diff --git a/CHANGELOG.md b/CHANGELOG.md index 4b3a79deed..eaa821df72 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,26 @@ # Change log for Microsoft365DSC +# 1.23.1011.1 + +* AADRoleEligibilityScheduleRequest + * Added support for groups assignment. + FIXES [#3744](https://github.com/microsoft/Microsoft365DSC/issues/3744) +* EXOCalendarProcessing + * Added support for retrieved groups as calendar delegates. +* EXODistributionGroup + * Fixes the export of group membership to use Identity. +* TeamsUpdateManagementPolicy + * Add support for the new acceptable value for UseNewTeamsClient + (NewTeamsAsDefault). +* MISC + * M365DSCReport: Also define property dataType, if present, as being primary + key on CIM instances. +* TeamsUpgradeConfiguration + * Fixes an issue where the SfBMeetingJoinUx property wasn't properly updated. +* DEPENDENCIES + * Updated ExchangeOnlineManagement to version 3.4.0. + * Updated Microsoft.Graph dependencies to version 2.7.0. + # 1.23.1004.1 * AADEntitlementManagementAccessPackageAssignmentPolicy diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 index 06c671a95c..873eddbbce 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 @@ -12,6 +12,11 @@ [System.String] $RoleDefinition, + [Parameter()] + [ValidateSet('User', 'Group')] + [System.String] + $PrincipalType = 'User', + [Parameter()] [System.String] $Id, @@ -120,7 +125,25 @@ if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { Write-Verbose -Message "Getting Role Eligibility by PrincipalId and RoleDefinitionId" - $PrincipalId = (Get-MgUser -Filter "UserPrincipalName eq '$Principal'").Id + if ($PrincipalType -eq 'User') + { + $PrincipalIdValue = Get-MgUser -Filter "UserPrincipalName eq '$Principal'" -ErrorAction SilentlyContinue + $PrincipalTypeValue = 'User' + } + if ($null -eq $PrincipalIdValue -or $PrincipalType -eq 'Group') + { + $PrincipalIdValue = Get-MgGroup -Filter "DisplayName eq '$Principal'" -ErrorAction SilentlyContinue + $PrincipalTypeValue = 'Group' + } + + if ($null -ne $PrincipalIdValue) + { + $PrincipalId = $PrincipalIdValue.Id + } + else + { + return $nullResult + } Write-Verbose -Message "Found Principal {$PrincipalId}" $RoleDefinitionId = (Get-MgBetaRoleManagementDirectoryRoleDefinition -Filter "DisplayName eq '$RoleDefinition'").Id $request = $Script:exportedInstances | Where-Object -FilterScript {$_.PrincipalId -eq $PrincipalId -and $_.RoleDefinitionId -eq $RoleDefinition} @@ -128,7 +151,28 @@ else { Write-Verbose -Message "Getting Role Eligibility by PrincipalId and RoleDefinitionId" - $PrincipalId = (Get-MgUser -Filter "UserPrincipalName eq '$Principal'").Id + if ($PrincipalType -eq 'User') + { + Write-Verbose -Message "Retrieving principal {$Principal} of type {$PrincipalType}" + $PrincipalIdValue = Get-MgUser -Filter "UserPrincipalName eq '$Principal'" -ErrorAction SilentlyContinue + $PrincipalTypeValue = 'User' + } + + if ($null -eq $PrincipalIdValue -or $PrincipalType -eq 'Group') + { + Write-Verbose -Message "Retrieving principal {$Principal} of type {$PrincipalType}" + $PrincipalIdValue = Get-MgGroup -Filter "DisplayName eq '$Principal'" -ErrorAction SilentlyContinue + $PrincipalTypeValue = 'Group' + } + + if ($null -ne $PrincipalIdValue) + { + $PrincipalId = $PrincipalIdValue.Id + } + else + { + return $nullResult + } Write-Verbose -Message "Found Principal {$PrincipalId}" $RoleDefinitionId = (Get-MgBetaRoleManagementDirectoryRoleDefinition -Filter "DisplayName eq '$RoleDefinition'").Id Write-Verbose -Message "Found Role {$RoleDefinitionId}" @@ -142,7 +186,21 @@ } Write-Verbose -Message "Found existing AADRolelLigibilityScheduleRequest" - $PrincipalValue = Get-MgUser -UserId $request.PrincipalId + if ($PrincipalType -eq 'User') + { + $PrincipalInstance = Get-MgUser -UserId $request.PrincipalId -ErrorAction SilentlyContinue + $PrincipalTypeValue = 'User' + } + if ($null -eq $PrincipalInstance -or $PrincipalType -eq 'Group') + { + $PrincipalInstance = Get-MGGroup -GroupId $request.PrincipalId -ErrorAction SilentlyContinue + $PrincipalTypeValue = 'Group' + } + + if ($null -eq $PrincipalInstance) + { + return $nullResult + } $RoleDefinitionValue = Get-MgBetaRoleManagementDirectoryRoleDefinition -UnifiedRoleDefinitionId $request.RoleDefinitionId $ScheduleInfoValue = @{} @@ -195,8 +253,19 @@ } } + $PrincipalValue = $null + if ($PrincipalTypeValue -eq 'User') + { + $PrincipalValue = $PrincipalInstance.UserPrincipalName + } + elseif ($PrincipalTypeValue -eq 'Group') + { + $PrincipalValue = $PrincipalInstance.DisplayName + } + $results = @{ - Principal = $PrincipalValue.UserPrincipalName + Principal = $PrincipalValue + PrincipalType = $PrincipalTypeValue RoleDefinition = $RoleDefinitionValue.DisplayName DirectoryScopeId = $request.DirectoryScopeId AppScopeId = $request.AppScopeId @@ -242,6 +311,11 @@ function Set-TargetResource [System.String] $RoleDefinition, + [Parameter()] + [ValidateSet('User', 'Group')] + [System.String] + $PrincipalType = 'User', + [Parameter()] [System.String] $Id, @@ -339,8 +413,24 @@ function Set-TargetResource $ParametersOps = ([Hashtable]$PSBoundParameters).clone() - $PrincipalIdValue = (Get-MgUser -Filter "UserPrincipalName eq '$Principal'").Id - $ParametersOps.Add("PrincipalId", $PrincipalIdValue) + if ($PrincipalType -eq 'User') + { + [Array]$PrincipalIdValue = (Get-MgUser -Filter "UserPrincipalName eq '$Principal'").Id + } + elseif ($PrincipalType -eq 'Group') + { + [Array]$PrincipalIdValue = (Get-MgGroup -Filter "DisplayName eq '$Principal'").Id + } + + if ($null -eq $PrincipalIdValue) + { + throw "Couldn't find Principal {$PrincipalId} of type {$PrincipalType}" + } + elseif ($PrincipalIdValue.Length -gt 1) + { + throw "Multiple Principal with ID {$PrincipalId} of type {$PrincipalType} were found. Cannot create schedule." + } + $ParametersOps.Add("PrincipalId", $PrincipalIdValue[0]) $ParametersOps.Remove("Principal") | Out-Null $RoleDefinitionIdValue = (Get-MgBetaRoleManagementDirectoryRoleDefinition -Filter "DisplayName eq '$RoleDefinition'").Id @@ -408,24 +498,24 @@ function Set-TargetResource Write-Verbose -Message "ScheduleInfo: $(Convert-M365DscHashtableToString -Hashtable $ScheduleInfoValue)" $ParametersOps.ScheduleInfo = $ScheduleInfoValue } - + $ParametersOps.Remove("PrincipalType") | Out-Null if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { - Write-Verbose -Message "Creating an Azure AD Role Eligibility Schedule Request for user {$Principal} and role {$RoleDefinition}" + Write-Verbose -Message "Creating a Role Eligibility Schedule Request for user {$Principal} and role {$RoleDefinition}" $ParametersOps.Remove("Id") | Out-Null - + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $ParametersOps)" New-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest @ParametersOps } elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { - Write-Verbose -Message "Updating the Azure AD Role Eligibility Schedule Request for user {$Principal} and role {$RoleDefinition}" + Write-Verbose -Message "Updating the Role Eligibility Schedule Request for user {$Principal} and role {$RoleDefinition}" $ParametersOps.Remove("Id") | Out-Null $ParametersOps.Action = 'AdminUpdate' New-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest @ParametersOps } elseif ($Ensure -eq 'Absent' -and $currentInstance.Ensure -eq 'Present') { - Write-Verbose -Message "Removing the Azure AD Role Eligibility Schedule Request for user {$Principal} and role {$RoleDefinition}" + Write-Verbose -Message "Removing the Role Eligibility Schedule Request for user {$Principal} and role {$RoleDefinition}" $ParametersOps.Remove("Id") | Out-Null $ParametersOps.Action = 'AdminRemove' New-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest @ParametersOps @@ -446,6 +536,11 @@ function Test-TargetResource [System.String] $RoleDefinition, + [Parameter()] + [ValidateSet('User', 'Group')] + [System.String] + $PrincipalType = 'User', + [Parameter()] [System.String] $Id, @@ -632,8 +727,14 @@ function Export-TargetResource { $Script:ExportMode = $true #region resource generator code - [array] $Script:exportedInstances = Get-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest -All ` - -Filter "Status ne 'Revoked'" -ErrorAction Stop + $schedules = Get-MgBetaRoleManagementDirectoryRoleEligibilitySchedule -All -ErrorAction Stop + [array] $Script:exportedInstances = @() + foreach ($schedule in $schedules) + { + [array] $allRequests = Get-MgBetaRoleManagementDirectoryRoleEligibilityScheduleRequest -All ` + -Filter "Status ne 'Revoked'" -ErrorAction Stop + [array] $Script:exportedInstances += $allRequests | Where-Object -FilterScript {$_.TargetScheduleId -eq $schedule.Id} + } #endregion $i = 1 diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.schema.mof index 5c235fe044..be1c792e30 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.schema.mof @@ -55,6 +55,7 @@ class MSFT_AADRoleEligibilityScheduleRequest : OMI_BaseResource { [Key, Description("User Principal Name of the eligibility request.")] String Principal; [Key, Description("Role associated with the eligibility request.")] String RoleDefinition; + [Write, Description("Represented the type of principal to assign the request to. Accepted values are: Group and User."), ValueMap{"Group","User"}, Values{"Group","User"}] String PrincipalType; [Write, Description("Identifier of the directory object representing the scope of the role eligibility. The scope of an role eligibility determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. Use / for tenant-wide scope. Use appScopeId to limit the scope to an application only. Either directoryScopeId or appScopeId is required.")] String DirectoryScopeId; [Write, Description("Identifier for the Role Eligibility Schedule Request.")] String Id; [Write, Description("Identifier of the app-specific scope when the role eligibility is scoped to an app. The scope of a role eligibility determines the set of resources for which the principal is eligible to access. App scopes are scopes that are defined and understood by this application only. Use / for tenant-wide app scopes. Use directoryScopeId to limit the scope to particular directory objects, for example, administrative units. Either directoryScopeId or appScopeId is required.")] String AppScopeId; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/MSFT_EXOCalendarProcessing.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/MSFT_EXOCalendarProcessing.psm1 index 42d22ac99c..027f3b7ade 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/MSFT_EXOCalendarProcessing.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOCalendarProcessing/MSFT_EXOCalendarProcessing.psm1 @@ -260,8 +260,8 @@ function Get-TargetResource { foreach ($user in $calendarProc.ResourceDelegates) { - $userInfo = Get-User -Identity $user - $ResourceDelegatesValue += $userInfo.UserPrincipalName + $userInfo = Get-Recipient -Identity $user + $ResourceDelegatesValue += $userInfo.PrimarySmtpAddress } } @@ -868,7 +868,7 @@ function Export-TargetResource try { - $mailboxes = Get-Mailbox -ErrorAction Stop + $mailboxes = Get-Mailbox -ResultSize 'Unlimited' -ErrorAction Stop if ($null -eq $mailboxes) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXODistributionGroup/MSFT_EXODistributionGroup.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXODistributionGroup/MSFT_EXODistributionGroup.psm1 index f2e63cf85c..a47761f8b7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXODistributionGroup/MSFT_EXODistributionGroup.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXODistributionGroup/MSFT_EXODistributionGroup.psm1 @@ -248,7 +248,7 @@ function Get-TargetResource if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { $distributionGroup = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity} - $distributionGroupMembers = Get-DistributionGroupMember $Name -ErrorAction Stop -ResultSize Unlimited + $distributionGroupMembers = Get-DistributionGroupMember -Identity $Identity -ErrorAction Stop -ResultSize Unlimited } else { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAutoReplyConfiguration/MSFT_EXOMailboxAutoReplyConfiguration.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAutoReplyConfiguration/MSFT_EXOMailboxAutoReplyConfiguration.psm1 index 8ae5646dad..b46168f28c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAutoReplyConfiguration/MSFT_EXOMailboxAutoReplyConfiguration.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxAutoReplyConfiguration/MSFT_EXOMailboxAutoReplyConfiguration.psm1 @@ -484,7 +484,7 @@ function Export-TargetResource try { - $mailboxes = Get-Mailbox + $mailboxes = Get-Mailbox -ResultSize 'Unlimited' $dscContent = '' $i = 1 diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/MSFT_EXOMailboxCalendarFolder.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/MSFT_EXOMailboxCalendarFolder.psm1 index 7cf9cd76f7..f95da5fd4e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/MSFT_EXOMailboxCalendarFolder.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxCalendarFolder/MSFT_EXOMailboxCalendarFolder.psm1 @@ -404,7 +404,7 @@ function Export-TargetResource try { - $mailboxes = Get-Mailbox -ErrorAction Stop + $mailboxes = Get-Mailbox -ResultSize 'Unlimited' -ErrorAction Stop if ($null -eq $mailboxes) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxPermission/MSFT_EXOMailboxPermission.