Releases: KelvinTegelaar/CIPP
v6.1.0 - The Pink Elephant
Woo! It seems like this release is pretty close to the previous one right? That's because our previous release was out of band, to get back into our normal cycle we've decided to create a Quality of Life release, and how can we enjoy one of these releases? Well, we can grab a beautiful Pink Elephant and enjoy it while sitting in the sun.
Let's get started on what makes this release special. We've added some very very cool features.
Preprovision OneDrive
Ever had a large migration where you had to create hundreds of users, and then move data into their OneDrive? If you have, you know that Microsoft only provisions OneDrive storage after the first logon. That means if you have 1000 users, you'd need to logon a thousand times to get their OneDrive available.
That will no longer be an issue with this version of CIPP. In the user menu you can now select any user, or bulk select users, and make sure their OneDrive is available before logging on.
Create SharePoint Sites (and bulk creation!)
With the latest version you can now create SharePoint sites using the SharePoint menu, you can even set retention labels, but that's not all. We thought about those major migrations. Bulk adding SharePoint sites easily using a CSV file.
Edit Contacts, Better searches, Dismiss Risky Users
Thanks to @BNWEIN we now have the ability to edit contacts easily, allowing you to easily set the properties of contacts, but that's not all. We also improved the searches in our side menu allowing you to easily grab the correct user in dropdowns, then finally @OfficialEsco also added a new method to allow you to dismiss user risk using CIPP.
And much more.
We've of course worked our way through our feature requests and standards to, here's a quick rundown of those changes:
- Fixed an issue with Hudu force syncs not working
- Fixed an issue with dashboard domain rows having incorrect counts
- Added a new standard to disable Legacy workflows
- added bulk delete to contacts
- added the ability managed folder assistant for mailboxes
- added a standard for quarantine releases
- Updated the text for password clears
- Fixed an issue with Choco not getting all parameters
- added ability to set localization on mailboxes
- Fixed an issue with exchange standard not applying
- and so much more
What's Changed
- Fix manual tenant mapping by @JohnDuprey in #2647
- up version by @JohnDuprey in #2648
- Dev to hotfix by @JohnDuprey in #2649
- Allow multiple tenant to company map by @JohnDuprey in #2653
- Add Extension Sync Status page by @JohnDuprey in #2654
- Fix Dashboard domain name rows by @STG-Tanner in #2655
- up version by @JohnDuprey in #2656
- Dev to hotfix by @JohnDuprey in #2657
- Add domain selector for JIT admin by @kris6673 in #2665
- Wishful thinking by @chase-vgo in #2672
- Added SPDisableLegacyWorkflows standard by @OfficialEsco in #2678
- Fix copy paste typo by @kris6673 in #2673
- Added SpamFilterPolicy standard by @OfficialEsco in #2675
- Added QuarantineRequestAlert standard by @OfficialEsco in #2676
- Updated verbiage by @chase-vgo in #2683
- Added Ability to edit contact by @BNWEIN in #2682
- Added bulkdelete to Contacts by @OfficialEsco in #2681
- Update EditContact.jsx by @BNWEIN in #2689
- Add start managed folder assistant single and bulk actions by @kris6673 in #2695
- Add alert templates for forwards and redirects by @kris6673 in #2693
- Add room and convert to room and various other things by @kris6673 in #2690
- Consolidated User Submission Policy related standards. Fixed bug by @kakaiwa in #2694
- Added Dismiss Risky User by @OfficialEsco in #2697
- Update-licenses by @kris6673 in #2706
- Dev to release by @KelvinTegelaar in #2707
Full Changelog: v6.0.0...v6.1.0
v6.0.0 - The Voodoo
Woowoo! We are proud to announce CIPP version 6.0.0 - The Voodoo! This release is named after the magic that happens when you combine the right products together to create the fantastic mix. We've focused on new extension, improvements to our extensions menu, and so many feature requests, Oh! and a complete backup tool for your M365 configuration.
Let's dive into the wizardy that this release has to offer. Oh, and if you need a drink first, check out The Voodoo
Voodoo? No! Hudu!
Our team brought our magical Tophats to the Hudu Team, to see if we can make something cool, and with a bit of fun we've created a beautiful extension into the Hudu universe. Syncing your M365 Users and Devices becomes a piece of cake. Get a complete contact database? Get a full overview of your users and licenses? what devices they have and need? It's all in there. Want to see how it looks? check out the screenshot below.
Now this isn't all, we're just getting started. So much more is coming faster than you can say "This extension creates magical automatic documentation"
CIPP Backup Wizard
We've added a new Wizard that allows you to create a backup of your M365 environment, fully automagical. You just set it up, you decide which items you want included on the backup and from that moment forward it runs it nightly - You can restore the backup whenever you make a mistake, delete a conditional access policy,
Storage Updates & Offboarding Wizard Updates & SharePoint links
As a couple of notable changes we've added the ability to create a direct copy of the required sharepoint URLs for automapping too. You no longer need to look up all these URLs and you can just hit copy and paste it directly into the Intune configuration.
The backend was improved too - We can now store larger and larger files, want to store a large file? want to create a really big template? go right ahead. We've added an option to our offboarding wizard to allow removing old calendar updates.
