cqrenet/macOS_IntuneManagement
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 3 Wiki Activity

3.9.1

Browse Source
This commit is contained in:
Mikael Karlsson
2023-08-30 20:07:18 +10:00
parent e6ec048df0
commit ea3af64316
47 changed files with 52194 additions and 34449 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
CS/HttpFactoryWithProxy.cs Normal file
View File

@@ -0,0 +1,42 @@
using System;
using System.Net;
using System.Net.Http;
using Microsoft.Identity.Client;
public class HttpFactoryWithProxy : IMsalHttpClientFactory
{
private static HttpClient _httpClient;
public public HttpFactoryWithProxy(string proxyURI) : this(proxyURI, null, null)
{
}
public HttpFactoryWithProxy(string proxyURI, string proxyUserName = null, string proxyPassword = null)
{
if (_httpClient == null)
{
var proxy = new WebProxy
{
Address = new Uri(proxyURI),
BypassProxyOnLocal = false,
UseDefaultCredentials = false,
Credentials = new NetworkCredential(
userName: proxyUserName,
password: proxyPassword)
};
var httpClientHandler = new HttpClientHandler
{
Proxy = proxy,
};
_httpClient = new HttpClient(handler: httpClientHandler);
}
}
public HttpClient GetHttpClient()
{
return _httpClient;
}
}

4471
CloudAPIPowerShellManagement-DESKTOP-UCPS639.log
View File

File diff suppressed because it is too large Load Diff

2
CloudAPIPowerShellManagement.psd1
View File

@@ -12,7 +12,7 @@
RootModule = 'CloudAPIPowerShellManagement.psm1'
# Version number of this module.
ModuleVersion = '3.9.0'
ModuleVersion = '3.9.1'
# Supported PSEditions
# CompatiblePSEditions = @()