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxPermission/MSFT_EXOMailboxPermission.psm1 index 509e61e32c..7b145cd1c5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxPermission/MSFT_EXOMailboxPermission.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailboxPermission/MSFT_EXOMailboxPermission.psm1 @@ -400,7 +400,7 @@ function Export-TargetResource try { - [array]$mailboxes = Get-Mailbox -ErrorAction Stop + [array]$mailboxes = Get-Mailbox -ResultSize 'Unlimited' -ErrorAction Stop if ($mailboxes.Length -eq 0) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPlace/MSFT_EXOPlace.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPlace/MSFT_EXOPlace.psm1 index 93d282d5fd..e6524aa7b6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPlace/MSFT_EXOPlace.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOPlace/MSFT_EXOPlace.psm1 @@ -586,7 +586,7 @@ function Export-TargetResource #endregion try { - [array]$places = Get-Place -ErrorAction Stop + [array]$places = Get-Place -ResultSize 'Unlimited' -ErrorAction Stop $dscContent = '' if ($places.Length -eq 0) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.psm1 index b56edd8882..eb6d4351d5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.psm1 @@ -39,7 +39,7 @@ function Get-TargetResource $UpdateTimeOfDay, [Parameter()] - [ValidateSet('UserChoice', 'MicrosoftChoice', 'AdminDisabled')] + [ValidateSet('UserChoice', 'MicrosoftChoice', 'AdminDisabled', 'NewTeamsAsDefault')] [System.String] $UseNewTeamsClient, @@ -169,7 +169,7 @@ function Set-TargetResource $UpdateTimeOfDay, [Parameter()] - [ValidateSet('UserChoice', 'MicrosoftChoice', 'AdminDisabled')] + [ValidateSet('UserChoice', 'MicrosoftChoice', 'AdminDisabled', 'NewTeamsAsDefault')] [System.String] $UseNewTeamsClient, @@ -286,7 +286,7 @@ function Test-TargetResource $UpdateTimeOfDay, [Parameter()] - [ValidateSet('UserChoice', 'MicrosoftChoice', 'AdminDisabled')] + [ValidateSet('UserChoice', 'MicrosoftChoice', 'AdminDisabled', 'NewTeamsAsDefault')] [System.String] $UseNewTeamsClient, diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.schema.mof index 957ee607b1..2dc1712905 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.schema.mof @@ -9,7 +9,7 @@ class MSFT_TeamsUpdateManagementPolicy : OMI_BaseResource [Write, Description("Determines the day of week to perform the updates. Value shoud be between 0 and 6.")] UInt32 UpdateDayOfWeek; [Write, Description("Determines the time of day to perform the updates. Must be a valid HH:MM format string with leading 0. For instance 08:30.")] String UpdateTime; [Write, Description("Determines the time of day to perform the updates. Accepts a DateTime as string. Only the time will be considered.")] String UpdateTimeOfDay; - [Write, Description("Determines whether or not users will use the new Teams client."), ValueMap{"UserChoice","MicrosoftChoice","AdminDisabled"}, Values{"UserChoice","MicrosoftChoice","AdminDisabled"}] String UseNewTeamsClient; + [Write, Description("Determines whether or not users will use the new Teams client."), ValueMap{"NewTeamsAsDefault","UserChoice","MicrosoftChoice","AdminDisabled"}, Values{"NewTeamsAsDefault","UserChoice","MicrosoftChoice","AdminDisabled"}] String UseNewTeamsClient; [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; [Write, Description("Credentials of the Teams Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/MSFT_TeamsUpgradeConfiguration.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/MSFT_TeamsUpgradeConfiguration.psm1 index 5eeb71e1ba..74d1f38382 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/MSFT_TeamsUpgradeConfiguration.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/MSFT_TeamsUpgradeConfiguration.psm1 @@ -141,7 +141,8 @@ function Set-TargetResource $SetParameters.Remove('ApplicationId') | Out-Null $SetParameters.Remove('TenantId') | Out-Null $SetParameters.Remove('CertificateThumbprint') | Out-Null - + $SetParameters.Add("Identity", "Global") + Write-Verbose -Message "Updating with Values: $(Convert-M365DscHashtableToString -Hashtable $SetParameters)" Set-CsTeamsUpgradeConfiguration @SetParameters } diff --git a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 index e18fb34ca4..c284c7039b 100644 --- a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 +++ b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 @@ -6,75 +6,75 @@ }, @{ ModuleName = 'ExchangeOnlineManagement' - RequiredVersion = '3.3.0' + RequiredVersion = '3.4.0' }, @{ ModuleName = 'Microsoft.Graph.Applications' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Authentication' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Devices.CorporateManagement' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement.Administration' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement.Enrollment' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.DirectoryManagement' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.Governance' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.SignIns' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Reports' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Teams' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.DeviceManagement.Administration' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DirectoryObjects' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Groups' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Planner' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Users' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.Graph.Users.Actions' - RequiredVersion = '2.6.1' + RequiredVersion = '2.7.0' }, @{ ModuleName = 'Microsoft.PowerApps.Administration.PowerShell' diff --git a/Modules/Microsoft365DSC/Microsoft365DSC.psd1 b/Modules/Microsoft365DSC/Microsoft365DSC.psd1 index 2270b82746..7abfaae29a 100644 --- a/Modules/Microsoft365DSC/Microsoft365DSC.psd1 +++ b/Modules/Microsoft365DSC/Microsoft365DSC.psd1 @@ -3,7 +3,7 @@ # # Generated by: Microsoft Corporation # -# Generated on: 2023-10-04 +# Generated on: 2023-10-11 @{ @@ -11,7 +11,7 @@ # RootModule = '' # Version number of this module. - ModuleVersion = '1.23.1004.1' + ModuleVersion = '1.23.1011.1' # Supported PSEditions # CompatiblePSEditions = @() @@ -140,34 +140,26 @@ IconUri = 'https://github.com/microsoft/Microsoft365DSC/blob/Dev/Modules/Microsoft365DSC/Dependencies/Images/Logo.png?raw=true' # ReleaseNotes of this module - ReleaseNotes = '# 1.23.1004.1 - - * AADEntitlementManagementAccessPackageAssignmentPolicy - * [BREAKING CHANGE] Fixes customExtension property where the schema and assignement - were not managed correctly. - FIXES [#3639](https://github.com/microsoft/Microsoft365DSC/issues/3639) - * AADEntitlementManagementConnectedOrganization - * Fixed [[#3738](https://github.com/microsoft/Microsoft365DSC/issues/3738)] - * EXOCalendarProcessing - * Initial release. - * EXODistributionGroup - * [BREAKING CHANGE] Identity is now a primary key. - FIXES [#3741](https://github.com/microsoft/Microsoft365DSC/issues/3741) - * Added support for multiple new properties to align with supporting cmdlet. - * EXOMailboxAutoReplyConfiguration - * Initial release. - * EXOMailboxPermission - * Initial release. - * EXOPlace - * Initial release. - * IntunePolicySets - * New Configuration for Intune Policy Sets - * DEPENDENCIES - * Updated MSCloudLoginAssistant to version 1.0.121. - * MISC - * TestHarness.psm1 - * Added code around DscTestsPath parameter to target a single test file - during development' + ReleaseNotes = '# 1.23.1011.1 + + * AADRoleEligibilityScheduleRequest + * Added support for groups assignment. + FIXES [#3744](https://github.com/microsoft/Microsoft365DSC/issues/3744) +* EXOCalendarProcessing + * Added support for retrieved groups as calendar delegates. +* EXODistributionGroup + * Fixes the export of group membership to use Identity. +* TeamsUpdateManagementPolicy + * Add support for the new acceptable value for UseNewTeamsClient + (NewTeamsAsDefault). +* MISC + * M365DSCReport: Also define property dataType, if present, as being primary + key on CIM instances. +* TeamsUpgradeConfiguration + * Fixes an issue where the SfBMeetingJoinUx property wasn''t properly updated. +* DEPENDENCIES + * Updated ExchangeOnlineManagement to version 3.4.0. + * Updated Microsoft.Graph dependencies to version 2.7.0.' # Flag to indicate whether the module requires explicit user acceptance for install/update # RequireLicenseAcceptance = $false diff --git a/Modules/Microsoft365DSC/Modules/M365DSCReport.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCReport.psm1 index 0edd4deffe..ac0838d9d5 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCReport.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCReport.psm1 @@ -1071,6 +1071,7 @@ function Get-M365DSCCIMInstanceKey [System.Collections.Hashtable] $CIMInstance ) + $primaryKey = '' if ($CIMInstance.ContainsKey('IsSingleInstance')) { @@ -1108,6 +1109,11 @@ function Get-M365DSCCIMInstanceKey { $primaryKey = 'odataType' } + elseif ($CIMInstance.ContainsKey("dataType")) + { + $primaryKey = 'dataType' + } + return $primaryKey } diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADRoleEligibilityScheduleRequest.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADRoleEligibilityScheduleRequest.Tests.ps1 index 7705e80f38..a3330e6392 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADRoleEligibilityScheduleRequest.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADRoleEligibilityScheduleRequest.Tests.ps1 @@ -24,7 +24,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { $Global:CurrentModeIsExport = $false $secpasswd = ConvertTo-SecureString 'test@password1' -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) - + $Script:exportedInstances = $null Mock -CommandName Add-M365DSCTelemetryEvent -MockWith { } @@ -51,6 +51,11 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Id = '12345' } } + Mock -CommandName Get-MgBetaRoleManagementDirectoryRoleEligibilitySchedule -MockWith { + return @{ + Id = '12345-12345-12345-12345-12345' + } + } # Mock Write-Host to hide output during the tests Mock -CommandName Write-Host -MockWith { @@ -262,6 +267,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { type = 'afterDateTime' } }; + TargetScheduleId = "12345-12345-12345-12345-12345" } } } diff --git a/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md b/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md index c75702e0df..5745236b02 100644 --- a/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md +++ b/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md @@ -6,6 +6,7 @@ | --- | --- | --- | --- | --- | | **Principal** | Key | String | User Principal Name of the eligibility request. | | | **RoleDefinition** | Key | String | Role associated with the eligibility request. | | +| **PrincipalType** | Write | String | Represented the type of principal to assign the request to. Accepted values are: Group and User. | `Group`, `User` | | **DirectoryScopeId** | Write | String | Identifier of the directory object representing the scope of the role eligibility. The scope of an role eligibility determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. Use / for tenant-wide scope. Use appScopeId to limit the scope to an application only. Either directoryScopeId or appScopeId is required. | | | **Id** | Write | String | Identifier for the Role Eligibility Schedule Request. | | | **AppScopeId** | Write | String | Identifier of the app-specific scope when the role eligibility is scoped to an app. The scope of a role eligibility determines the set of resources for which the principal is eligible to access. App scopes are scopes that are defined and understood by this application only. Use / for tenant-wide app scopes. Use directoryScopeId to limit the scope to particular directory objects, for example, administrative units. Either directoryScopeId or appScopeId is required. | | diff --git a/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md b/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md index 131482c542..1469929ee9 100644 --- a/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md +++ b/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md @@ -12,7 +12,7 @@ | **UpdateDayOfWeek** | Write | UInt32 | Determines the day of week to perform the updates. Value shoud be between 0 and 6. | | | **UpdateTime** | Write | String | Determines the time of day to perform the updates. Must be a valid HH:MM format string with leading 0. For instance 08:30. | | | **UpdateTimeOfDay** | Write | String | Determines the time of day to perform the updates. Accepts a DateTime as string. Only the time will be considered. | | -| **UseNewTeamsClient** | Write | String | Determines whether or not users will use the new Teams client. | `UserChoice`, `MicrosoftChoice`, `AdminDisabled` | +| **UseNewTeamsClient** | Write | String | Determines whether or not users will use the new Teams client. | `NewTeamsAsDefault`, `UserChoice`, `MicrosoftChoice`, `AdminDisabled` | | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. | `Present`, `Absent` | | **Credential** | Write | PSCredential | Credentials of the Teams Admin | | | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. | |