Other fixes
We've added about 15 new standards, SharePoint standards, we've added a litigation hold standard since you can use this with BP, we've added a self-service license standard, we've upgraded our MFA report to be faster. We improved our Gradient Syncing and functioned a whole lot of backend functions, making everything that much faster. That's not all - Check out the full release notes for more information.
Sponsors
We extend our gratitude to our supporters at https://renroros.no, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com, https://rewst.io and our newest sponsor, https://traceless.io and of course https://augmentt.com!
What's Changed
- filterlist typo... by @OfficialEsco in #2597
- fix flatten/format functions by @JohnDuprey in #2598
- fix nested array by @JohnDuprey in #2600
- Dev to release by @KelvinTegelaar in #2605
- New UserReportDestinationEmail standard by @kris6673 in #2612
- Update Users.jsx by @BNWEIN in #2608
- Add Litigation Hold Standard by @chase-vgo in #2599
- Updated Anti-Phishing Policy Standards for more granular configuration by @kakaiwa in #2594
- Add properties for auto docs and fix powershell commands by @kris6673 in #2621
- Added Authentication Methods by @BNWEIN in #2618
- Extension tweaks by @JohnDuprey in #2629
- Update ExtensionMappings.jsx by @JohnDuprey in #2630
- Edit group changes by @BNWEIN in #2626
- Adding self-service license management Standard by @rvdwegen in #2628
- Extension Mapping by @JohnDuprey in #2635
- Update recommended extensions and dev workflow by @JohnDuprey in #2636
- Extension layout by @JohnDuprey in #2637
- Adding calendar invite removal to offboarding wizard by @chase-vgo in #2638
- Added SPO Standards by @OfficialEsco in #2640
- Extension: Add callout for force sync by @JohnDuprey in #2644
- Improve DeletedUserRentention standard by @kris6673 in #2645
- Dev to release by @KelvinTegelaar in #2646
New Contributors
- @chase-vgo made their first contribution in #2599
- @kakaiwa made their first contribution in #2594
Full Changelog: v5.9.0...v6.0.0
v5.9.0 - The Chupa Chup
After last weeks surprise release, have a smaller release for you today. It's one filled with fun and flavour. Are you ready for some sweetness at the start of your week? Do you know what you really need? a fresh cocktail of course. Let's check out the chupa chup cocktail while we get to work.
Recap of the last release
In the last release we've added a new API Microsoft made available just because of us; per user MFA. You can now enable per user MFA, disable it, enforce it, and report it on it all through CIPP.
CIPP GDAP migration Wizard easy mode.
We improved the GDAP migration wizard, no need to go to multiple screens if you want to migrate to GDAP. The wizard now has a checkbox "Use CIPP Recommended configuration" which will take care of a lot of the work for you, Making implementing CIPP another step easier.
BPA updates
BPA has received some polishing and additives to it's formatters. We've also updated the speed of some of the updates running under BPA so you'll notice reports run faster.
Audit log updates
We used to receive audit logs from Microsoft whenever they felt like sending us some. This got quite busy at times. Instead we've decided to pick the packages up ourselves as we're just better drivers than MS ;) This causes a performance boost in the way we process audit logs. It also helps in keeping costs lower as we're no longer processing each webrequest.
Bugfixes and other notable changes
We've implemented a bunch of bug fixes; some issues with Exchange sometimes giving a strange result as the wrong anchor header was used, we've added some performance boosts to bulk requests for exchange, added a handful of new standards by @OfficialEsco and he also added a new risky sign in report, we've also expanded the default sign-in report to allow selection of how many failed logins trigger the log.
Sponsors
We extend our gratitude to our supporters at https://renroros.no, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com, https://rewst.io and our newest sponsor, https://traceless.io and of course https://augmentt.com!
What's Changed
- JIT tweaks by @JohnDuprey in #2569
- Added Quarantine Filters by @OfficialEsco in #2567
- Fixed Missing Username from Logbook when revoking sessions by @BNWEIN in #2565
- Added intuneBrandingProfile standard by @OfficialEsco in #2556
- Added sharingDomainRestrictionMode Standard by @OfficialEsco in #2553
- Add missing options and fix editor value by @kris6673 in #2551
- Firefox e.actionsSelect is undefined fix by @OfficialEsco in #2576
- Reorder SharePoint lowimpact standard by @kris6673 in #2575
- Sign in report tweaks by @JohnDuprey in #2578
- JIT Update users query to ListGraphRequest by @JohnDuprey in #2580
- Update wording in standards by @kris6673 in #2582
- Tweaks and bugfixes by @JohnDuprey in #2585
- Updated DeploySpamfilter.jsx. Made priority configurable by @cipptesting in #2579
- Added Risk Detections Report and List Risky Users by @OfficialEsco in #2588
- Added risky sign-in filter by @OfficialEsco in #2586
- Dev to release by @KelvinTegelaar in #2592
New Contributors
- @cipptesting made their first contribution in #2579
Full Changelog: v5.8.5...v5.9.0
v5.8.5 - Per User MFA
So last weeks release was already a little spoiler to this one. We knew we had to wait on Microsoft so we made you all expect the unexpected.