92
Core.psm1
View File

@@ -11,7 +11,7 @@ This module handles the WPF UI
function Get-ModuleVersion
{
'3.8.1'
'3.9.1'
}
function Initialize-Window
@@ -58,6 +58,7 @@ function Start-CoreApp
$global:useDefaultFolderDialog = $false
$global:WindowsAPICodePackLoaded = $false
$script:proxyURI = $null
$global:loadedModules = @()
$global:viewObjects = @()
@@ -235,6 +236,8 @@ function Write-Log
if(-not $global:logFileMaxSize) { [Int64]$global:logFileMaxSize = Get-SettingValue "LogFileSize" 1024; $global:logFileMaxSize = $global:logFileMaxSize * 1kb }
if($null -eq $global:logOutputError) { $global:logOutputError = Get-SettingValue "LogOutputError" }
$fi = [IO.FileInfo]$global:logFile
if($fi.Length -gt $global:logFileMaxSize)
@@ -286,12 +289,19 @@ function Write-Log
if($type -eq 2)
{
Write-Warning $Text
$typeStr = "Error"
$typeStr = "Warning"
}
elseif($type -eq 3)
{
$host.ui.WriteErrorLine($Text)
$typeStr = "Warning"
if($global:logOutputError -ne $false)
{
$host.ui.WriteErrorLine($Text)
}
else
{
Write-Warning $Text
}
$typeStr = "Error"
}
else
{
@@ -667,8 +677,15 @@ function Show-UpdatesDialog
{
if($mystream) { $mystream.Dispose() }
}
$params = @{}
$proxyURI = Get-ProxyURI
if($proxyURI)
{
$params.Add("proxy", $proxyURI)
$params.Add("UseBasicParsing", $true)
}
$content = Invoke-RestMethod "https://api.github.com/repos/Micke-K/IntuneManagement/contents/ReleaseNotes.md"
$content = Invoke-RestMethod "https://api.github.com/repos/Micke-K/IntuneManagement/contents/ReleaseNotes.md" @params
if($content)
{
$txt = [System.Text.Encoding]::UTF8.GetString(([System.Convert]::FromBase64String($content.content)))
@@ -703,7 +720,15 @@ function Get-IsLatestVersion
$gitHubVer = $null
$content = Invoke-RestMethod "https://api.github.com/repos/Micke-K/IntuneManagement/releases/latest"
$params = @{}
$proxyURI = Get-ProxyURI
if($proxyURI)
{
$params.Add("proxy", $proxyURI)
$params.Add("UseBasicParsing", $true)
}
$content = Invoke-RestMethod "https://api.github.com/repos/Micke-K/IntuneManagement/releases/latest" @params
if($content.Name)
{
try
@@ -715,7 +740,15 @@ function Get-IsLatestVersion
if($null -eq $gitHubVer)
{
$content = Invoke-RestMethod "https://api.github.com/repos/Micke-K/IntuneManagement/contents/CloudAPIPowerShellManagement.psd1"
$params = @{}
$proxyURI = Get-ProxyURI
if($proxyURI)
{
$params.Add("proxy", $proxyURI)
$params.Add("UseBasicParsing", $true)
}
$content = Invoke-RestMethod "https://api.github.com/repos/Micke-K/IntuneManagement/contents/CloudAPIPowerShellManagement.psd1" @params
$gitHubText = [System.Text.Encoding]::UTF8.GetString(([System.Convert]::FromBase64String($content.content)))
$gitHubInfo = Get-ModuleDataTable $gitHubText
try
@@ -1150,6 +1183,10 @@ function Expand-FileName
[Environment]::SetEnvironmentVariable("DateTime",$null,[System.EnvironmentVariableTarget]::Process)
[Environment]::SetEnvironmentVariable("Organization",$null,[System.EnvironmentVariableTarget]::Process)
# Remove invalid path characters
$re = "[{0}]" -f [RegEx]::Escape(([IO.Path]::GetInvalidPathChars() -join ''))
$fileName = $fileName -replace $re
$fileName
}
@@ -1167,7 +1204,9 @@ function Initialize-Settings
$global:Debug = Get-SettingValue "Debug"
$global:logFile = $null
$global:logFileMaxSize = $null
$global:logFileMaxSize = $null
$global:logOutputError = $null
$script:proxyURI = $null
if($Updated -eq $true)
{
@@ -1943,6 +1982,14 @@ function Add-DefaultSettings
DefaultValue = 1024
}) "General"
Add-SettingsObject (New-Object PSObject -Property @{
Title = "Add errors to PowerShell output"
Key = "LogOutputError"
Type = "Boolean"
Description = "Write errors to the Error Output of the PS Host. If disabled, errors will be written as a Warning. Eg. disable this if automation should skip logging PowerShell errors."
DefaultValue = $true
}) "General"
Add-SettingsObject (New-Object PSObject -Property @{
Title = "Debug"
Key = "Debug"
@@ -1998,6 +2045,12 @@ function Add-DefaultSettings
Description = "Adds the organization name next to the login info on the menu bar"
}) "General"
Add-SettingsObject (New-Object PSObject -Property @{
Title = "Proxy URI"
Key = "ProxyURI"
Description = "Specify the URI for the proxy eg http://<server>:<port>"
}) "General"
}
function Add-SettingsObject
@@ -2434,6 +2487,15 @@ function Get-MainWindow
}
Show-ModalForm $window.Title $script:welcomeForm -HideButtons
}
else
{
###!!! Force login here
if($global:currentViewObject.ViewInfo.Authenticate)
{
# Skip for now...need additional code to skip previous login and force this based on setting.
#!!!& $global:currentViewObject.ViewInfo.Authenticate -Params (@{"Interactve"=$true})
}
}
})
@@ -2694,6 +2756,20 @@ function Get-Base64ScriptContent
}
}
function Get-ProxyURI
{
if($null -eq $script:proxyURI)
{
$script:proxyUri = Get-SettingValue "ProxyURI"
}
if($null -eq $script:proxyURI)
{
$script:proxyUri = ""
}
return $script:proxyURI
}
New-Alias -Name ?? -value Invoke-Coalesce
New-Alias -Name ?: -value Invoke-IfTrue
Export-ModuleMember -alias * -function *

