Skip to content

Commit

Permalink
Merge branch 'KelvinTegelaar:master' into master
Browse files Browse the repository at this point in the history
  • Loading branch information
Parad0xMS authored Mar 11, 2024
2 parents 35a0777 + d8d17ea commit 4b116a8
Show file tree
Hide file tree
Showing 38 changed files with 330 additions and 182 deletions.
16 changes: 16 additions & 0 deletions CIPPActivityFunction/function.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"scriptFile": "../Modules/CippEntryPoints/CippEntryPoints.psm1",
"entryPoint": "Receive-CippActivityTrigger",
"bindings": [
{
"name": "Item",
"type": "activityTrigger",
"direction": "in"
},
{
"name": "starter",
"type": "durableClient",
"direction": "in"
}
]
}
11 changes: 11 additions & 0 deletions CIPPOrchestrator/function.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
{
"scriptFile": "../Modules/CippEntryPoints/CippEntryPoints.psm1",
"entryPoint": "Receive-CippOrchestrationTrigger",
"bindings": [
{
"name": "Context",
"type": "orchestrationTrigger",
"direction": "in"
}
]
}
2 changes: 2 additions & 0 deletions DomainAnalyser_All/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ $Result = [PSCustomObject]@{
DNSSECPresent = ''
MailProvider = ''
DKIMEnabled = ''
DKIMRecords = ''
Score = ''
MaximumScore = 160
ScorePercentage = ''
Expand Down Expand Up @@ -218,6 +219,7 @@ try {
if ($DkimRecordCount -gt 0 -and $DkimFailCount -eq 0) {
$Result.DKIMEnabled = $true
$ScoreDomain += $Scores.DKIMActiveAndWorking
$Result.DKIMRecords = $DkimRecord.Records | Select-Object Selector, Record
} else {
$Result.DKIMEnabled = $false
$ScoreExplanation.Add('DKIM Not Configured') | Out-Null
Expand Down
2 changes: 1 addition & 1 deletion ExecScheduledCommand/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ try {
if ($results -is [String]) {
$results = @{ Results = $results }
}
if ($results -is [array]) {
if ($results -is [array] -and $results[0] -is [string]) {
$results = $results | Where-Object { $_ -is [string] }
$results = $results | ForEach-Object { @{ Results = $_ } }
}
Expand Down
4 changes: 2 additions & 2 deletions Modules/CIPPCore/Public/Entrypoints/Invoke-AddAlert.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ Function Invoke-AddAlert {
MFAAlertUsers = [bool]$Request.body.MFAAlertUsers
NewGA = [bool]$Request.body.NewGA
NewRole = [bool]$Request.body.NewRole
QuotaUsed = [bool]$Request.body.QuotaUsed
QuotaUsed = [int]$Request.body.QuotaUsedQuota
UnusedLicenses = [bool]$Request.body.UnusedLicenses
OverusedLicenses = [bool]$Request.body.OverusedLicenses
AppSecretExpiry = [bool]$Request.body.AppSecretExpiry
Expand All @@ -41,7 +41,7 @@ Function Invoke-AddAlert {
DepTokenExpiry = [bool]$Request.body.DepTokenExpiry
NoCAConfig = [bool]$Request.body.NoCAConfig
SecDefaultsUpsell = [bool]$Request.body.SecDefaultsUpsell
SharePointQuota = [bool]$Request.body.SharePointQuota
SharePointQuota = [int]$Request.body.SharePointQuotaQuota
ExpiringLicenses = [bool]$Request.body.ExpiringLicenses
type = 'Alert'
RowKey = $TenantID
Expand Down
8 changes: 4 additions & 4 deletions Modules/CIPPCore/Public/Entrypoints/Invoke-AddExConnector.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,12 @@ Function Invoke-AddExConnector {
$Result = foreach ($Tenantfilter in $tenants) {
try {
$GraphRequest = New-ExoRequest -tenantid $Tenantfilter -cmdlet "New-$($ConnectorType)connector" -cmdParams $RequestParams
"Successfully created transport rule for $Tenantfilter."
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Tenantfilter -message "Created transport rule for $($Tenantfilter)" -sev 'Info'
"Successfully created Connector for $Tenantfilter."
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Tenantfilter -message "Created Connector for $($Tenantfilter)" -sev 'Info'
}
catch {
"Could not create created transport rule for $($Tenantfilter): $($_.Exception.message)"
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Tenantfilter -message "Could not create created transport rule for $($Tenantfilter): $($_.Exception.message)" -sev 'Error'
"Could not create created Connector for $($Tenantfilter): $($_.Exception.message)"
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $Tenantfilter -message "Could not create created Connector for $($Tenantfilter): $($_.Exception.message)" -sev 'Error'
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,16 @@ Function Invoke-ExecDeviceDelete {
# Interact with query parameters or the body of the request.


