Merge branch 'Dev' into fix/microsoft#4596-AADGroup-AssignedToRole

CHANGELOG.md

@@ -1,6 +1,6 @@
 # Change log for Microsoft365DSC
 
-# UNRELEASED
+# 1.24.424.1
 
 * EXORecipientPermission
   * Ensures we only return 1 Trustee per entry.
@@ -9,6 +9,8 @@
 * IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10
   * Fixed a comparison issue when Defender for Endpoint is connected to Intune and the
     onboarding blob is generated by the Defender for Endpoint service.
+* IntuneDeviceConfigurationPolicyMacOS
+  * Fixed an issue where the update policy setting was not handled properly.
 * MISC
   * Added support for AccessTokens in EXO resources.
   * Updated MSCloudLoginAssistant dependencies to version 1.1.16.

Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1

@@ -779,6 +779,10 @@ function Set-TargetResource
     {
         $PSBoundParameters.UpdateDelayPolicy = $UpdateDelayPolicy -join ','
     }
+    else 
+    {
+        $PSBoundParameters.UpdateDelayPolicy = 'none'
+    }
 
     if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent')
     {
@@ -813,7 +817,8 @@ function Set-TargetResource
         {
             $CreateParameters.add('AdditionalProperties', $AdditionalProperties)
         }#>
-        $CreateParameters.add('@odata.type','#microsoft.graph.macOSGeneralDeviceConfiguration')
+        $CreateParameters.Add('@odata.type','#microsoft.graph.macOSGeneralDeviceConfiguration')
+
         #region resource generator code
         $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters
         $assignmentsHash = @()

Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleDefinition/MSFT_IntuneRoleDefinition.psm1

@@ -499,8 +499,7 @@ function Export-TargetResource
 
         if (-not $getValue)
         {
-            [array]$getValue = Get-MgBetaDeviceManagementRoleDefinition
-            -ErrorAction Stop
+            [array]$getValue = Get-MgBetaDeviceManagementRoleDefinition -All -ErrorAction Stop
         }
         $i = 1
         $dscContent = ''

Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.psm1

@@ -513,7 +513,9 @@ function Export-TargetResource
     try
     {
         #region resource generator code
-        [array]$getValue = Get-MgBetaDeviceManagementWindowsFeatureUpdateProfile -Filter $Filter -All -ErrorAction Stop
+        # Filter not supported on this resource
+        # [array]$getValue = Get-MgBetaDeviceManagementWindowsFeatureUpdateProfile -Filter $Filter -All -ErrorAction Stop
+        [array]$getValue = Get-MgBetaDeviceManagementWindowsFeatureUpdateProfile -All -ErrorAction Stop
         #endregion
 
         $i = 1

Modules/Microsoft365DSC/Microsoft365DSC.psd1

@@ -3,15 +3,15 @@
 #
 # Generated by: Microsoft Corporation
 #
-# Generated on: 2024-04-03
+# Generated on: 2024-04-24
 
 @{
 
   # Script module or binary module file associated with this manifest.
   # RootModule = ''
 
   # Version number of this module.
-  ModuleVersion     = '1.24.417.1'
+  ModuleVersion     = '1.24.424.1'
 
   # Supported PSEditions
   # CompatiblePSEditions = @()
@@ -142,42 +142,19 @@
       IconUri      = 'https://github.com/microsoft/Microsoft365DSC/blob/Dev/Modules/Microsoft365DSC/Dependencies/Images/Logo.png?raw=true'
 