69
Documentation/ObjectInfo/#microsoft.graph.windowsDriverUpdateProfile.json Normal file
View File

@@ -0,0 +1,69 @@
[
{
"nameResourceKey": "TableHeaders.policyType",
"descriptionResourceKey": "",
"entityKey": "WindowsDriverUpdateProfile.Subtitle.automatic",
"dataType": 200,
"booleanActions": 0,
"category": 1000,
"Condition": {
"Expressions": [
{
"property": "approvalType",
"value": "automatic"
}
]
}
},
{
"nameResourceKey": "TableHeaders.policyType",
"descriptionResourceKey": "",
"entityKey": "WindowsDriverUpdateProfile.Subtitle.manual",
"dataType": 200,
"booleanActions": 0,
"category": 1000,
"Condition": {
"Expressions": [
{
"property": "approvalType",
"value": "manual"
}
]
}
},
{
"nameResourceKey": "WindowsDriverUpdateProfile.Details.ApprovalMethod.label",
"descriptionResourceKey": "",
"entityKey": "approvalType",
"dataType": 16,
"booleanActions": 0,
"category": "TableHeaders.settings",
"options": [
{
"nameResourceKey": "WindowsDriverUpdateProfile.ApprovalMethod.automatic",
"value": "automatic"
},
{
"nameResourceKey": "WindowsDriverUpdateProfile.ApprovalMethod.manual",
"value": "manual"
}
]
},
{
"nameResourceKey": "WindowsDriverUpdateProfile.Details.DeploymentDeferralInDays.label",
"descriptionResourceKey": "",
"entityKey": "deploymentDeferralInDays",
"formatStringKey": "WindowsDriverUpdateProfile.Details.DeploymentDeferralInDays.value",
"dataType": 108,
"booleanActions": 0,
"category": "TableHeaders.settings",
"Condition": {
"Expressions": [
{
"property": "approvalType",
"value": "automatic"
}
]
}
}
]

158
Documentation/ObjectInfo/androiddeviceownerapplications_androiddeviceownergeneral.json
View File

@@ -113,6 +113,164 @@
"defaultValue": false,
"policyType": 2,
"enabled": true
},
{
"columns": [
{
"metadata": {
"dataType": 20,
"category": 2,
"nameResourceKey": "appNameName",
"descriptionResourceKey": "Empty",
"childSettings": [
],
"options": [
],
"entityKey": "name",
"booleanActions": 0,
"policyType": 2,
"enabled": false
}
},
{
"metadata": {
"dataType": 20,
"category": 2,
"nameResourceKey": "packageName",
"descriptionResourceKey": "Empty",
"childSettings": [
],
"options": [
],
"entityKey": "appId",
"booleanActions": 0,
"policyType": 2,
"enabled": false
}
},
{
"metadata": {
"dataType": 20,
"category": 2,
"nameResourceKey": "appUrlName",
"descriptionResourceKey": "Empty",
"childSettings": [
],
"options": [
],
"entityKey": "appStoreUrl",
"booleanActions": 0,
"policyType": 2,
"enabled": false
}
},
{
"metadata": {
"dataType": 20,
"category": 2,
"nameResourceKey": "appPublisherName",
"descriptionResourceKey": "Empty",
"childSettings": [
],
"options": [
],
"entityKey": "publisher",
"booleanActions": 0,
"policyType": 2,
"enabled": false
}
}
],
"dataType": 21,
"category": 2,
"nameResourceKey": "certificateInstallTitle",
"descriptionResourceKey": "certificateInstallDescription",
"childSettings": [
],
"options": [
],
"entityKey": "certInstallApps",
"booleanActions": 0,
"policyType": 2,
"enabled": false
},
{
"complexOptions": [
{
"dataType": 11,
"category": 2,
"nameResourceKey": "selectSecurityApp",
"descriptionResourceKey": "empty",
"childSettings": [
],
"options": [
],
"entityKey": "securityLogAppId",
"booleanActions": 0,
"policyType": 2,
"enabled": true
}
],
"dataType": 5,
"category": 2,
"nameResourceKey": "securityLogsTitle",
"emptyValueResourceKey": "selectSecurityApp",
"childSettings": [
],
"options": [
],
"entityKey": "securityLogApp",
"booleanActions": 0,
"policyType": 2,
"enabled": false
},
{
"complexOptions": [
{
"dataType": 11,
"category": 2,
"nameResourceKey": "selectNetworkApp",
"descriptionResourceKey": "empty",
"childSettings": [
],
"options": [
],
"entityKey": "networkLogAppId",
"booleanActions": 0,
"policyType": 2,
"enabled": true
}
],
"dataType": 5,
"category": 2,
"nameResourceKey": "networkLogsTitle",
"emptyValueResourceKey": "selectNetworkApp",
"childSettings": [
],
"options": [
],
"entityKey": "networkLogApp",
"booleanActions": 0,
"policyType": 2,
"enabled": false
}
],
"options": [

