoryObject.Id)}"
'@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/directoryObjects/{$($directoryObject.Id)}"
}
New-MgGroupMemberByRef -GroupId ($currentGroup.Id) -BodyParameter $memberObject | Out-Null
}
elseif ($diff.SideIndicator -eq '<=')
{
Write-Verbose -Message "Removing new member {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}"
$memberObject = @{
'@odata.id' = $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "v1.0/directoryObjects/{$($directoryObject.Id)}"
'@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/directoryObjects/{$($directoryObject.Id)}"
}
Remove-MgGroupMemberDirectoryObjectByRef -GroupId ($currentGroup.Id) -DirectoryObjectId ($directoryObject.Id) | Out-Null
}
Expand Down Expand Up @@ -809,7 +809,7 @@ function Set-TargetResource
{
Write-Verbose -Message "Adding AAD group {$($groupAsMember.DisplayName)} as member of AAD group {$($currentGroup.DisplayName)}"
$groupAsMemberObject = @{
"@odata.id"= $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "v1.0/directoryObjects/$($groupAsMember.Id)"
"@odata.id"= $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/directoryObjects/$($groupAsMember.Id)"
}
New-MgBetaGroupMemberByRef -GroupId ($currentGroup.Id) -Body $groupAsMemberObject | Out-Null
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -269,7 +269,7 @@ function Set-TargetResource
foreach ($provider in $IdentityProviders)
{
$params = @{
"@odata.id" = $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "beta/identityProviders/$($provider)"
"@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identityProviders/$($provider)"
}

Write-Verbose -Message "Adding the Identity Provider with Id {$provider} to the newly created Azure AD Identity B2X User Flow with Id {$($newObj.Id)}"
Expand Down Expand Up @@ -318,7 +318,7 @@ function Set-TargetResource
{
$getConnector = Get-MgBetaIdentityApiConnector -Filter "DisplayName eq '$($ApiConnectorConfiguration.postFederationSignupConnectorName)'"
$params = @{
"@odata.id" = $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "beta/identity/apiConnectors/$($getConnector.Id)"
"@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identity/apiConnectors/$($getConnector.Id)"
}

Write-Verbose -Message "Updating the Post Federation Signup connector for Azure AD Identity B2X User Flow with Id {$($currentInstance.Id)}"
Expand All @@ -330,7 +330,7 @@ function Set-TargetResource
{
$getConnector = Get-MgBetaIdentityApiConnector -Filter "DisplayName eq '$($ApiConnectorConfiguration.postAttributeCollectionConnectorName)'"
$params = @{
"@odata.id" = $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "beta/identity/apiConnectors/$($getConnector.Id)"
"@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identity/apiConnectors/$($getConnector.Id)"
}

Write-Verbose -Message "Updating the Post Attribute Collection connector for Azure AD Identity B2X User Flow with Id {$($currentInstance.Id)}"
Expand All @@ -344,7 +344,7 @@ function Set-TargetResource
foreach ($provider in $providersToAdd)
{
$params = @{
"@odata.id" = $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "beta/identityProviders/$($provider)"
"@odata.id" = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/identityProviders/$($provider)"
}

Write-Verbose -Message "Adding the Identity Provider with Id {$provider} to the Azure AD Identity B2X User Flow with Id {$($currentInstance.Id)}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -262,15 +262,15 @@ function Set-TargetResource
"@context" = '#$delta'
value = @(@{})
}
Invoke-MgGraphRequest -Uri "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/networkAccess/connectivity/remoteNetworks/$($currentInstance.Id)/forwardingProfiles" -Method Patch -Body $params
Invoke-MgGraphRequest -Uri "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/networkAccess/connectivity/remoteNetworks/$($currentInstance.Id)/forwardingProfiles" -Method Patch -Body $params