try {
try {
$url = "https://graph.microsoft.com/beta/devices/$($request.query.id)"
if ($Request.query.action -eq 'delete') {
$ActionResult = New-GraphPOSTRequest -uri $url -type DELETE -tenantid $Request.Query.TenantFilter
} else {
} elseif ($Request.query.action -eq 'disable') {
$ActionResult = New-GraphPOSTRequest -uri $url -type PATCH -tenantid $Request.Query.TenantFilter -body '{"accountEnabled": false }'
} elseif ($Request.query.action -eq 'enable') {
$ActionResult = New-GraphPOSTRequest -uri $url -type PATCH -tenantid $Request.Query.TenantFilter -body '{"accountEnabled": true }'
}
Write-Host $ActionResult
$body = [pscustomobject]@{'Results' = "Executed action $($Request.query.action) on $($Request.query.id)" }
} catch {
$body = [pscustomobject]@{'Results' = "Failed to queue action $($Request.query.action) on $($request.query.id): $($_.Exception.Message)" }
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,9 +40,14 @@ Function Invoke-ListUserSigninLogs {
@{ Name = 'FailureReason'; Expression = { $_.status.failureReason } },
@{ Name = 'FullDetails'; Expression = { $_ } }
# Associate values to output bindings by calling 'Push-OutputBinding'.
if ($GraphRequest.FullDetails -eq $null) {
$GraphRequest = $null
} else {
$GraphRequest = @($GraphRequest)
}
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = @($GraphRequest)
Body = $GraphRequest
})
} catch {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Failed to retrieve Sign In report: $($_.Exception.message) " -Sev 'Error' -tenant $TenantFilter
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,16 @@ function Push-CIPPAlertAdminPassword {
[CmdletBinding()]
param(
[Parameter(Mandatory = $true)]
[pscustomobject]$QueueItem,
$TriggerMetadata
[pscustomobject]$Item
)
try {
New-GraphGETRequest -uri "https://graph.microsoft.com/beta/roleManagement/directory/roleAssignments?`$filter=roleDefinitionId eq '62e90394-69f5-4237-9190-012177145e10'&`$expand=principal" -tenantid $($QueueItem.tenant) | Where-Object { ($_.principalOrganizationId -EQ $QueueItem.tenantid) -and ($_.principal.'@odata.type' -eq '#microsoft.graph.user') } | ForEach-Object {
$LastChanges = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/users/$($_.principalId)?`$select=UserPrincipalName,lastPasswordChangeDateTime" -tenant $($QueueItem.tenant)
New-GraphGETRequest -uri "https://graph.microsoft.com/beta/roleManagement/directory/roleAssignments?`$filter=roleDefinitionId eq '62e90394-69f5-4237-9190-012177145e10'&`$expand=principal" -tenantid $($Item.tenant) | Where-Object { ($_.principalOrganizationId -EQ $Item.tenantid) -and ($_.principal.'@odata.type' -eq '#microsoft.graph.user') } | ForEach-Object {
$LastChanges = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/users/$($_.principalId)?`$select=UserPrincipalName,lastPasswordChangeDateTime" -tenant $($Item.tenant)
if ($LastChanges.LastPasswordChangeDateTime -gt (Get-Date).AddDays(-1)) {
Write-AlertMessage -tenant $($QueueItem.tenant) -message "Admin password has been changed for $($LastChanges.UserPrincipalName) in last 24 hours"
Write-AlertMessage -tenant $($Item.tenant) -message "Admin password has been changed for $($LastChanges.UserPrincipalName) in last 24 hours"
}
}
} catch {
Write-AlertMessage -tenant $($QueueItem.tenant) -message "Could not get admin password changes for $($QueueItem.tenant): $(Get-NormalizedError -message $_.Exception.message)"
Write-AlertMessage -tenant $($Item.tenant) -message "Could not get admin password changes for $($Item.tenant): $(Get-NormalizedError -message $_.Exception.message)"
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -2,26 +2,25 @@ function Push-CIPPAlertApnCertExpiry {
[CmdletBinding()]
Param (
[Parameter(Mandatory = $true)]
$QueueItem,
$TriggerMetadata
$Item
)
$LastRunTable = Get-CIPPTable -Table AlertLastRun