10
Documentation/ObjectInfo/devicehealth_complianceandroid.json
View File

@@ -154,8 +154,8 @@
{
"dataType": 16,
"category": 39,
"nameResourceKey": "safetyNetAttestationOptionsName",
"descriptionResourceKey": "safetyNetAttestationOptionsDescription",
"nameResourceKey": "playIntegrityVerdictOptionsName",
"descriptionResourceKey": "playIntegrityVerdictOptionsDescription",
"childSettings": [
],
@@ -166,17 +166,17 @@
"enabled": true
},
{
"nameResourceKey": "androidSafetyNetbasicIntegrity",
"nameResourceKey": "androidPlayIntegrityVerdictBasicIntegrity",
"value": "basicIntegrity",
"enabled": true
},
{
"nameResourceKey": "androidSafetyNetBasicIntegrityAndCertified",
"nameResourceKey": "androidPlayIntegrityVerdictBasicAndDeviceIntegrity",
"value": "basicIntegrityAndCertified",
"enabled": true
}
],
"entityKey": "androidSafetyNetAttestationOptions",
"entityKey": "androidPlayIntegrityVerdictOptions",
"booleanActions": 0,
"defaultValue": "notConfigured",
"unconfiguredValue": "notConfigured",

10
Documentation/ObjectInfo/devicehealth_complianceandroiddeviceowner.json
View File

@@ -52,8 +52,8 @@
{
"dataType": 16,
"category": 39,
"nameResourceKey": "safetyNetAttestationOptionsName",
"descriptionResourceKey": "safetyNetAttestationOptionsDescription",
"nameResourceKey": "playIntegrityVerdictOptionsName",
"descriptionResourceKey": "playIntegrityVerdictOptionsDescription",
"childSettings": [
],
@@ -64,17 +64,17 @@
"enabled": true
},
{
"nameResourceKey": "androidSafetyNetbasicIntegrity",
"nameResourceKey": "androidPlayIntegrityVerdictBasicIntegrity",
"value": "basicIntegrity",
"enabled": true
},
{
"nameResourceKey": "androidSafetyNetBasicIntegrityAndCertified",
"nameResourceKey": "androidPlayIntegrityVerdictBasicAndDeviceIntegrity",
"value": "basicIntegrityAndCertified",
"enabled": true
}
],
"entityKey": "androidSafetyNetAttestationOptions",
"entityKey": "androidPlayIntegrityVerdictOptions",
"booleanActions": 0,
"defaultValue": "notConfigured",
"unconfiguredValue": "notConfigured",