Microsoft and our team has been working closely on this for the past 6 months, having hard discussions with Microsoft on needs and creating an API isn't always the easiest, but thanks to @microsoft and specifically Luc van der Ende at Microsoft it is now possible to use CIPP to control per user MFA. This is an amazing feature and worthy of an in between release.
Per user MFA Explained
Per user MFA is a legacy method of MFA that many tenants still use, it has no license requirements and is free to use for anyone. It used to be managed via the Microsoft MSOL module which is now gone. Thanks to our hard work this has been converted to a Graph API by Microsoft.
Per User MFA is on a deprecation path, but currently is still the only way for you to use MFA for each logon when you do not have Conditional Access Available. CIPP introduces management of per user MFA in multiple ways:
Reports
The CIPP MFA report has been updated to include per user MFA, Now you know that as long as one of the checkboxes are green, your users are protected by some form of MFA
User Settings
It's pretty useless to report on something, and then not set it right? We've added the set per user MFA option to the users flyout. Select a user, set their MFA.
Of course that's also available as a bulk option, so you can set it for multiple users in one go.
Standard
Of course you don't want to keep checking which users have MFA and which do not. You can set the new Per User MFA standard. This standard allows you to set up MFA for all users that are missing it, report on it in our reporting engine, or alert on it when you need to know what's going on.
Other notable changes
- Fixed an issue with exchange sometimes using the incorrect domain
- Fixed an issue with SAM Wizard not completing without a hard refresh
- Fixed an issue with blocked domains blocking access everywhere.
Sponsors
We extend our gratitude to our supporters at https://renroros.no, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com, https://rewst.io and our newest sponsor, https://traceless.io and of course https://augmentt.com!
What's Changed
- MalwareFilterPolicy Standard typo quickfix by @OfficialEsco in #2537
- Per user mfa actions by @JohnDuprey in #2550
- Dev to Special Release by @KelvinTegelaar in #2557
Full Changelog: v5.8.0...v5.8.5
v5.8.0 - Expect the Unexpected
Wow! You know how everyone always says to expect the unexpected? we managed our own expectations and decided to implement some things people didn't see coming! ;)
The reason this released stewed a little longer than usual is because we decided to implement a way for you to create custom roles and groups, following the Graph-style of permissions. So, make a unexpected drink and lets dive into this release.
We also have some fun announcement; are you a CIPP sponsor and need to learn how M365 works? How CIPP works? need a training session or just someone to shoot off some questions to? We now have weekly training sessions given each Wednesday. Join our discord at https://discord.gg/cyberdrain to get all the CIPP or M365 training you need to be succesful.
Permissions? Permissions! Permissions?!
Taking the time to do things right, we've created a new method of applying custom permissions to roles and users. You can now specify super in-depth permissions deciding exactly how your custom roles look.
Of course we didn't just stop there, we also allow you to select which tenants a user sees, and which tenants they are absolutely not allowed to see. You can find these settings in our SuperAdmin menu. Need more information? check out the updated docs
JIT Administration, without JIT Administration pricing.
There's a lot of cases where you need a admin account, but you don't always want to have those laying around. You want to make sure you create temporary accounts and remove them when unused. CIPP is helping you do just that. We now have functionality to allow you to create an administrator account with the exact roles you need.
You set the start date, select an existing account or a current one, and an enddate and CIPP takes care of removing the permissions, disabling the account, or even deleting it when you're done. Cool thing; this doesn't have a required license level. No need for P2 licensing on all your tenants.
Plain text password, we hate them.
We hate showing plain-text passwords in the app, but you somehow need to get passwords over to your users right? Well, we might hate plain-text passwords but we absolutely love the open source community. We've implemented an extension for PWPush, this means that CIPP can now generate a PWPush link to send to your clients, instead of having to send them the password directly.
Special thanks to the PowerShell module created by @adamburley, and credits to our friends over at PwPush; @pglombardo for creating such an awesome OSS project.
Automatic Report Scheduling
We have so many options to report stuff, especially using the Graph Explorer - you can now create your own custom Graph Explorer reports and schedule them. Head over to the Graph explorer, customize your report to how you want it, and hit the "Schedule" button. This allows you to receive any report out of Graph as an email, webhook, or PSA ticket.
Custom BPA Reports
In the old days, to create a custom BPA report you had to upload the file manually, we've made sure that's no more. You can use the BPA report builder to easily edit and upload reports inside of CIPP now. Creating your own little sanctuary of reporting heaven.
Quality of life changes, those little things we all love.
@kris6673 added about 5 or 6 new standards, depending on when we start counting. @OfficialEsco helped us fix some bugs in the ATP/Defender states.
We've also added the autopilot failure reason per device, we've added support for Slack as a webhook endpoint, we've improved the HaloPSA mapping experience, and we've also added Auto-backup to the CIPP engine, allowing you to create backups of CIPP on a schedule.
Other notable changes
- We've Fixed issue with tenant onboarding
- Removed unused API endpoints
- We've fixed an issue with the SecureScore overview page
- We've added ability to set language in AP profile
- Fixed issue with some defender policies not showing up in portal
- Fixed issue with disabling and enabling spamfilters
- Updated email templates to show correct clause statement.
- So so much more. If you really want all the details, check the logs below.