try {
$Filter = "RowKey eq 'ApnCertExpiry' and PartitionKey eq '{0}'" -f $QueueItem.tenantid
$Filter = "RowKey eq 'ApnCertExpiry' and PartitionKey eq '{0}'" -f $Item.tenantid
$LastRun = Get-CIPPAzDataTableEntity @LastRunTable -Filter $Filter
$Yesterday = (Get-Date).AddDays(-1)
if (-not $LastRun.Timestamp.DateTime -or ($LastRun.Timestamp.DateTime -le $Yesterday)) {
try {
$Apn = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/applePushNotificationCertificate' -tenantid $QueueItem.tenant
$Apn = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/applePushNotificationCertificate' -tenantid $Item.tenant
if ($Apn.expirationDateTime -lt (Get-Date).AddDays(30) -and $Apn.expirationDateTime -gt (Get-Date).AddDays(-7)) {
Write-AlertMessage -tenant $($QueueItem.tenant) -message ('Intune: Apple Push Notification certificate for {0} is expiring on {1}' -f $Apn.appleIdentifier, $Apn.expirationDateTime)
Write-AlertMessage -tenant $($Item.tenant) -message ('Intune: Apple Push Notification certificate for {0} is expiring on {1}' -f $Apn.appleIdentifier, $Apn.expirationDateTime)
}
} catch {}
}
$LastRun = @{
RowKey = 'ApnCertExpiry'
PartitionKey = $QueueItem.tenantid
PartitionKey = $Item.tenantid
}
Add-CIPPAzDataTableEntity @LastRunTable -Entity $LastRun -Force
} catch {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,39 +2,38 @@ function Push-CIPPAlertAppSecretExpiry {
[CmdletBinding()]
Param (
[Parameter(Mandatory = $true)]
$QueueItem,
$TriggerMetadata
$Item
)
$LastRunTable = Get-CIPPTable -Table AlertLastRun


