Skip to content

Commit

Permalink
Merge pull request #4075 from microsoft/Dev
Browse files Browse the repository at this point in the history 
Release 1.23.1220.1
  • Loading branch information
@NikCharlebois
NikCharlebois authored Dec 20, 2023
2 parents 683fc50 + 56dcd47 commit d268430
Show file tree
Hide file tree
Showing 471 changed files with 17,050 additions and 1,506 deletions.
1 change: 1 addition & 0 deletions .github/workflows/CodeCoverage.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ jobs:
shell: pwsh
run: |
Install-Module ReverseDSC -Force -Scope AllUsers
Install-Module DSCParser -Force -Scope AllUsers
Install-Module PSDesiredStateConfiguration -Force -Scope AllUsers
Install-Module Pester -Force -SkipPublisherCheck -Scope AllUsers
[System.Environment]::SetEnvironmentVariable('M365DSCTelemetryEnabled', $false, [System.EnvironmentVariableTarget]::Machine);
Expand Down
88 changes: 88 additions & 0 deletions .github/workflows/Global - Integration - AAD.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
name: Global - Integration - AAD
on: [push]

jobs:
Integration-Global-AAD:
# The type of runner that the job will run on
runs-on: windows-latest

# Only when run from the main repo
if: github.repository == 'microsoft/Microsoft365DSC'

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- name: Install Microsoft365DSC
shell: powershell
run: |
winrm quickconfig -force
$source = "./Modules/Microsoft365DSC/"
$destination = "C:\Program Files\WindowsPowerShell\Modules"
Copy-Item -Path $source -Recurse -Destination $destination -Container -Force
Update-M365DSCDependencies
- name: Configure Environment
shell: powershell
run: |
Set-ExecutionPolicy Unrestricted -Force
Get-ChildItem "C:\Program Files\WindowsPowerShell\Modules" -Recurse | Unblock-File
Set-M365DSCTelemetryOption -Enabled $false
Set-Item -Path WSMan:\localhost\MaxEnvelopeSizekb -Value 99999
- name: Generate {Create} Integration Tests from Examples
shell: powershell
run: |
Import-Module './Tests/Integration/M365DSCTestEngine.psm1'
New-M365DSCIntegrationTest -Workload AAD -Step '1-Create'
- name: Commit {Create} Integration Tests
shell: powershell
run: |
git config --local user.email "[email protected]"
git config --local user.name "NikCharlebois"
git add D:/a/Microsoft365DSC/Microsoft365DSC/Tests/Integration/*
git pull
git commit -m "Updated {Create} AAD Integration Tests"
git push
$SHA = git rev-parse HEAD
echo "commitid=$SHA" >> $env:GITHUB_OUTPUT
- name: Run {Create} Integration Tests
shell: powershell
env:
INTEGRATION_USERNAME: ${{ secrets.INTEGRATION_USERNAME }}
INTEGRATION_PASSWORD: ${{ secrets.INTEGRATION_PASSWORD }}
run: |
$CredPassword = ConvertTo-SecureString $env:INTEGRATION_PASSWORD -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential ($env:INTEGRATION_USERNAME, $CredPassword)
try
{
& .\Tests\Integration\Microsoft365DSC\M365DSCIntegration.AAD.Create.Tests.ps1 -Credential $Credential
}
catch
{
throw $_
}
try
{
$Result = Test-DSCConfiguration -Detailed -Verbose -ErrorAction Stop
}
catch
{
throw $_
}
Write-Host ""
if ($Result.InDesiredState -eq $false)
{
Write-Host -Message "Resources below are not in the Desired State:"
foreach ($Resource in $Result.ResourcesNotInDesiredState)
{
Write-Host $Resource.InstanceName
}
throw "Could not validate that the Tenant is in the Desired State"
}
else
{
Write-Host "All resources in the Tenant are in the Desired State"
}
32 changes: 17 additions & 15 deletions .github/workflows/Global - Integration - INTUNE.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,47 +14,47 @@ jobs:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v3
- name: Install Microsoft365DSC
shell: pwsh
shell: powershell
run: |
winrm quickconfig -force
$source = "./Modules/Microsoft365DSC/"
$destination = "C:\Program Files\WindowsPowerShell\Modules"
Copy-Item -Path $source -Recurse -Destination $destination -Container -Force
Update-M365DSCDependencies
- name: Configure Environment
shell: pwsh
shell: powershell
run: |
Set-ExecutionPolicy Unrestricted -Force
Get-ChildItem "C:\Program Files\WindowsPowerShell\Modules" -Recurse | Unblock-File
Set-M365DSCTelemetryOption -Enabled $false
Set-Item -Path WSMan:\localhost\MaxEnvelopeSizekb -Value 99999
- name: Generate Integration Tests from Examples
shell: pwsh
- name: Generate {Create} Integration Tests from Examples
shell: powershell
run: |
Import-Module './Tests/Integration/M365DSCTestEngine.psm1'
New-M365DSCIntegrationTest -Workload INTUNE
- name: Commit Integration Tests
shell: pwsh
New-M365DSCIntegrationTest -Workload INTUNE -Step '1-Create'
- name: Commit {Create} Integration Tests
shell: powershell
run: |
git config --local user.email "[email protected]"
git config --local user.name "NikCharlebois"
git add D:/a/Microsoft365DSC/Microsoft365DSC/Tests/Integration/*
git pull
git commit -m "Updated Intune Integration Tests"
git commit -m "Updated {Create} Intune Integration Tests"
git push
$SHA = git rev-parse HEAD
echo "commitid=$SHA" >> $env:GITHUB_OUTPUT
- name: Run Integration Tests
- name: Run {Create} Integration Tests
shell: powershell
env:
PUBLIC_USERNAME: ${{ secrets.PUBLIC_USERNAME }}
PUBLIC_PASSWORD: ${{ secrets.PUBLIC_PASSWORD }}
INTEGRATION_USERNAME: ${{ secrets.INTEGRATION_USERNAME }}
INTEGRATION_PASSWORD: ${{ secrets.INTEGRATION_PASSWORD }}
run: |
$CredPassword = ConvertTo-SecureString $env:PUBLIC_PASSWORD -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential ($env:PUBLIC_USERNAME, $CredPassword)
$CredPassword = ConvertTo-SecureString $env:INTEGRATION_PASSWORD -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential ($env:INTEGRATION_USERNAME, $CredPassword)
try
{
& .\Tests\Integration\Microsoft365DSC\M365DSCIntegration.INTUNE.Tests.ps1 -Credential $Credential
& .\Tests\Integration\Microsoft365DSC\M365DSCIntegration.INTUNE.Create.Tests.ps1 -Credential $Credential
}
catch
{
Expand All @@ -63,13 +63,15 @@ jobs:
try
{
$Result = Test-DSCConfiguration -Detailed -Verbose
$Result = Test-DSCConfiguration -Detailed -Verbose -ErrorAction Stop
}
catch
{
throw $_
}
Write-Host ""
if ($Result.InDesiredState -eq $false)
{
Write-Host -Message "Resources below are not in the Desired State:"
Expand Down
28 changes: 28 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,33 @@
# Change log for Microsoft365DSC

