Skip to content

Commit

Permalink
Merge branch 'KelvinTegelaar:main' into main
Browse files Browse the repository at this point in the history
  • Loading branch information
@johnsalle
johnsalle committed May 25, 2023
2 parents c52f2b7 + bc59a45 commit b4077c6
Show file tree
Hide file tree
Showing 70 changed files with 2,953 additions and 1,016 deletions.
7 changes: 6 additions & 1 deletion .github/ISSUE_TEMPLATE/bug.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,12 @@ body:
attributes:
label: Environment data
description: >
Please let us know your environment information - e.g. hosted version, Azure, local Dev version.
Please let us know your environment information. This must follow this format or the ticket will be closed:
Sponsored / Non-sponsored instance
Front end version number:
Back end version number:
Tried Tenant Cache Clear: true/false
Tried Token Cache Clear: true/false
render: PowerShell
validations:
required: true
2 changes: 1 addition & 1 deletion .github/workflows/Comment_on_Issues.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
with:
issue-number: ${{ github.event.issue.number }}
body: |
Thank you for creating a bug. Please make sure your bug is indeed a unique case by checking current and past issues, and reading the complete documentation at https://kelvintegelaar.github.io/CIPP
Thank you for creating a bug. Please make sure your bug is indeed a unique case by checking current and past issues, and reading the complete documentation at https://docs.cipp.app/
If your bug is a known documentation issue, it will be closed without notice by a contributor. To confirm that this is not a bug found in the documentation, please copy and paste the following comment: "I confirm that I have checked the documentation thoroughly and believe this to be an actual bug.".
Without confirming, your report will be closed in 24 hours. If you'd like this bug to be assigned to you, please comment "I would like to work on this please!".
Expand Down
7 changes: 7 additions & 0 deletions .vscode/launch.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,13 @@
{
"version": "0.2.0",
"configurations": [
{
"name": "PowerShell: Execute current file",
"type": "PowerShell",
"request": "launch",
"script": "${file}",
"cwd": "${file}"
},
{
"command": "npm run start-api",
"name": "Run emulator",
Expand Down
153 changes: 1 addition & 152 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,22 +1,10 @@
![CyberDrain Light](github_assets/img/CIPP.png#gh-dark-mode-only)
![CyberDrain Dark](github_assets/img/CIPP-Light.png#gh-light-mode-only)

<hr>

[![GitHub Latest Release](https://img.shields.io/github/v/release/KelvinTegelaar/CIPP?label=Latest%20Release&style=for-the-badge)](https://github.com/KelvinTegelaar/CIPP/releases)
![CodeQL Security Analysis Status](https://img.shields.io/github/workflow/status/KelvinTegelaar/CIPP/CodeQL?label=CodeQL%20Security&style=for-the-badge)
[![GitHub Enhancement Requests](https://img.shields.io/github/issues/KelvinTegelaar/CIPP/enhancement?label=Enhancement%20Requests&style=for-the-badge)](https://github.com/KelvinTegelaar/CIPP/issues?q=is%3Aopen+is%3Aissue+label%3Aenhancement)
[![GitHub Bugs](https://img.shields.io/github/issues/KelvinTegelaar/CIPP/bug?label=Bugs&style=for-the-badge)](https://github.com/KelvinTegelaar/CIPP/issues?q=is%3Aopen+is%3Aissue+label%3Aenhancement+label%3Abug)
[![Discord](https://img.shields.io/discord/905453405936447518?label=Discord&style=for-the-badge)](https://discord.com/invite/cyberdrain)
[![GitHub Sponsors](https://img.shields.io/github/sponsors/KelvinTegelaar?label=Public%20Sponsors&style=for-the-badge)](https://github.com/sponsors/KelvinTegelaar)