#adding forwarding profiles if required
if ($forwardingProfilesList.Count -gt 0) {
$params = @{
"@context" = '#$delta'
value = $forwardingProfilesList
}
Invoke-MgGraphRequest -Uri "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/networkAccess/connectivity/remoteNetworks/$($currentInstance.Id)/forwardingProfiles" -Method Patch -Body $params
Invoke-MgGraphRequest -Uri "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/networkAccess/connectivity/remoteNetworks/$($currentInstance.Id)/forwardingProfiles" -Method Patch -Body $params
}
}
elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present')
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -424,15 +424,15 @@ function Set-TargetResource
{
$value = $presentationValue.clone()
$value = Rename-M365DSCCimInstanceParameter -Properties $value -KeyMapping $keyToRename
$value.add('[email protected]', $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')/presentations('$($presentationValue.presentationDefinitionId)')")
$value.add('[email protected]', $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')/presentations('$($presentationValue.presentationDefinitionId)')")
$value.remove('PresentationDefinitionId')
$value.remove('PresentationDefinitionLabel')
$value.remove('id')
$complexPresentationValues += $value
}
}
$complexDefinitionValue = @{
'[email protected]' = $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')"
'[email protected]' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')"
enabled = $definitionValue.Enabled
presentationValues = $complexPresentationValues
}
Expand Down Expand Up @@ -520,15 +520,15 @@ function Set-TargetResource
{
$value = $presentationValue.clone()
$value = Rename-M365DSCCimInstanceParameter -Properties $value -KeyMapping $keyToRename
$value.add('[email protected]', "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')/presentations('$($presentationValue.presentationDefinitionId)')")
$value.add('[email protected]', "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')/presentations('$($presentationValue.presentationDefinitionId)')")
$value.remove('PresentationDefinitionId')
$value.remove('PresentationDefinitionLabel')
$value.remove('id')
$complexPresentationValues += $value
}
}
$complexDefinitionValue = @{
'[email protected]' = $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')"
'[email protected]' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')"
enabled = $definitionValue.Enabled
presentationValues = $complexPresentationValues
}
Expand All @@ -554,7 +554,7 @@ function Set-TargetResource
$currentPresentationValue = $currentDefinitionValue.PresentationValues | Where-Object { $_.PresentationDefinitionId -eq $presentationValue.presentationDefinitionId }
$value = $presentationValue.clone()
$value = Rename-M365DSCCimInstanceParameter -Properties $value -KeyMapping $keyToRename
$value.add('[email protected]', "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')/presentations('$($presentationValue.presentationDefinitionId)')")
$value.add('[email protected]', "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')/presentations('$($presentationValue.presentationDefinitionId)')")
$value.remove('PresentationDefinitionId')
$value.remove('PresentationDefinitionLabel')
$value.remove('id')
Expand All @@ -564,7 +564,7 @@ function Set-TargetResource
}
$complexDefinitionValue = @{
id = $currentDefinitionValue.Id
'[email protected]' = $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')"
'[email protected]' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/groupPolicyDefinitions('$($definitionValue.Definition.Id)')"
enabled = $definitionValue.Enabled
presentationValues = $complexPresentationValues
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -522,7 +522,7 @@ function Set-TargetResource
}

#region resource generator code
$CreateParameters.Add("[email protected]", "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$RootCertificateId')")
$CreateParameters.Add("[email protected]", "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$RootCertificateId')")
$CreateParameters.Add("@odata.type", "#microsoft.graph.windows81SCEPCertificateProfile")
$policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters
$assignmentsHash = ConvertTo-IntunePolicyAssignment -IncludeDeviceFilter:$true -Assignments $Assignments
Expand Down Expand Up @@ -1034,7 +1034,7 @@ function Update-DeviceConfigurationPolicyRootCertificateId

$Uri = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/deviceConfigurations('$DeviceConfigurationPolicyId')/microsoft.graph.windows81SCEPCertificateProfile/rootCertificate/`$ref"
$ref = @{
'@odata.id' = $Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/deviceConfigurations('$RootCertificateId')"
'@odata.id' = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/deviceManagement/deviceConfigurations('$RootCertificateId')"
}