26
Documentation/ObjectInfo/devicehealth_complianceandroidforwork.json
View File

@@ -103,8 +103,8 @@
{
"dataType": 16,
"category": 39,
"nameResourceKey": "safetyNetAttestationOptionsName",
"descriptionResourceKey": "safetyNetAttestationOptionsDescription",
"nameResourceKey": "playIntegrityVerdictOptionsName",
"descriptionResourceKey": "playIntegrityVerdictOptionsDescription",
"childSettings": [
],
@@ -115,25 +115,25 @@
"enabled": true
},
{
"nameResourceKey": "androidSafetyNetbasicIntegrity",
"nameResourceKey": "androidPlayIntegrityVerdictBasicIntegrity",
"value": "basicIntegrity",
"children": [
{
"dataType": 16,
"category": 39,
"nameResourceKey": "requiredAndroidSafetyNetEvaluationTypeName",
"descriptionResourceKey": "requiredAndroidSafetyNetEvaluationTypeDescription",
"nameResourceKey": "requiredAndroidPlayIntegrityVerdictEvaluationTypeName",
"descriptionResourceKey": "requiredAndroidPlayIntegrityVerdictEvaluationTypeDescription",
"childSettings": [
],
"options": [
{
"nameResourceKey": "requiredAndroidSafetyNetEvaluationTypeBasic",
"nameResourceKey": "requiredAndroidPlayIntegrityVerdictEvaluationTypeBasic",
"value": "basic",
"enabled": true
},
{
"nameResourceKey": "requiredAndroidSafetyNetEvaluationTypeHardwareBacked",
"nameResourceKey": "requiredAndroidPlayIntegrityVerdictEvaluationTypeHardwareBacked",
"value": "hardwareBacked",
"enabled": true
}
@@ -149,25 +149,25 @@
"enabled": true
},
{
"nameResourceKey": "androidSafetyNetBasicIntegrityAndCertified",
"nameResourceKey": "androidPlayIntegrityVerdictBasicAndDeviceIntegrity",
"value": "basicIntegrityAndCertified",
"children": [
{
"dataType": 16,
"category": 39,
"nameResourceKey": "requiredAndroidSafetyNetEvaluationTypeName",
"descriptionResourceKey": "requiredAndroidSafetyNetEvaluationTypeDescription",
"nameResourceKey": "requiredAndroidPlayIntegrityVerdictEvaluationTypeName",
"descriptionResourceKey": "requiredAndroidPlayIntegrityVerdictEvaluationTypeDescription",
"childSettings": [
],
"options": [
{
"nameResourceKey": "requiredAndroidSafetyNetEvaluationTypeBasic",
"nameResourceKey": "requiredAndroidPlayIntegrityVerdictEvaluationTypeBasic",
"value": "basic",
"enabled": true
},
{
"nameResourceKey": "requiredAndroidSafetyNetEvaluationTypeHardwareBacked",
"nameResourceKey": "requiredAndroidPlayIntegrityVerdictEvaluationTypeHardwareBacked",
"value": "hardwareBacked",
"enabled": true
}
@@ -183,7 +183,7 @@
"enabled": true
}
],
"entityKey": "androidSafetyNetAttestationOptions",
"entityKey": "androidPlayIntegrityVerdictOptions",
"booleanActions": 0,
"defaultValue": "notConfigured",
"unconfiguredValue": "notConfigured",