<hr>

<center><h1>Sponsored by</h1></center>
<p align="center">

![OIT](github_assets/img/oitpsonsor_light.png)&nbsp;&nbsp;&nbsp;&nbsp;
![Genuine Technology Services](github_assets/img/Genuine-logo-vertical-light.png)&nbsp;&nbsp;&nbsp;&nbsp;
![Immybot](github_assets/img/Immybot.png)&nbsp;&nbsp;&nbsp;&nbsp;
![NinjaOne](github_assets/img/NinjaOne-Light.png#gh-dark-mode-only)
![NinjaOne](github_assets/img/NinjaOne-Dark.png#gh-light-mode-only)&nbsp;&nbsp;&nbsp;&nbsp;
Expand All @@ -31,143 +19,4 @@ The CyberDrain Improved Partner Portal is a portal to help manage administration

This project is a way to help you with administration, with user management, and deploying your own preferred standards. It's not a replacement for security tools, or a way to cut costs on specific subscriptions. The tool should assist you in removing the gripes with standard partner management and save you several hours per engineer per month.

# Deployment and Getting Started

If you want to self-host, check out the installation manual [here](https://cipp.app/GettingStarted/Installation/). You will need some knowledge of Static Web Apps, Azure Functions, and Azure Keyvault

# Why are you making this?

I'm kind of done waiting for vendors to catch up to what we actually need. All RMM vendors are dramaticaly slow adopting cloud management. Microsoft themselves don't understand the Managed services markets, there are vendors that have tried jumping into the gap but either have unreasonable fees, weird constructions, require Global Admins without MFA, or just don't innovate at a pace that is required of cloud services right now.

I'm also annoyed the untransparent behaviour that many companies in our market are showing. Most are claiming that working with the Microsoft Partner APIs is difficult, and requires a very heavy development team. I'm a guy that had no webdesign knowledge before this and created the first release of this app in 3 weekends. Vendors that claim high difficulty or issues with integration are simply not giving this _any_ priority.

I was recently on a call with one of my friends and he said he was changing the world. That insipred me to change the world just a little bit too. :) I'm hoping that this is one of the tools that make you smile.

# What's the pricing?

This project is **FREE** but we do have a **Sponsorware** component. The sponsorware structure for this project is pretty simple; the code is available to everyone and free to use. You will need some technical know-how to put it all together. Sponsors receive the following benefits

### For users of the project that sponsor:

- The project will be hosted for you.
- The hosted version will always be the latest release and automatically updated.
- You'll also receive a staging environment with the latest (nightly/beta) build, to see new features before anyone else.
- You will receive priority on support issues reported on GitHub.
- You will be able to make 1 priortized feature request per month.

Sponsorship allows me to sink some more time into this project and keep it free, so please consider it. :)

### For company sponsors, depending on sponsor level you can get the following benefits;

- Your company logo will be featured on this readme page at the top.
- Your company logo will be featured on https://cyberdrain.com
- A small version of your company logo with a link to your homepage will be on the footer, each user will see this on each page.

# How does it look?!

Check out the GIFs below to see how some of the workflows work.

<kbd><a href="github_assets/screenshots/AssignLicense.gif"><img border="1" src="github_assets/screenshots/AssignLicense.gif" width="250"/></a></kbd>
<kbd><a href="github_assets/screenshots/OffboardUser.gif"><img border="1" src="github_assets/screenshots/OffboardUser.gif" width="250"/></a></kbd>
<kbd><a href="github_assets/screenshots/SetStandard.gif"><img border="1" src="github_assets/screenshots/SetStandard.gif" width="250"/></a></kbd>

<kbd><a href="github_assets/screenshots/IntunePolicyEngine.gif"><img border="1" src="github_assets/screenshots/IntunePolicyEngine.gif" width="250"/></a></kbd>
<kbd><a href="github_assets/screenshots/MyChocoApp.gif"><img border="1" src="github_assets/screenshots/MyChocoApp.gif" width="250"/></a></kbd>
<kbd><a href="github_assets/screenshots/Teams.gif"><img border="1" src="github_assets/screenshots/Teams.gif" width="250"/></a></kbd>

# What is the functionality?

The current build functionality is described below, also check out our Changelog in the documentation folder, as the tool has a very rapid development schedule the list below might be out of date.