try {
$Filter = "RowKey eq 'AppSecretExpiry' and PartitionKey eq '{0}'" -f $QueueItem.tenantid
$Filter = "RowKey eq 'AppSecretExpiry' and PartitionKey eq '{0}'" -f $Item.tenantid
$LastRun = Get-CIPPAzDataTableEntity @LastRunTable -Filter $Filter
$Yesterday = (Get-Date).AddDays(-1)
if (-not $LastRun.Timestamp.DateTime -or ($LastRun.Timestamp.DateTime -le $Yesterday)) {
Write-Host "Checking app expire for $($QueueItem.tenant)"
New-GraphGetRequest -uri "https://graph.microsoft.com/beta/applications?`$select=appId,displayName,passwordCredentials" -tenantid $QueueItem.tenant | ForEach-Object {
Write-Host "Checking app expire for $($Item.tenant)"
New-GraphGetRequest -uri "https://graph.microsoft.com/beta/applications?`$select=appId,displayName,passwordCredentials" -tenantid $Item.tenant | ForEach-Object {
foreach ($App in $_) {
Write-Host "checking $($App.displayName)"
if ($App.passwordCredentials) {
foreach ($Credential in $App.passwordCredentials) {
if ($Credential.endDateTime -lt (Get-Date).AddDays(30) -and $Credential.endDateTime -gt (Get-Date).AddDays(-7)) {
Write-Host ("Application '{0}' has secrets expiring on {1}" -f $App.displayName, $Credential.endDateTime)
Write-AlertMessage -tenant $($QueueItem.tenant) -message ("Application '{0}' has secrets expiring on {1}" -f $App.displayName, $Credential.endDateTime)
Write-AlertMessage -tenant $($Item.tenant) -message ("Application '{0}' has secrets expiring on {1}" -f $App.displayName, $Credential.endDateTime)
}
}
}
}
}
$LastRun = @{
RowKey = 'AppSecretExpiry'
PartitionKey = $QueueItem.tenantid
PartitionKey = $Item.tenantid
}
Add-CIPPAzDataTableEntity @LastRunTable -Entity $LastRun -Force
}
} catch {

}
}

Original file line number Diff line number Diff line change
Expand Up @@ -3,14 +3,13 @@ function Push-CIPPAlertDefenderMalware {
[CmdletBinding()]
param(
[Parameter(Mandatory = $true)]
$QueueItem,
$TriggerMetadata
$Item
)
try {
New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/managedTenants/windowsDeviceMalwareStates?`$top=999&`$filter=tenantId eq '$($QueueItem.tenantid)'" | Where-Object { $_.malwareThreatState -eq 'Active' } | ForEach-Object {
Write-AlertMessage -tenant $($QueueItem.tenant) -message "$($_.managedDeviceName): Malware found and active. Severity: $($_.MalwareSeverity). Malware name: $($_.MalwareDisplayName)"
New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/managedTenants/windowsDeviceMalwareStates?`$top=999&`$filter=tenantId eq '$($Item.tenantid)'" | Where-Object { $_.malwareThreatState -eq 'Active' } | ForEach-Object {
Write-AlertMessage -tenant $($Item.tenant) -message "$($_.managedDeviceName): Malware found and active. Severity: $($_.MalwareSeverity). Malware name: $($_.MalwareDisplayName)"
}
} catch {
Write-AlertMessage -tenant $($QueueItem.tenant) -message "Could not get malware data for $($QueueItem.tenant): $(Get-NormalizedError -message $_.Exception.message)"
Write-AlertMessage -tenant $($Item.tenant) -message "Could not get malware data for $($Item.tenant): $(Get-NormalizedError -message $_.Exception.message)"
}
}
Original file line number Diff line number Diff line change
@@ -1,16 +1,14 @@