# 1.23.1220.1

* AADEntitlementManagementAccessPackage
* Retrieve catalog by name instead of id.
* IntuneDeviceAndAppManagementAssignmentFilter
* Add support for remaining platforms supported by this policy
FIXES [#4065](https://github.com/microsoft/Microsoft365DSC/issues/4065)
* IntuneDeviceConfigurationCustomPolicyWindows10
* Add support to decrypt encrypted OmaSettings and export them in plaintext
FIXES [#3655](https://github.com/microsoft/Microsoft365DSC/issues/3655)
* IntuneDeviceEnrollmentPlatformRestriction
* Fix Set-TargetResource due to an issue were the bodyparameter not cast correctly
FIXES [#3730](https://github.com/microsoft/Microsoft365DSC/issues/3730)
* IntuneEndpointDetectionAndResponsePolicyWindows10
* Fix issue when trying to remove policy and Identity is set to a random GUID
or from another tenant
FIXES [#4041](https://github.com/microsoft/Microsoft365DSC/issues/4041)
* IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled
* Added Assignments
FIXES [#2932](https://github.com/microsoft/Microsoft365DSC/issues/2932)
* SCAutoSensitivieyLabelPolicy
FIXES [#4036] Don't see any limits on our docs for priority
* M365DSCDRGUtil
* Fix empty BaseUrl since MSCloudLoginAssistant removed Intune workload
FIXES [#4057](https://github.com/microsoft/Microsoft365DSC/issues/4057)
* DEPENDENCIES
* Updated MSCloudLoginAssistant to version 1.1.4.