Invoke-MgGraphRequest -Method PUT -Uri $Uri -Body ($ref|ConvertTo-Json) -ErrorAction Stop
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -564,7 +564,7 @@ function Set-TargetResource
-CertificateId $RootCertificatesForServerValidationIds[$i] `
-CertificateDisplayName $RootCertificatesForServerValidationDisplayNames[$i] `
-OdataTypes @('#microsoft.graph.windows81TrustedRootCertificate')
$rootCertificatesForServerValidation += "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')"
$rootCertificatesForServerValidation += "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')"
}
$CreateParameters.Add('[email protected]', $rootCertificatesForServerValidation)
}
Expand All @@ -579,7 +579,7 @@ function Set-TargetResource
'#microsoft.graph.windows81TrustedRootCertificate', `
'#microsoft.graph.windows10PkcsCertificateProfile' `
)
$ref = "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')"
$ref = "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')"
$CreateParameters.Add('[email protected]', $ref)
}

Expand All @@ -593,7 +593,7 @@ function Set-TargetResource
'#microsoft.graph.windows81TrustedRootCertificate', `
'#microsoft.graph.windows10PkcsCertificateProfile' `
)
$ref = "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')"
$ref = "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')"
$CreateParameters.Add('[email protected]', $ref)
}

Expand All @@ -603,7 +603,7 @@ function Set-TargetResource
-CertificateId $RootCertificateForClientValidationId `
-CertificateDisplayName $RootCertificateForClientValidationDisplayName `
-OdataTypes @('#microsoft.graph.windows81TrustedRootCertificate')
$ref = "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')"
$ref = "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')"
$CreateParameters.Add('[email protected]', $ref)
}

Expand All @@ -613,7 +613,7 @@ function Set-TargetResource
-CertificateId $SecondaryRootCertificateForClientValidationId `
-CertificateDisplayName $SecondaryRootCertificateForClientValidationDisplayName `
-OdataTypes @('#microsoft.graph.windows81TrustedRootCertificate')
$ref = "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')"
$ref = "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$checkedCertId')"
$CreateParameters.Add('[email protected]', $ref)
}

Expand Down Expand Up @@ -1242,7 +1242,7 @@ function Update-DeviceConfigurationPolicyCertificateId
foreach ($certificateId in $CertificateIds)
{
$ref = @{
'@odata.id' = "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$certificateId')"
'@odata.id' = "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceManagement/deviceConfigurations('$certificateId')"
}

Invoke-MgGraphRequest -Method $method -Uri $Uri -Body ($ref | ConvertTo-Json) -ErrorAction Stop 4>$null
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -451,8 +451,8 @@ function Set-TargetResource
throw "Mobile App Category with DisplayName $($category.DisplayName) not found."
}

Invoke-MgGraphRequest -Uri "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceAppManagement/mobileApps/$($app.Id)/categories/`$ref" -Method 'POST' -Body @{
'@odata.id' = "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceAppManagement/mobileAppCategories/$($currentCategory.Id)"
Invoke-MgGraphRequest -Uri "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceAppManagement/mobileApps/$($app.Id)/categories/`$ref" -Method 'POST' -Body @{
'@odata.id' = "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceAppManagement/mobileAppCategories/$($currentCategory.Id)"
}
}

Expand Down Expand Up @@ -508,7 +508,7 @@ function Set-TargetResource
}

Invoke-MgGraphRequest -Uri "/beta/deviceAppManagement/mobileApps/$($currentInstance.Id)/categories/`$ref" -Method 'POST' -Body @{
'@odata.id' = "$($Global:MSCloudLoginAssistant.MicrosoftGraph.ResourceUrl)beta/deviceAppManagement/mobileAppCategories/$($currentCategory.Id)"
'@odata.id' = "$($Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl)beta/deviceAppManagement/mobileAppCategories/$($currentCategory.Id)"
}
}
else
Expand Down
Loading

0 comments on commit 7efc31b

Please sign in to comment.