commit 03f21f2b6cfc018efdc80745c3240fb759427b9a Author: Tomas Kracmar Date: Mon May 20 07:33:10 2024 +0000 Add export-credential-no-pii.ps1 diff --git a/export-credential-no-pii.ps1 b/export-credential-no-pii.ps1 new file mode 100644 index 0000000..b2e810c --- /dev/null +++ b/export-credential-no-pii.ps1 @@ -0,0 +1,107 @@ +# Generated by Microsoft365DSC from https://export.microsoft365dsc.com on 20/05/2024 +# Comprehensive script for exporting M365 tenant configuration, with personal and group-related settings omitted + +# Getting client credential +$Credential = Get-Credential + +# Exporting resources using credentials, excluding personal data and group settings +Export-M365DSCConfiguration -Components @( + # Azure Active Directory (AAD) Settings + "AADActivityBasedTimeoutPolicy", # Automatically logs out users after a period of inactivity + "AADAdministrativeUnit", # Organizes resources for delegated administration + "AADApplication", # Manages applications registered with Azure AD + "AADAttributeSet", # Manages collections of attributes in directory services + "AADAuthenticationContextClassReference", # Applies different authentication contexts based on access scenario + "AADAuthenticationMethodPolicy", # Configures available authentication methods + "AADAuthenticationMethodPolicyAuthenticator", # Details settings for authenticator app methods + "AADAuthenticationMethodPolicyEmail", # Sets policies for email-based authentication + "AADAuthenticationMethodPolicyFido2", # Specifies settings for FIDO2 security keys + "AADAuthenticationMethodPolicySms", # Manages SMS as an authentication method + "AADAuthenticationMethodPolicySoftware", # Relates to software-based authentication methods + "AADAuthenticationMethodPolicyTemporary", # Manages temporary authentication methods + "AADAuthenticationMethodPolicyVoice", # Sets policies for voice call-based authentication + "AADAuthenticationMethodPolicyX509", # Manages policies for X.509 certificate-based authentication + "AADAuthenticationStrengthPolicy", # Defines the required strength of authentication methods + "AADAuthorizationPolicy", # Manages authorization settings across Azure AD + "AADConditionalAccessPolicy", # Configures security requirements based on conditions + "AADCrossTenantAccessPolicy", # Manages access across different Azure AD tenants + "AADCrossTenantAccessPolicyConfigurationDefault", # Default settings for cross-tenant access + "AADCrossTenantAccessPolicyConfigurationPartner", # Manages cross-tenant access for partner organizations + "AADEntitlementManagementAccessPackage", # Defines specific access packages + "AADEntitlementManagementAccessPackageAssignmentPolicy", # Sets policies for assigning access packages + "AADEntitlementManagementAccessPackageCatalog", # Manages catalogs of access packages + "AADEntitlementManagementAccessPackageCatalogResource", # Manages resources within access package catalogs + "AADEntitlementManagementConnectedOrganization", # Manages external organizations connected to access packages + "AADExternalIdentityPolicy", # Manages settings for identities from external sources + "AADNamedLocationPolicy", # Configures named locations used in conditional access policies + "AADRoleDefinition", # Defines roles within Azure AD + "AADRoleEligibilityScheduleRequest", # Manages scheduled requests for role eligibility + "AADRoleSetting", # Manages settings for Azure AD roles + "AADSecurityDefaults", # Applies default security settings + "AADServicePrincipal", # Manages service principals for applications or services + "AADSocialIdentityProvider", # Manages configurations for social identity providers + "AADTenantDetails", # Contains details about the Azure AD tenant + "AADTokenLifetimePolicy", # Configures the lifetimes of tokens issued by Azure AD + # "AADUser", # Omitted due to potential personal data + + # Exchange Online (EXO) Settings + "EXOAntiPhishPolicy", # Sets policies to protect against phishing attacks + "EXOAntiPhishRule", # Specifies detailed rules within the anti-phishing policy + "EXOClientAccessRule", # Manages