# 1.23.1213.1

* IntuneEndpointDetectionAndResponsePolicyWindows10
Expand Down
13 changes: 10 additions & 3 deletions ...s/Microsoft365DSC/DSCResources/MSFT_AADAdministrativeUnit/MSFT_AADAdministrativeUnit.psm1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -551,12 +551,19 @@ function Set-TargetResource
Write-Verbose -Message "Creating an Azure AD Administrative Unit with DisplayName {$DisplayName}"

#region resource generator code
$policy = New-MgBetaDirectoryAdministrativeUnit -BodyParameter $CreateParameters
Write-Verbose -Message "Creating new Administrative Unit with: $(Convert-M365DscHashtableToString -Hashtable $CreateParameters)"

$jsonParams = ConvertTo-Json $CreateParameters

# TODO - Replace by cmdlet call which has an issue in 2.11.1
$url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + 'beta/administrativeUnits'
$policy = Invoke-MgGraphRequest -Method POST -Uri $url -Body $jsonParams

if ($MembershipType -ne 'Dynamic')
{
foreach ($member in $memberSpecification)
{
Write-Verbose -Message "Adding new dynamic member {$($member.Id)}"
$memberBodyParam = @{
'@odata.id' = "https://graph.microsoft.com/v1.0/$($member.Type)/$($member.Id)"
}
Expand Down Expand Up @@ -993,8 +1000,8 @@ function Export-TargetResource
Add-M365DSCTelemetryEvent -Data $data
#endregion




try
{
Expand Down
1 change: 1 addition & 0 deletions ...C/DSCResources/MSFT_AADAuthenticationMethodPolicy/MSFT_AADAuthenticationMethodPolicy.psm1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -357,6 +357,7 @@ function Set-TargetResource
}
#region resource generator code
$UpdateParameters.Add("@odata.type", "#microsoft.graph.AuthenticationMethodsPolicy")
Write-Verbose -Message "Updating AuthenticationMethodPolicy with: `r`n$(Convert-M365DscHashtableToString -Hashtable $UpdateParameters)"
Update-MgBetaPolicyAuthenticationMethodPolicy -BodyParameter $UpdateParameters
#endregion
}
Expand Down
99 changes: 50 additions & 49 deletions ...henticationMethodPolicyAuthenticator/MSFT_AADAuthenticationMethodPolicyAuthenticator.psm1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,14 +99,14 @@ function Get-TargetResource
$complexCompanionAppAllowedState = @{}
$complexExcludeTarget = @{}
if ($getValue.additionalProperties.featureSettings.companionAppAllowedState.excludeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000')
{
$myExcludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.companionAppAllowedState.excludeTarget.id
$complexExcludeTarget.Add('Id', $myExcludeTargetsDisplayName.DisplayName)
}
else
{
$complexExcludeTarget.Add('Id', $getValue.additionalProperties.featureSettings.companionAppAllowedState.excludeTarget.id)
}
{
$myExcludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.companionAppAllowedState.excludeTarget.id
$complexExcludeTarget.Add('Id', $myExcludeTargetsDisplayName.DisplayName)
}
else
{
$complexExcludeTarget.Add('Id', 'all_users')
}
if ($null -ne $getValue.additionalProperties.featureSettings.companionAppAllowedState.excludeTarget.targetType)
{
$complexExcludeTarget.Add('TargetType', $getValue.additionalProperties.featureSettings.companionAppAllowedState.excludeTarget.targetType.toString())
Expand All @@ -118,14 +118,14 @@ function Get-TargetResource
$complexCompanionAppAllowedState.Add('ExcludeTarget', $complexExcludeTarget)
$complexIncludeTarget = @{}
if ($getValue.additionalProperties.featureSettings.companionAppAllowedState.includeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000')
{
$myIncludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.companionAppAllowedState.includeTarget.id
$complexIncludeTarget.Add('Id', $myIncludeTargetsDisplayName.DisplayName)
}
else
{
$complexIncludeTarget.Add('Id', $getValue.additionalProperties.featureSettings.companionAppAllowedState.includeTarget.id)
}
{
$myIncludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.companionAppAllowedState.includeTarget.id
$complexIncludeTarget.Add('Id', $myIncludeTargetsDisplayName.DisplayName)
}
else
{
$complexIncludeTarget.Add('Id', 'all_users')
}
if ($null -ne $getValue.additionalProperties.featureSettings.companionAppAllowedState.includeTarget.targetType)
{
$complexIncludeTarget.Add('TargetType', $getValue.additionalProperties.featureSettings.companionAppAllowedState.includeTarget.targetType.toString())
Expand All @@ -145,16 +145,17 @@ function Get-TargetResource
}
$complexFeatureSettings.Add('CompanionAppAllowedState', $complexCompanionAppAllowedState)
$complexDisplayAppInformationRequiredState = @{}