       # ReleaseNotes of this module
-      ReleaseNotes = '* AADAdministrativeUnit
-      * Fixed an issue when assigning a directory role which is not yet enabled.
-      * Fixed a potential issue if the total directory roles increases in future.
-    * AADConditionalAccessPolicy
-      * Fixed a potential issue if the total directory roles increases in future.
-    * AADGroup
-      * Fixed a potential issue if the total directory roles increases in future.
-    * AADAdministrativeUnit, AADApplication,
-      AADEntitlementManagementConnectedOrganization, AADGroup, AADUser
-      * Replace old cmdlet and deprecated Remove-Mg\*ByRef with equivalent
-        Remove-Mg\*DirectoryObjectByRef which is available in Graph 2.17.0
-    * AADRoleEligibilitySecheduleRquest
-      * Cleaned Export logic.
-    * EXOActiveSyncDeviceAccessRule
-      * Retrieve instance by Identity if not found by characteristic.
-    * EXOMailboxSettings
-      * Simplifyied the Setlogic and removed Timezone validation to remove checks
-        to regstry key which caused issues in Linux.
-    * M365DSCRuleEvaluation
-      * Changed logic to retrieve resource information.
-    * SCRoleGroup
-      * Initial Release.
-    * SCRoleGroupMember
-      * Initial Release.
-    * SPOTenantSettings
-      * Add property TenantDefaultTimezone
-        Implements [#4189](https://github.com/microsoft/Microsoft365DSC/issues/4189)
-    * DEPENDENCIES
-      * Updated Microsoft.Graph dependencies to version 2.17.0.
-      * Updated MSCloudLoginAssistant dependencies to version 1.1.15.
-      * Updated MicrosoftTeams to version 6.1.0.
+      ReleaseNotes = '* EXORecipientPermission
+      * Ensures we only return 1 Trustee per entry.
+    * EXOManagementRoleAssignment
+      * Removed logic to use Graph for Adminitrative Unit.
+    * IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10
+      * Fixed a comparison issue when Defender for Endpoint is connected to Intune and the
+        onboarding blob is generated by the Defender for Endpoint service.
+    * IntuneDeviceConfigurationPolicyMacOS
+      * Fixed an issue where the update policy setting was not handled properly.
     * MISC
-      * Provided the ability to force reload the EXO or SC modules to prevent
-        calling the wrong cmdlet where the same names are defined (e.g. Get-RoleGroup).
-      * Telemetry
-        * Get operating system using faster method to speed up telemetry calls.'
+      * Added support for AccessTokens in EXO resources.
+      * Updated MSCloudLoginAssistant dependencies to version 1.1.16.
+      * Added Filter support to Intune resources.'
 
       # Flag to indicate whether the module requires explicit user acceptance for install/update
       # RequireLicenseAcceptance = $false

docs/docs/user-guide/get-started/authentication-and-permissions.md

@@ -19,19 +19,19 @@ Currently, each Microsoft 365 workload can support a different combination of au
 
 The following table provides an overview of what authentication methods are supported by which workload and what underlying module is being used to authenticate:
 
-| Workload | PowerShell Module | Credential | Service Principal | | | Managed Identity |
-| --       | --                | -- | -- | -- | -- | -- |
+| Workload | PowerShell Module | Credential | Service Principal | | | Managed Identity | Access Tokens |
+| --       | --                | -- | -- | -- | -- | -- | -- |
 |          |                   |    | **Certificate Thumbprint** | **Certificate Path** | **Application Secret** |
-| *AzureAD** | Microsoft.Graph.Authentication<br /> (Connect-MgGraph) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) |
-| *Exchange Online* | ExchangeOnlineManagement<br /> (Connect-ExchangeOnline) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/check.png) |
-| *Intune** | Microsoft.Graph.Authentication<br /> (Connect-MgGraph) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) |
-| *Office 365** | Microsoft.Graph.Authentication<br /> (Connect-MgGraph) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) |
-| *OneDrive* | PnP.PowerShell (Connect-PnPOnline) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) |
-| *Power Apps* | Microsoft.PowerApps.<br />Administration.PowerShell | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) |
-| *Planner** | Microsoft.Graph.Authentication<br /> (Connect-MgGraph) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) |
-| *Security & Compliance Center* | ExchangeOnlineManagement<br /> (Connect-IPPSSession) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/cross.png) |
-| *SharePoint Online* | PnP.PowerShell<br /> (Connect-PnPOnline) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) |
-| *Teams* | MicrosoftTeams<br /> (Connect-MicrosoftTeams) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) |
+| *AzureAD** | Microsoft.Graph.Authentication<br /> (Connect-MgGraph) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) |
+| *Exchange Online* | ExchangeOnlineManagement<br /> (Connect-ExchangeOnline) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/check.png) | ![Check](../../Images/check.png) |
+| *Intune** | Microsoft.Graph.Authentication<br /> (Connect-MgGraph) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) | ![Cross](../../Images/cross.png) |
+| *Office 365** | Microsoft.Graph.Authentication<br /> (Connect-MgGraph) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) |
+| *OneDrive* | PnP.PowerShell (Connect-PnPOnline) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) | ![Cross](../../Images/cross.png) |
+| *Power Apps* | Microsoft.PowerApps.<br />Administration.PowerShell | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/cross.png) |
+| *Planner** | Microsoft.Graph.Authentication<br /> (Connect-MgGraph) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) | ![Cross](../../Images/cross.png) |
+| *Security & Compliance Center* | ExchangeOnlineManagement<br /> (Connect-IPPSSession) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/cross.png) |
+| *SharePoint Online* | PnP.PowerShell<br /> (Connect-PnPOnline) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) | ![Cross](../../Images/cross.png) |
+| *Teams* | MicrosoftTeams<br /> (Connect-MicrosoftTeams) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) |
 
 > ![Check](../../Images/check.png) = Supported / ![Cross](../../Images/cross.png) = Not supported