Sponsors
We extend our gratitude to our supporters at https://renroros.no, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com, https://rewst.io and our newest sponsor, https://traceless.io.
It also seems like we didn't make a formal announcement for one of our other sponsors yet; Augmentt. Augmentt specializes in being a SaaS security platform. They have some very cool Shadow-IT reporting and do wonders with SaaS Discovery so go check them out at https://augmentt.com!
What's Changed
- JIT Admin frontend by @JohnDuprey in #2427
- Update Activity Based Timeout standard to have options by @kris6673 in #2463
- Updated Role View by @OfficialEsco in #2472
- Add shorten meetings standard by @kris6673 in #2480
- Update Users.jsx by @PremierOneData in #2484
- Custom Role Support and Bugfixes by @JohnDuprey in #2490
- Fix scripted alerts by @JohnDuprey in #2492
- Standards UI tweak by @JohnDuprey in #2493
- JIT Admin by @JohnDuprey in #2494
- JIT Admin by @JohnDuprey in #2495
- Standards/BPA/Autopilot UI hotfix by @JohnDuprey in #2500
- Add cloud message recall standard by @kris6673 in #2503
- Add Teams meetings by default standard by @kris6673 in #2502
- Add bookings standard by @kris6673 in #2501
- JIT Admin tweaks by @JohnDuprey in #2507
- Update JIT actions by @JohnDuprey in #2508
- JIT frontend by @JohnDuprey in #2511
- Tenant block list by @JohnDuprey in #2514
- Custom Role tweaks by @JohnDuprey in #2516
- Custom Roles & Scheduler tweaks by @JohnDuprey in #2518
- Added more Anti-Phishing actions by @OfficialEsco in #2513
- Add enable pronouns standard by @kris6673 in #2515
- Extension tweaks by @JohnDuprey in #2522
- Extension update by @JohnDuprey in #2523
- Dev to release by @KelvinTegelaar in #2534
Full Changelog: v5.7.0...v5.8.0
v5.7.0 - The Floradora
Holy moly batman! have you noticed it's almost summer already?! That means MSPGeekCon is right around the corner. That's right. The best MSP Conference of the year is here. Most of our team is at the conference next week so feel free to drop in on us to say Hi!
Let's get into the new release shall we? named after this summery drink the Floradora is going to quench your thirst for a new CIPP release. We do have some required actions for this release, so don't just install willynilly!
A whole new way to manage CIPPs alerts. (Manual action required!)
We've had the alerting engine for a while now, but the most asked question was "how do we create the correct alerts?" - to tackle this our team has created more alert templates for you, but not just that. We also took a good long look at how we handled some of these alerts and looked at your feature requests, so;
- Scripted CIPP alerts can now be scheduled, instead of always running every 15 minutes. That means you can choose to only receive license alerts once every 7 days, while receiving MFA alerts every day, and reset admin passwords every 30 minutes. You can set this up now, but to help you, we even have recommended alert times.
- Audit log alerts can now be selected based on their properties. We've created an entire schema for you to select from dropdowns, making it super easy to create custom audit log alerts.
So what's the downside of this? you'll have to do a re-setup of your alerts so that we know which schedule you'd like for each alert. Remember to select the correct locations you'd like to sent the alerts to!
Durawhat? Durables!
This release we've also done some backend magic. In the Application Settings -> Maintenance tab you'll find a new way to see exactly what is eating away at your processing time for your instance. We've included buttons to stop specific processes or just clear what's been running too long. This helps prevent cost escalation when you've made a mistake in managing your CIPP instance.
GDAP with GA? Not anymore.
Microsoft has worked hard to no longer have Global Administrator permissions in GDAP environments, and @rvdwegen has been so kind to help us create a new option in CIPP to reflect that; you now have the ability to remove GA from a relationship. This means that even relationships that had Global Administrator by mistake, can now be auto-renewed after removing it.
Get a Rooms Management & Standards while onboarding
@JohnDuprey worked on a new feature to allow standards to not apply to newly onboarded tenants, a feature requested by our internal devs!
@OfficialEsco has added the ability to manager rooms via CIPP - You can now view their settings and change them which is super handy for those pesky exchange rooms that require a bit of configuration.
Quality of life changes, those little things we all love.
@kris6673, @gigacodedev and @PremierOneData have added filters, new standards, and fixed QoL stuff all around both the frontend and backend of our app. There's too many things to mention but some cool ones are making the cards clickable, fixing JSON formatting problems, adding filters, and updating log texts which was much needed at some places!
Other notable changes
- We've fixed an issue with added e-mail addresses not updating when its a list
- We've fixed an issue autopilot default profiles and assigning them to all devices
- We've fixed an issue with the SecureScore overview page
- We've added the ability to only see unmapped companies via the mapping interface.
- We've fixed a bug with applying Conditional Access policies when the GUID was not yet translated.
- So so much more. If you really want all the details, check the logs below.
Sponsors
We extend our gratitude to our supporters at https://renroros.no, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com, and of course https://rewst.io/.
And we also want to welcome a new sponsor, one that also just released a awesome new feature of their own. You'll find their logo in the footer of the application now, but Traceless.io has joined the fold.