$complexExcludeTarget = @{}
if ($getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.excludeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000')
{
$myExcludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.excludeTarget.id
$complexExcludeTarget.Add('Id', $myExcludeTargetsDisplayName.DisplayName)
}
else
{
$complexExcludeTarget.Add('Id', $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.excludeTarget.id)
}
{
$myExcludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.excludeTarget.id
$complexExcludeTarget.Add('Id', $myExcludeTargetsDisplayName.DisplayName)
}
else
{
$complexExcludeTarget.Add('Id', 'all_users')
}
if ($null -ne $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.excludeTarget.targetType)
{
$complexExcludeTarget.Add('TargetType', $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.excludeTarget.targetType.toString())
Expand All @@ -166,14 +167,14 @@ function Get-TargetResource
$complexDisplayAppInformationRequiredState.Add('ExcludeTarget', $complexExcludeTarget)
$complexIncludeTarget = @{}
if ($getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.includeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000')
{
$myIncludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.includeTarget.id
$complexIncludeTarget.Add('Id', $myIncludeTargetsDisplayName.DisplayName)
}
else
{
$complexIncludeTarget.Add('Id', $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.includeTarget.id)
}
{
$myIncludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.includeTarget.id
$complexIncludeTarget.Add('Id', $myIncludeTargetsDisplayName.DisplayName)
}
else
{
$complexIncludeTarget.Add('Id', 'all_users')
}
if ($null -ne $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.includeTarget.targetType)
{
$complexIncludeTarget.Add('TargetType', $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.includeTarget.targetType.toString())
Expand All @@ -195,14 +196,14 @@ function Get-TargetResource
$complexDisplayLocationInformationRequiredState = @{}
$complexExcludeTarget = @{}
if ($getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.excludeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000')
{
$myExcludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.excludeTarget.id
$complexExcludeTarget.Add('Id', $myExcludeTargetsDisplayName.DisplayName)
}
else
{
$complexExcludeTarget.Add('Id', $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.excludeTarget.id)
}
{
$myExcludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.excludeTarget.id
$complexExcludeTarget.Add('Id', $myExcludeTargetsDisplayName.DisplayName)
}
else
{
$complexExcludeTarget.Add('Id', 'all_users')
}
if ($null -ne $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.excludeTarget.targetType)
{
$complexExcludeTarget.Add('TargetType', $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.excludeTarget.targetType.toString())
Expand All @@ -214,14 +215,14 @@ function Get-TargetResource
$complexDisplayLocationInformationRequiredState.Add('ExcludeTarget', $complexExcludeTarget)
$complexIncludeTarget = @{}
if ($getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.includeTarget.id -notmatch 'all_users|00000000-0000-0000-0000-000000000000')
{
$myIncludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.includeTarget.id
$complexIncludeTarget.Add('Id', $myIncludeTargetsDisplayName.DisplayName)
}
else
{
$complexIncludeTarget.Add('Id', $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.includeTarget.id)
}
{
$myIncludeTargetsDisplayName = Get-MgGroup -GroupId $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.includeTarget.id
$complexIncludeTarget.Add('Id', $myIncludeTargetsDisplayName.DisplayName)
}
else
{
$complexIncludeTarget.Add('Id', 'all_users')
}
if ($null -ne $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.includeTarget.targetType)
{
$complexIncludeTarget.Add('TargetType', $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.includeTarget.targetType.toString())
Expand Down Expand Up @@ -249,7 +250,7 @@ function Get-TargetResource
{
$myExcludeTargetsDisplayName = Get-MgGroup -GroupId $currentExcludeTargets.id -ErrorAction SilentlyContinue

if ($null -ne $myIncludeTargetsDisplayName)
if ($null -ne $myExcludeTargetsDisplayName)
{
$myExcludeTargets.Add('Id', $myExcludeTargetsDisplayName.DisplayName)
}
Expand Down
Loading

0 comments on commit d268430

Please sign in to comment.