## Identity Management

- Manage M365 users
- List users, email addreses, and licenses.
- View & Edit user settings
- Research if user has been compromised
- Send user an MFA push to confirm their identity
- Convert a user to a shared mailbox
- Block signin, reset passwords
- Delete users
- Manage M365 groups
- List all M365 groups, group types, and e-mail addresses.
- Edit members and group owners
- Offboard users via an easy wizard
- Remove user licenses
- Convert user to shared mailbox
- Disable user sign-in
- Reset user password
- Remove user from all groups
- Hide user from address list
- Set Out of Office
- Give other user access to mailbox, and OneDrive

## Tenants

- Manage M365 tenants
- List all tenants and quick-links to the most user portals using delegated access.
- Edit Partner tenant names and default domain for your CSP partner environment
- List tenant conditional access policies
- Apply standard configuration to tenant on a repeat schedule.
- Execute a best practice analysis daily and report on best practice settings
- Analyse current domains, and domains outside of M365 for optimal security settings
- List alerts for tenants

## Endpoint Management

- Applications
- List all applications in tenants
- List installation status of a specific application per device
- Add Office Apps to multiple tenants
- Add/Remove Chocolatey Apps to multiple tenants
- Assign Apps to All Devices or All Users
- Report on installation status
- Autopilot
- Manage and create autopilot devices, profiles, status pages.
- Intune
- List Intune policies
- Apply Intune Policies
- Add Intune Policy Templates to deploy over multiple tenants

## Teams & SharePoint

- List OneDrive, Teams, and SharePoint usage
- View current Teams, installed applications, Team owners, members, and channels
- Add and edit Teams, members, owners and apps.
- Tenant Alerting

## Exchange

- View mailboxes and contacts
- View user mobile devices
- Convert mailboxes to shared or user mailboxes
- Report mailbox statistics, client access settings
- Perform message traces
- Change and view phishing policies.

## Application settings

- Use multiple user levels (readonly, editor, admin) to manage access
- Allow excluding of tenants
- Send automated alert emails to webhook or e-mail

# Security

Authentication is handled by Azure AD using static web apps security. This means the API is only reachable for authenticated users you've invited. For most of the security info related to that check out our staticwebapp.config.json and/or the doc pages on static web apps. Do you see something that might be a security risk, even the smallest? report it and we will handle it asap. Check out our security reporting options [here](https://github.com/KelvinTegelaar/CIPP/security)

# Contributions

Feel free to send pull requests or fill out issues when you encounter them, sponsors get a priority on issues and bugs. I'm also completely open to adding direct maintainers/contributors and working together.

If you decide to contribute; remember that keeping the portal fast is a key component. CIPP is supposed to go brrrrr, any improvements that help with speed are welcomed.

## Special thanks

I'd like to give special thanks to the people that made this project possible;