Traceless specializes in Identity Verification, and secure communications for your clients. Need to send a password securely? Need to check if a user is who they say they are? Sending over a confidential message? Traceless does this all, and the great thing is they do it straight from your ticketing system. Check them out, and say hi to them. Welcome Traceless.io!
What's Changed
- Added Tenant Allow/Block Lists by @OfficialEsco in #2373
- Readd Number DefaultValue by @OfficialEsco in #2375
- Dev to HF by @KelvinTegelaar in #2378
- Frontend fixes by @JohnDuprey in #2381
- Frontend fixes by @JohnDuprey in #2386
- Update CellTable.jsx by @JohnDuprey in #2391
- Update Users.jsx by @JohnDuprey in #2392
- Graph explorer - Add $format to form by @JohnDuprey in #2395
- up version by @JohnDuprey in #2400
- Dev to hotfix by @JohnDuprey in #2401
- Added Places/Rooms by @OfficialEsco in #2379
- Add new standard for Global Quarantine Notification Interval by @kris6673 in #2397
- Add Viva Goals Administrator and Viva Pulse Administrator roles by @peter-fisher in #2408
- Update TransportRules.jsx by @PremierOneData in #2416
- Replace maintenance page with Durable Functions by @JohnDuprey in #2418
- Durable Maintenance tweaks by @JohnDuprey in #2419
- Update AlertWizard.jsx by @JohnDuprey in #2420
- Tweaks to Durable Maintenance by @JohnDuprey in #2425
- Added timezoneList by @OfficialEsco in #2424
- Added New & Remove function to Tenant Allow/Block List by @OfficialEsco in #2423
- Fix form click issues by @JohnDuprey in #2428
- Standards by @JohnDuprey in #2433
- Standards - Fix all tenant settings by @JohnDuprey in #2434
- Standards / disable console logging by @JohnDuprey in #2435
- Fix recent job load error for single task by @JohnDuprey in #2438
- Improve Extension Mappings by @JohnDuprey in #2439
- Update MFAReport.jsx by @PremierOneData in #2441
- Added branding standard by @OfficialEsco in #2440
- Add action button to remove GA from GDAP relations by @rvdwegen in #2436
- Added checkbox to QuarantineList by @OfficialEsco in #2403
- Extension Accordions by @JohnDuprey in #2442
- Update ConnectorList.jsx by @PremierOneData in #2443
- Add additional template types by @JohnDuprey in #2446
- Tenant Onboarding v2 and QoL improvements by @JohnDuprey in #2449
- Onboarding Standards Exclusion by @JohnDuprey in #2452
- Add standard exclusion to partner webhook by @JohnDuprey in #2453
- Dashboard - Clickable user chart by @JohnDuprey in #2454
- Add filter for non-MS Enterprise Apps by @kris6673 in #2448
- Dev to release by @KelvinTegelaar in #2455
New Contributors
- @peter-fisher made their first contribution in #2408
- @PremierOneData made their first contribution in #2416
Full Changelog: v5.6.0...v5.7.0
v5.6.0 - Born To Be Wild
Oh my, this release we went a little wild, but I guess we were born that way. ;) Lets mix ourselves up the "Born to be Wild" cocktail and jump into this new release. By the way, this cocktail is also great as a mocktail, replace the tequila with some more sprite, and the Pisang Ambon with shaved ice banana syrup.
Our team saw the opportunity to build this release thinking of "how can we make everything just a little better for everyone", and it shows. I'll highlight my favourites but I'd recommend scrolling down to the list of changes because it's truly a lot of new features and tweaks. I'll try to focus on our Frontend work as that's what you'll see most of, but the backend has gotten a facelift too. We're now using a new engine for our Durable Functions which we've seen be a lot more performant for backend tasks.
Official support for Single Tenant mode, and Partner Tenant mode.
Previously unavailable as there was a lot of security to build around these two modes, but now officially and completely support; CIPP is introducing Single Tenant mode for when you want to run CIPP just for your own environment, or just for a single tenant. Imagine your co-managed client wanting CIPP for themselves, or managing a tenant out of scope of your M365 GDAP relationship. You're now able to setup CIPP to run for just that tenant.
But that's not all. With this change we've also introduced official support for adding your partner tenant to the CIPP environment. Of course this is something to be very careful of, and you don't want to over assign permissions, but you can now use CIPP to protect your own environment as much as your clients.
New dashboard, who dis?
Not much to say about this right? pretty charts and figures have been added to the dashboard, making it more functional than it was before:
Secure Score? You've got it.
We've implemented a secure score overview page, now some of you were wondering why it took a while or why we recommended to use the Graph Explorer instead while this was in development - A lot of products already give you a read-only secure score overview. We wanted to do more, and we did. CIPP now allows you to manage the Secure Score for your clients, but we've also added the capability to immediately remediate issues if CIPP has a standard for them, or instructions what to do if
Now the biggest problem most people have with Secure Score rating is that they solve some issues differently; using an external spamfilter, a different EDR, another IDP, etc. Don't worry boo, we've got you. We've added a button that allows you to change the Secure Score Remediation status and mark it as "Solved by a third party" - giving you the points to show your client how they're doing.
Of course now that we've done this, you can expect our competitors to suddenly have this feature too ;)
Queue tracking, or "What is CIPP doing in the background"?
