diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppCertificateExpiry.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppCertificateExpiry.ps1 new file mode 100644 index 000000000000..6e9b3bbf387f --- /dev/null +++ b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppCertificateExpiry.ps1 @@ -0,0 +1,33 @@ +function Get-CIPPAlertAppCertificateExpiry { + <# + .FUNCTIONALITY + Entrypoint + #> + [CmdletBinding()] + Param ( + [Parameter(Mandatory = $false)] + [Alias('input')] + $InputValue, + $TenantFilter + ) + + try { + Write-Host "Checking app expire for $($TenantFilter)" + $appList = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/applications?`$select=appId,displayName,keyCredentials" -tenantid $TenantFilter + } catch { + return + } + + $AlertData = foreach ($App in $applist) { + Write-Host "checking $($App.displayName)" + if ($App.keyCredentials) { + foreach ($Credential in $App.keyCredentials) { + if ($Credential.endDateTime -lt (Get-Date).AddDays(30) -and $Credential.endDateTime -gt (Get-Date).AddDays(-7)) { + Write-Host ("Application '{0}' has certificates expiring on {1}" -f $App.displayName, $Credential.endDateTime) + @{ DisplayName = $App.displayName; Expires = $Credential.endDateTime } + } + } + } + } + Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData +} diff --git a/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppleTerms.ps1 b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppleTerms.ps1 new file mode 100644 index 000000000000..3a1d0d6160c4 --- /dev/null +++ b/Modules/CIPPCore/Public/Alerts/Get-CIPPAlertAppleTerms.ps1 @@ -0,0 +1,30 @@ +function Get-CIPPAlertAppleTerms { + <# + .FUNCTIONALITY + Entrypoint + #> + [CmdletBinding()] + Param ( + [Parameter(Mandatory = $false)] + [Alias('input')] + $InputValue, + $TenantFilter + ) + + # 0 = Expired + # 1 = expired? + # 2 = unknown + # 3 = Terms & Conditions + # 4 = Warning + + try { + $appleterms = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/depOnboardingSettings" -tenantid $TenantFilter + } catch { + return + } + + if ($appleterms.lastSyncErrorCode -eq 3) { + $AlertData = "New Apple Business Manager terms are ready to accept." + Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData + } +} diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 index b5cb9286edc5..4276b516c810 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1 @@ -26,7 +26,15 @@ function Push-AuditLogTenant { } $CIPPURL = $LegacyUrl } else { - $CIPPURL = 'https://{0}' -f $CippConfig.Value + if (!$CippConfig) { + $CippConfig = @{ + PartitionKey = 'InstanceProperties' + RowKey = 'CIPPURL' + Value = [string]([System.Uri]$Request.Headers.'x-ms-original-url').Host + } + Add-AzDataTableEntity @ConfigTable -Entity $CippConfig -Force + $CIPPURL = 'https://{0}' -f $CippConfig.Value + } else { $CIPPURL = 'https://{0}' -f $CippConfig.Value } } # Get webhook rules diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroupTemplate.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroupTemplate.ps1 index 6574633a16c7..ba41d2e6ed0d 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroupTemplate.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroupTemplate.ps1 @@ -20,7 +20,7 @@ Function Invoke-AddGroupTemplate { Displayname = $request.body.displayname Description = $request.body.description groupType = $request.body.groupType - MembershipRules = $request.body.membershipRule + MembershipRules = $request.body.membershipRules allowExternal = $request.body.allowExternal username = $request.body.username GUID = $GUID diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ExecNamedLocation.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ExecNamedLocation.ps1 index e1961e25313e..833586fb2298 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ExecNamedLocation.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Conditional/Invoke-ExecNamedLocation.ps1 @@ -17,10 +17,10 @@ Function Invoke-ExecNamedLocation { # Write to the Azure Functions log stream. Write-Host 'PowerShell HTTP trigger function processed a request.' - $TenantFilter = $Request.Body.TenantFilter - $NamedLocationId = $Request.Body.NamedLocationId - $change = $Request.Body.change - $content = $Request.Body.input + $TenantFilter = $Request.Body.TenantFilter ?? $Request.Query.TenantFilter + $NamedLocationId = $Request.Body.NamedLocationId ?? $Request.Query.NamedLocationId + $change = $Request.Body.change ?? $Request.Query.change + $content = $Request.Body.input ?? $Request.Query.input try { $results = Set-CIPPNamedLocation -NamedLocationId $NamedLocationId -TenantFilter $TenantFilter -change $change -content $content -ExecutingUser $request.headers.'x-ms-client-principal' diff --git a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 index d12385260fb4..961df76c6ac6 100644 --- a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 +++ b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 @@ -35,21 +35,21 @@ function Invoke-CIPPOffboardingJob { Set-CIPPSignInState -TenantFilter $tenantFilter -userid $username -AccountEnabled $false -ExecutingUser $ExecutingUser -APIName $APIName } - { $_.'OnedriveAccess' -ne '' } { + { $_.'OnedriveAccess' } { $Options.OnedriveAccess | ForEach-Object { Set-CIPPSharePointPerms -tenantFilter $tenantFilter -userid $username -OnedriveAccessUser $_.value -ExecutingUser $ExecutingUser -APIName $APIName } } - { $_.'AccessNoAutomap' -ne '' } { + { $_.'AccessNoAutomap' } { $Options.AccessNoAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $tenantFilter -userid $username -AccessUser $_.value -Automap $false -AccessRights @('FullAccess') -ExecutingUser $ExecutingUser -APIName $APIName } } - { $_.'AccessAutomap' -ne '' } { + { $_.'AccessAutomap' } { $Options.AccessAutomap | ForEach-Object { Set-CIPPMailboxAccess -tenantFilter $tenantFilter -userid $username -AccessUser $_.value -Automap $true -AccessRights @('FullAccess') -ExecutingUser $ExecutingUser -APIName $APIName } } - { $_.'OOO' -ne '' } { + { $_.'OOO' } { Set-CIPPOutOfOffice -tenantFilter $tenantFilter -userid $username -InternalMessage $Options.OOO -ExternalMessage $Options.OOO -ExecutingUser $ExecutingUser -APIName $APIName -state 'Enabled' } - { $_.'forward' -ne '' } { + { $_.'forward' } { if (!$Options.keepCopy) { Set-CIPPForwarding -userid $userid -username $username -tenantFilter $Tenantfilter -Forward $Options.forward.value -ExecutingUser $ExecutingUser -APIName $APIName } else { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1 index a67b9132dedb..dd859ddc4738 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1 @@ -33,6 +33,7 @@ function Invoke-CIPPStandardcalDefault { ##$Rerun -Type Standard -Tenant $Tenant -Settings $Settings 'calDefault' # Input validation + $Settings.permissionlevel = $Settings.permissionlevel.value ? $Settings.permissionlevel.value : $Settings.permissionlevel if ([string]::IsNullOrWhiteSpace($Settings.permissionlevel) -or $Settings.permissionlevel -eq 'Select a value') { Write-LogMessage -API 'Standards' -tenant $tenant -message 'calDefault: Invalid permissionlevel parameter set' -sev Error Return diff --git a/version_latest.txt b/version_latest.txt index 4489f5a6df8f..2be8aeb6b143 100644 --- a/version_latest.txt +++ b/version_latest.txt @@ -1 +1 @@ -7.0.4 +7.0.5