- [Kyle Hanslovan](https://huntress.com)
- [Ray Orsini](https://oit.co)
- The Team at [MSP.zone/MSP'R'Us](https://msp.zone)
- Gavin Stone at [MSPGeek](https://mspgeek.org)
- MSP2.0 for helping with some visual input.
- Scott, Chris, Jon, and others that helped me with some of the internals of the app.
for more information, we recommend checking out our website [here](https://cipp.app)
16 changes: 0 additions & 16 deletions deployment/AzureDeploymentTemplate.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,18 +115,6 @@
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('uniqueResourceNameBase'))]"
]
},
{
"type": "secrets",
"name": "exchangerefreshtoken",
"apiVersion": "2015-06-01",
"properties": {
"contentType": "text/plain",
"value": "ExchangeRefreshToken"
},
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('uniqueResourceNameBase'))]"
]
}
],
"dependsOn": ["[resourceId('Microsoft.Web/sites', variables('funcAppName'))]"]
Expand Down Expand Up @@ -178,10 +166,6 @@
"name": "RefreshToken",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/RefreshToken)')]"
},
{
"name": "ExchangeRefreshtoken",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/ExchangeRefreshToken)')]"
},
{
"name": "TenantID",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/tenantid)')]"
Expand Down
16 changes: 0 additions & 16 deletions deployment/AzureDeploymentTemplate_regionoptions.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,18 +115,6 @@
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('uniqueResourceNameBase'))]"
]
},
{
"type": "secrets",
"name": "exchangerefreshtoken",
"apiVersion": "2015-06-01",
"properties": {
"contentType": "text/plain",
"value": "ExchangeRefreshToken"
},
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('uniqueResourceNameBase'))]"
]
}
],
"dependsOn": ["[resourceId('Microsoft.Web/sites', variables('funcAppName'))]"]
Expand Down Expand Up @@ -178,10 +166,6 @@
"name": "RefreshToken",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/RefreshToken)')]"
},
{
"name": "ExchangeRefreshtoken",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/ExchangeRefreshToken)')]"
},
{
"name": "TenantID",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/tenantid)')]"
Expand Down
23 changes: 0 additions & 23 deletions deployment/DevAzureDeploymentTemplate.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,13 +37,6 @@
"description": "The Refresh token for your Secure Application Model."
}
},
"ExchangeRefreshToken": {
"defaultValue": "LongRefreshtoken",
"type": "string",
"metadata": {
"description": "The Exchange Refresh token for your Secure Application Model."
}
},
"GithubRepository": {
"defaultValue": "https://github.com/KelvinTegelaar/CIPP",
"type": "string",
Expand Down Expand Up @@ -150,18 +143,6 @@
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('uniqueResourceNameBase'))]"
]
},
{
"type": "secrets",
"name": "exchangerefreshtoken",
"apiVersion": "2015-06-01",
"properties": {
"contentType": "text/plain",
"value": "[parameters('exchangerefreshtoken')]"
},
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('uniqueResourceNameBase'))]"
]
}
],
"dependsOn": ["[resourceId('Microsoft.Web/sites', variables('funcAppName'))]"]
Expand Down Expand Up @@ -213,10 +194,6 @@
"name": "RefreshToken",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/RefreshToken)')]"
},
{
"name": "ExchangeRefreshtoken",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/ExchangeRefreshToken)')]"
},
{
"name": "TenantID",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/tenantid)')]"
Expand Down
23 changes: 0 additions & 23 deletions deployment/DevAzureDeploymentTemplate_regionoptions.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,13 +37,6 @@
"description": "The Refresh token for your Secure Application Model."
}
},
"ExchangeRefreshToken": {
"defaultValue": "LongRefreshtoken",
"type": "string",
"metadata": {
"description": "The Exchange Refresh token for your Secure Application Model."
}
},
"GithubRepository": {
"defaultValue": "https://github.com/KelvinTegelaar/CIPP",
"type": "string",
Expand Down Expand Up @@ -150,18 +143,6 @@
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('uniqueResourceNameBase'))]"
]
},
{
"type": "secrets",
"name": "exchangerefreshtoken",
"apiVersion": "2015-06-01",
"properties": {
"contentType": "text/plain",
"value": "[parameters('exchangerefreshtoken')]"
},
"dependsOn": [
"[resourceId('Microsoft.KeyVault/vaults', variables('uniqueResourceNameBase'))]"
]
}
],
"dependsOn": ["[resourceId('Microsoft.Web/sites', variables('funcAppName'))]"]
Expand Down Expand Up @@ -213,10 +194,6 @@
"name": "RefreshToken",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/RefreshToken)')]"
},
{
"name": "ExchangeRefreshtoken",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/ExchangeRefreshToken)')]"
},
{
"name": "TenantID",
"value": "[concat('@Microsoft.KeyVault(SecretUri=https://',variables('uniqueResourceNameBase'), '.vault.azure.net/secrets/tenantid)')]"
Expand Down
Loading

0 comments on commit b4077c6

Please sign in to comment.