We've decided to give you some more insight on what CIPP is working on, we already had our statistics page, but that's not live and didn't allow you to zoom in on exactly what's being processed. Sometimes you also just want to see your automation run, for fun.
Clicking on the queue button in the top bar now allows you exactly that insight.
Recording.2024-04-26.122748.mp4
New mapping Experience & Scheduler changes
The scheduler now has the ability to copy tasks, that means if you setup a complex task for one user and need to do it again, you don't have to fill in all the details once more. It just does it for you :)
Our extensions got a boost too, the mapping experience used to be pretty long lists of tenants to map correctly, instead we've opted for an easier way to manage these mappings and now allow you to Automap based on names for HaloPSA too;
Quality of life changes, those little things we all love.
We've also tackled a lot of quality of life changes; we've added a refresh button next to our tenant selector. This allows you to refresh that selector without needing an entire refresh of the page; super handy when you've just onboarded a new tenant. We've also redone the entire settings menu to be more organized and look quite a bit better.
Another little-big thing is the "Recent Items" menu option in our navigation. you can now easily find what page you visited last without needing to add it to your favourites.
The Template Management for Standards now has a table view - Allowing you to delete and load Standard Templates easier.
The notification menu now has the ability to generate a test-alert,
I'm still reading because I want to hear about those backend changes
Well, as I said we've moved to a new durable functions engine, which gives the durables higher performance and decreases the cost because they start using extremely cheap Azure Table Storage, but that's not all.
We've implemented bulk requests to the Exchange APIs, this means that if we need to perform multiple requests at the same time we can send Exchange packages of 10 users, instead of one at a time. That's brilliant for standards, winning minutes on long running queries.
Other notable changes
- We've fixed an issue with Guest Users and unblocking their signin giving the incorrect feedback
- We've fixed an issue with the logging for notifications to give more details
- We've fixed an issue with the Tenant Selector getting cleared at random moments.
- We've added the ability to see all partner relationships in a partner overview
- We've fixed in issue with the Best Practice Analyser not showing the correct list when an item was a single object.
- We've fixed an issue with stacked filters not working.
- We've fixed an issue with lighthouse dependencies where we could use the default Graph API.
- So so much more. If you really want all the details, check the logs below.
Sponsors
We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://datto.com/, our friends at https://www.meetgradient.com, and of course https://rewst.io/.
We're also proud to announce some news; starting with our new release and readme sponsor: Ren Roros from Norway! @OfficialEsco, one of our latest contributors who's been adding cool features to CIPP also decided to join the fray for a readme sponsorship, following the example of RYC Business IT.
But that's not all! I already sneak-previewed this just a little bit but in the next release we're adding a new sponsor that is developing an extension for CIPP, a new-old sponsor to be more accurate. One of the best documentation systems I've personally ever seen has upgraded their sponsorship and we're proud to be working with them! Check them out at Hudu.com
What's Changed
- Add test error handling by @JohnDuprey in #2322
- Added Tenant ID to Tenant Information Offcanvas by @MWGMorningwood in #2336
- New sorting function by @GreenChiip in #2339
- Add support for single tenant Service health report by @kris6673 in #2341
- CippActionsOffcanvas updates by @JohnDuprey in #2354
- Recent Jobs and Tenant Onboarding by @JohnDuprey in #2356
- Table Tweaks, Graph Explorer & New page by @JohnDuprey in #2357
- Added TenantDefaultTimezone by @OfficialEsco in #2349
- Recent job details by @JohnDuprey in #2361
- Update standard list on home page by @JohnDuprey in #2362
- Fix standard label by @JohnDuprey in #2363
- Copy Schedule by @JohnDuprey in #2366
- Recent Pages by @JohnDuprey in #2368
- Add new standards to standards.json by @kris6673 in #2367
- Home page tweaks by @JohnDuprey in #2369
- Dev to release by @KelvinTegelaar in #2374
New Contributors
- @MWGMorningwood made their first contribution in #2336
- @GreenChiip made their first contribution in #2339
Full Changelog: v5.5.0...v5.6.0
v5.5.0 - Angelo Azzurro
Isn't it funny how all announcements always start with extreme hyperbole and then just fizzle out? I hate it when that happens. It's time for a better style of announcement, something a little more muted, but that pleasantly surprises you.
That's what todays release should do for you - It should be a pleasant surprise filled with the things you asked for, or didn't know you asked for but needed anyway. Todays release is named after the Italian (Angelo Azzurro)[https://www.sipandfeast.com/angelo-azzurro] which loosely translated means 'The Azure Angel' or just the blue angel if you're being finicky.
So, what is this Azure Angel delivering to you today? Well. There's a huge amount of bug fixes, there's some very very cool near features and of course we've listened to our clients and made sure we've built some pretty cool feature requests too. Let's dive into them.
Conditional Access: Improvements to deployment
We've added features to our Conditional Access Deployment wizard. This now allows you to easily replace groups and users with the ones in your template. If you are using the same group names and same excluded or included users, you can easily transfer those over.
That's not all we've improved. The overviews for complex objects has been tackled too. No more looking at JSON(Unless you like that sort of thing). Instead, you have a pretty object browser that even allows you to expand deeper. This isn't just for Conditional Access either. We are now using this overview in more places.