function Push-CIPPAlertDefenderStatus {
[CmdletBinding()]
param(
[Parameter(Mandatory = $true)]
$QueueItem,
$TriggerMetadata
$Item
)
try {
New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/managedTenants/windowsProtectionStates?`$top=999&`$filter=tenantId eq '$($QueueItem.tenantid)'" | Where-Object { $_.realTimeProtectionEnabled -eq $false -or $_.MalwareprotectionEnabled -eq $false } | ForEach-Object {
Write-AlertMessage -tenant $($QueueItem.tenant) -message "$($_.managedDeviceName) - Real Time Protection: $($_.realTimeProtectionEnabled) & Malware Protection: $($_.MalwareprotectionEnabled)"
New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/managedTenants/windowsProtectionStates?`$top=999&`$filter=tenantId eq '$($Item.tenantid)'" | Where-Object { $_.realTimeProtectionEnabled -eq $false -or $_.MalwareprotectionEnabled -eq $false } | ForEach-Object {
Write-AlertMessage -tenant $($Item.tenant) -message "$($_.managedDeviceName) - Real Time Protection: $($_.realTimeProtectionEnabled) & Malware Protection: $($_.MalwareprotectionEnabled)"
}
} catch {
Write-AlertMessage -tenant $($QueueItem.tenant) -message "Could not get defender status for $($QueueItem.tenant): $(Get-NormalizedError -message $_.Exception.message)"
Write-AlertMessage -tenant $($Item.tenant) -message "Could not get defender status for $($Item.tenant): $(Get-NormalizedError -message $_.Exception.message)"
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -2,27 +2,26 @@ function Push-CIPPAlertDepTokenExpiry {
[CmdletBinding()]
Param (
[Parameter(Mandatory = $true)]
$QueueItem,
$TriggerMetadata
$Item
)
$LastRunTable = Get-CIPPTable -Table AlertLastRun

try {
$Filter = "RowKey eq 'DepTokenExpiry' and PartitionKey eq '{0}'" -f $QueueItem.tenantid
$Filter = "RowKey eq 'DepTokenExpiry' and PartitionKey eq '{0}'" -f $Item.tenantid
$LastRun = Get-CIPPAzDataTableEntity @LastRunTable -Filter $Filter
$Yesterday = (Get-Date).AddDays(-1)
if (-not $LastRun.Timestamp.DateTime -or ($LastRun.Timestamp.DateTime -le $Yesterday)) {
try {
$DepTokens = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/depOnboardingSettings' -tenantid $QueueItem.tenant).value
$DepTokens = (New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/depOnboardingSettings' -tenantid $Item.tenant).value
foreach ($Dep in $DepTokens) {
if ($Dep.tokenExpirationDateTime -lt (Get-Date).AddDays(30) -and $Dep.tokenExpirationDateTime -gt (Get-Date).AddDays(-7)) {
Write-AlertMessage -tenant $($QueueItem.tenant) -message ('Apple Device Enrollment Program token expiring on {0}' -f $Dep.tokenExpirationDateTime)
Write-AlertMessage -tenant $($Item.tenant) -message ('Apple Device Enrollment Program token expiring on {0}' -f $Dep.tokenExpirationDateTime)
}
}
} catch {}
$LastRun = @{
RowKey = 'DepTokenExpiry'
PartitionKey = $QueueItem.tenantid
PartitionKey = $Item.tenantid
}
Add-CIPPAzDataTableEntity @LastRunTable -Entity $LastRun -Force
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,14 @@ function Push-CIPPAlertExpiringLicenses {
[CmdletBinding()]
Param (
[Parameter(Mandatory = $true)]
$QueueItem,
$TriggerMetadata
$Item
)
try {
Get-CIPPLicenseOverview -TenantFilter $QueueItem.tenant | ForEach-Object {
Get-CIPPLicenseOverview -TenantFilter $Item.tenant | ForEach-Object {
$timeTorenew = [int64]$_.TimeUntilRenew
if ($timeTorenew -lt 30 -and $_.TimeUntilRenew -gt 0) {
Write-Host "$($_.License) will expire in $($_.TimeUntilRenew) days. The estimated term is $($_.EstTerm)"
Write-AlertMessage -tenant $($QueueItem.tenant) -message "$($_.License) will expire in $($_.TimeUntilRenew) days. The estimated term is $($_.EstTerm)"
Write-AlertMessage -tenant $($Item.tenant) -message "$($_.License) will expire in $($_.TimeUntilRenew) days. The estimated term is $($_.EstTerm)"
}
}
} catch {
Expand Down
Loading

0 comments on commit 4b116a8

Please sign in to comment.