access rules for client connections to Exchange services + "EXODataClassification", # Manages data classifications for content analysis and protection + "EXODataEncryptionPolicy", # Configures encryption policies for data at rest + "EXODkimSigningConfig", # Manages DKIM signing configurations to verify sender domain of emails + "EXOHostedConnectionFilterPolicy", # Manages policies for filtering connections to hosted Exchange service + "EXOHostedContentFilterPolicy", # Manages policies for filtering email content to prevent spam and malware + "EXOHostedContentFilterRule", # Specifies detailed rules within the content filtering policy + "EXOHostedOutboundSpamFilterPolicy",# Manages policies for filtering spam in outbound emails + "EXOHostedOutboundSpamFilterRule", # Specifies detailed rules within the outbound spam filtering policy + "EXOIRMConfiguration", # Manages IRM settings to protect email content + "EXOJournalRule", # Manages rules for journaling emails for compliance or auditing + "EXOMalwareFilterPolicy", # Sets policies for protecting against malware in email attachments + "EXOMalwareFilterRule", # Specifies detailed rules within the malware filtering policy + "EXOSafeAttachmentPolicy", # Configures policies for Safe Attachments to protect against malware + "EXOSafeAttachmentRule", # Specifies detailed rules within the Safe Attachment policy + "EXOSafeLinksPolicy", # Sets policies for Safe Links to provide URL scanning and rewriting + "EXOSafeLinksRule", # Specifies detailed rules within the Safe Links policy + # "EXOMailboxAutoReplyConfiguration", # Omitted due to potential personal data + # "EXOMailboxCalendarFolder", # Omitted due to potential personal data + # "EXOMailboxPermission", # Omitted due to potential personal data + # "EXOMailboxPlan", # Omitted due to potential personal data + # "EXOMailboxSettings", # Omitted due to potential personal data + # "EXOMailContact", # Omitted due to potential personal data + # "EXOMailTips", # Omitted due to potential personal data + + # Intune Policies + "IntuneAppConfigurationPolicy", # Manages policies for app settings on devices + "IntuneDeviceCompliancePolicyWindows10", # Manages compliance policies for Windows 10 devices + "IntuneDeviceConfigurationEndpointProtectionPolicyWindows10", # Manages endpoint protection for Windows 10 + "IntuneEndpointDetectionAndResponsePolicyWindows10", # Manages endpoint detection and response for Windows 10 + "IntuneRoleDefinition", # Defines roles within Intune + + # Microsoft Teams Policies + "TeamsAppPermissionPolicy", # Manages app permissions within Microsoft Teams + "TeamsAppSetupPolicy", # Manages setup of apps within Microsoft Teams + "TeamsCallingPolicy", # Manages calling settings within Microsoft Teams + "TeamsGuestMessagingConfiguration", # Manages messaging settings for guests within Microsoft Teams + "TeamsMeetingPolicy", # Manages meeting settings within Microsoft Teams + "TeamsMessagingPolicy", # Manages messaging settings within Microsoft Teams + + # PowerApps and Other Services + "PPPowerAppsEnvironment", # Manages environments within PowerApps + "PPTenantIsolationSettings", # Manages isolation settings within Power Platform + "PPTenantSettings", # Manages tenant-wide settings within Power Platform + + # Security and Compliance Center Policies + "SCCompliancePolicy", # Manages compliance policies across Microsoft 365 + "SCDLPCompliancePolicy", # Manages Data Loss Prevention policies + "SCDLPComplianceRule", # Specifies rules within DLP policies + "SCLabelPolicy", # Manages labeling policies for content classification + "SCProtectionAlert", # Manages alerts for activities that may pose security risks + "SCRetentionCompliancePolicy", # Manages retention policies specifying how long content is kept + "SCRetentionComplianceRule", # Specifies rules within retention policies + + # SharePoint Online Policies + "SPOAccessControlSettings", # Manages access control settings within SharePoint Online + "SPOTenantSettings" # Manages tenant-wide settings within SharePoint Online +) -Credential $Credential