CA-Updates.mp4
Conditional Access: What-If support
Microsoft was kind enough to share some documentation with us about the new What-If endpoint in Graph, this endpoint isn't even in the Graph API docs yet! The cool thing about the what-if tool is that you can set up your entire Conditional Access environment in reporting mode, and then test the policies using a wild array of simulated scenarios.
CA-Tester.mp4
Standards: You want templates? you get them!
Our standards overview has a new nice little button - Save as Template, or the option to Load that template. This is just the start - we'll be including a lot of standard template files for you to use, but feel free to start creating and deploying your own!
Favourites, favourites everywhere
So our menu is quite long - I mean, CIPP has thousands of features and not everyone uses them all the time right? Well. We've changed a couple of things about our navigation. You can now add favourites. Adding them is as easy as going to the User Settings menu, and adding the pages you use most.
Of course we also made sure people no longer see menu items they don't need - The menu is now build dynamically based on your role.
Automatic Tenant Onboarding, and Partner Webhooks
We didn't just play around with stuff that's always visible - but also the back of the mind stuff got a good polish and upgrade. You can now go into the Application Settings and enable Partner Webhooks. Partner Webhooks allow us to do fully automated tenant onboarding - You setup the webhook, and as soon as a new relationship is detected that tenant will be onboarded inside of CIPP.
That's not all you can do with this though; you can now also generate alerts based on the received partner webhooks. Something changes in your partner center? you're the first to know.
Other notable changes
- We've fixed an issue with Edit User/Add user requiring custom fields
- We've fixed PDF exports and increased their sizing.
- We've fixed a bug where loading the extension page gave an error if your tenant cache was empty.
- We've fixed the Azure Lighthouse Search on the Dashboard
- We've improved the overview for MEM policies when deploying them
- We've added all supported policies to be templatable
- So so much more!
Sponsors
We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/.
We've added Augmentt as our logo sponsor at https://augmentt.com.
We're adding new logo sponsors AND extension sponsors in the coming weeks, so keep an eye out for those! Our latest extension sponsor has been requested quite a bit and we're happy to create a custom CIPP extension for them!
What's Changed
- Added default int value support to standards number type by @OfficialEsco in #2281
- Update with new licenses by @kris6673 in #2292
- Bugfixes - Table Filter and Mail Test by @JohnDuprey in #2296
- Fix Number defaultValue by @OfficialEsco in #2294
- Up version by @JohnDuprey in #2297
- Dev to hotfix by @JohnDuprey in #2298
- Allow retry button while running by @JohnDuprey in #2302
- Fix Switch defaultValue by @OfficialEsco in #2306
- Update footer and UI tweaks by @JohnDuprey in #2309
- Use TenantGUID for DA by @kris6673 in #2311
- Partner Center webhooks by @JohnDuprey in #2314
- Frontend tweaks by @JohnDuprey in #2317
- Celltable fix by @JohnDuprey in #2319
- Dev to release by @KelvinTegelaar in #2320
Full Changelog: v5.4.0...v5.5.0
v5.4.0 - Cherry Springer
Spring is in the air!
I love the springtime, which is why we chose a nice spring cocktail for this release. If you want to make the Cherry Springer yourself, check out https://www.diffordsguide.com/cocktails/recipe/4622/cherry-springer
This release we had a couple of objectives. Objective number 1 was that we wanted to give you even more speed than last release, and that worked. We modified the way we connect to Exchange and it makes everything so much faster. Loading times of everything related to exchange should be quite a bit lower.
But that's not all, backend changes are good fun but we're here for the meat, so let's dive into the new features we've made in the past two weeks.
Bulk User Add & Offboarding
We've added a tool to ease the creation of a bulk of users, including any field you want to add. you can upload a CSV, add users to the list by using the fields and create them all in one go. Super easy for migration situations and just generally when you onboard many new employees. We've also listened to our feature requests and added the ability to multi-select during the offboarding wizard.
Compliance Policies, App Protection Policies, and more
We've updated our templating engine to support Compliance Policies, App Protection Policies, and so much more. You'll find the new overviews under the same place as your other Intune Policies - Because our policy engine allows you to create templates, you can also deploy any of these policies using the Apply Policy screen, or the Standards.
Standards
We have a new contributor in our mids, @OfficialEsco has added quite a list of Defender and anti-phishing/Anti-spam standards. These standards allow you to set the best practice recommended defaults for your spamfiltering. It's a great contribution to the CIPP standards! Check them out now to see the power of these standards.
We've also added a standard to manage Cross-Tenant Access Settings, thanks for that @kris6673.
Mail Testing
Ever had delivery issues and weren't sure where they came from? Had problems finding out if your SPF is correct? we now have a built in mail testing solution, check it out under the Exchange Tools.
Other notable changes
- We've fixed an issue with Edit User/Add user requiring custom fields
- We've made sure Export Visible columns and all columns now translate license files correctly.
- We've resolved an issue with Microsoft confusing the mailnickName for the UPN(Thanks Raf!)
- We've added an alert for above when we see things aren't as they should be regarding UPNs and PrimarySMTPAddress
- We've added the ability to create Dynamic Distribution Groups
- We've improved the backend handling of Webhooks
- We've fixed a bug with the frontend requiring multiple clicks on checkboxes.
- We've added a warning to the edit user screen when Alternate Login ID should be used.
- We removed the Lighthouse requirement for access checks
- Fixed an interface bug with blank arrays.
- So so much more!
Sponsors
We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/.
We're also announcing some new sponsors today. Helpt at https://gethelpt.com, Augmentt at https://augmentt.com, be on the lookout for their logo in the application soon, and more big announcements around sponsors coming in the next weeks.
What's Changed
- Add null safe operator to default settings by @JohnDuprey in #2221
- Dev to hotfix by @JohnDuprey in #2222
- Function Statistics by @JohnDuprey in #2226
- Add standard to disable app registration creation by @kris6673 in #2238
- Update formatters for alerts/scheduler by @JohnDuprey in #2243
- up version by @JohnDuprey in #2246
- Added Boolean switch to standards lists by @OfficialEsco in #2247
- Dev to hotfix by @JohnDuprey in #2248
- SafeLinksPolicy Standard by @OfficialEsco in #2249
- Standard for trusting external MFA in Cross-tenant access setting by @kris6673 in #2264
- fix radio/checkbox bug by @JohnDuprey in #2270
- fix tenant access check by @JohnDuprey in #2271
- add standards from PR by @JohnDuprey in #2272
- WizardTableField set dynamicColumns to false by @JohnDuprey in #2275
- remove lighthouse requirement for tenant check by @JohnDuprey in #2276
- Mail Test by @JohnDuprey in #2277
- Dev to release by @KelvinTegelaar in #2278
- mail test tweaks by @JohnDuprey in #2279
- Dev by @KelvinTegelaar in #2280
New Contributors
- @OfficialEsco made their first contribution in #2247
Full Changelog: v5.3.0...v5.4.0
v5.3.0 - The Verbena
Hey everyone,
This release might just change your perception of time as it is a doozy. our entire team met up in Vegas recently for Right of Boom and had a blast doing brainstorming sessions on making CIPP better for you. Don't worry, we didn't do anything silly like getting a stand and spending money on ROI that'll never come, but we did make sure you all got hydrated at our CIPP open bars spread through the conference.
In this release we've focused on getting you new features, QoL, but especially backend stuff. This release has a cost reduction built into it, depending on your instance this could be a 30% reduction, but we've seen up to 200% cost reduction too! We've moved our most expensive queries to a new method by using Durable Functions and this should really press the cost down.
Let's zoom in on the new features, and changes we've made to check out the cool stuff
Speed and Powerrrrr
As we said, lots of backend changes but you'll notice your frontend also feels faster. This is because we've made improvements to the way we process larger tasks in the background too. These changes also meant we could implement a method to view pending webhooks, easying the creation of your custom rules for our Alerts Engine.
License overview improvements
The license overview has had a bit of an overhaul, now calculating NCE terms more accurately, but also showing more information while hiding subscription information by default. We've made sure the exports still contain the same info if you're forwarding these to a administration department.
Default fields
Under the user settings screen you can now find default fields for all users, easily adding them as a requirement to be filled out whenever creating a user. This is useful for non-default fields like State, officeLocation, or custom extension properties.
Frontend tweaks
you might notice some new logos, some frontend changes, and a new feature when you change a tables layout; the table layout is now saved by default. You can reset the table layout separately for each table, so it simply stores the columns you've selected last. We've also reintroduced a feature that's been missing for a while. Can you spot it? ;)
Other notable changes
- We've added the ability to use tokens in Graph Explorer
- We've solved a bug that add user failed to create a user and didn't stop the rest of the tasks.
- We've fixed an issue with sharepoint quota calculations and alerts.
- We now detect is anonymized data is enabled, and report on it directly in the table so users can enable the standard to disable this(that's a weird sentence!)
- We've added a new method of processing webhooks, cutting the processing time down by a lot.
- You can now view expired subscriptions under the license tab.
- We've added a warning to the edit user screen when Alternate Login ID should be used.
- So so much more!
Sponsors
We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/. and the MSP Net Friends(netfriends.com)
What's Changed
- Graph Explorer by @JohnDuprey in #2161
- Filters and reording of MFAreport by @kris6673 in #2162
- Tiny filter namechange by @kris6673 in #2163
- Dev to hotfix by @KelvinTegelaar in #2174
- Dev by @BNWEIN in #2177
- Graph Explorer Tweaks by @JohnDuprey in #2180
- Added custom thresholds for SharePoint and Mailbox Quota alerts by @BNWEIN in #2178
- Table fixes by @JohnDuprey in #2181
- More omit checks by @JohnDuprey in #2182
- Devices Bulk Actions by @JohnDuprey in #2195
- Refactor CIPP Settings by @k-grube in #2208
- Made a start on adding "New User" attributes in "User Settings" by @BNWEIN in #2187
- Pending Webhooks by @JohnDuprey in #2213
- UI tweaks by @JohnDuprey in #2215
- More UI Tweaks by @JohnDuprey in #2216
- Graph Explorer - Org Branding preset by @JohnDuprey in #2217
- Dev to release by @KelvinTegelaar in #2218
Full Changelog: v5.2.0...v5.3.0