228
Documentation/ObjectInfo/devicehealth_compliancewindows10.json
View File

@@ -1,68 +1,178 @@
{
"devicehealth_compliancewindows10": {
"isSettingDescription": false,
"showAsSectionHeader": false,
"dataType": 8,
"category": 39,
"nameResourceKey": "complianceWindowsDeviceHealthAttestationHeader",
"childSettings": [
{
"dataType": 0,
"category": 39,
"nameResourceKey": "bitLockerEnabledName",
"descriptionResourceKey": "bitLockerEnabledDescription",
"childSettings": [
"devicehealth_compliancewindows10": [
{
"isSettingDescription": false,
"showAsSectionHeader": false,
"dataType": 8,
"category": 39,
"nameResourceKey": "complianceWindowsDeviceHealthAttestationHeader",
"childSettings": [
],
"options": [
],
"options": [
],
"entityKey": "bitLockerEnabled",
"booleanActions": 1,
"defaultValue": false,
"policyType": 35,
"enabled": true
},
{
"dataType": 0,
"category": 39,
"nameResourceKey": "secureBootEnabledName",
"descriptionResourceKey": "secureBootEnabledDescription",
"childSettings": [
],
"booleanActions": 0,
"policyType": 35,
"enabled": true
},
{
"isSettingDescription": false,
"showAsSectionHeader": false,
"dataType": 8,
"category": 39,
"nameResourceKey": "complianceWindows10DeviceHealthAttestationHeader",
"childSettings": [
{
"dataType": 0,
"category": 39,
"nameResourceKey": "bitLockerEnabledName",
"childSettings": [
],
"options": [
],
"options": [
],
"entityKey": "secureBootEnabled",
"booleanActions": 1,
"defaultValue": false,
"policyType": 35,
"enabled": true
},
{
"dataType": 0,
"category": 39,
"nameResourceKey": "codeIntegrityEnabledName",
"descriptionResourceKey": "codeIntegrityEnabledDescription",
"childSettings": [
],
"entityKey": "bitLockerEnabled",
"booleanActions": 1,
"defaultValue": false,
"policyType": 35,
"enabled": true
},
{
"dataType": 0,
"category": 39,
"nameResourceKey": "secureBootEnabledName",
"childSettings": [
],
"options": [
],
"options": [
],
"entityKey": "codeIntegrityEnabled",
"booleanActions": 1,
"defaultValue": false,
"policyType": 35,
"enabled": true
}
],
"options": [
],
"entityKey": "secureBootEnabled",
"booleanActions": 1,
"defaultValue": false,
"policyType": 35,
"enabled": true
},
{
"dataType": 0,
"category": 39,
"nameResourceKey": "codeIntegrityEnabledName",
"childSettings": [
],
"booleanActions": 0,
"policyType": 35,
"enabled": true
}
],
"options": [
],
"entityKey": "codeIntegrityEnabled",
"booleanActions": 1,
"defaultValue": false,
"policyType": 35,
"enabled": true
}
],
"options": [
],
"booleanActions": 0,
"policyType": 35,
"enabled": true
},
{
"isSettingDescription": false,
"showAsSectionHeader": false,
"dataType": 8,
"category": 39,
"nameResourceKey": "complianceWindows11DeviceHealthAttestationHeader",
"childSettings": [
{
"dataType": 0,
"category": 39,
"nameResourceKey": "earlyLaunchAntiMalwareDriverEnabledName",
"childSettings": [
],
"options": [
],
"entityKey": "earlyLaunchAntiMalwareDriverEnabled",
"booleanActions": 1,
"defaultValue": false,
"policyType": 35,
"enabled": false
},
{
"dataType": 0,
"category": 39,
"nameResourceKey": "firmwareProtectionEnabledName",
"childSettings": [
],
"options": [
],
"entityKey": "firmwareProtectionEnabled",
"booleanActions": 1,
"defaultValue": false,
"policyType": 35,
"enabled": false
},
{
"dataType": 0,
"category": 39,
"nameResourceKey": "hvciEnabledName",
"childSettings": [
],
"options": [
],
"entityKey": "memoryIntegrityEnabled",
"booleanActions": 1,
"defaultValue": false,
"policyType": 35,
"enabled": false
},
{
"dataType": 0,
"category": 39,
"nameResourceKey": "memoryAccessProtectionEnabledName",
"childSettings": [
],
"options": [
],
"entityKey": "kernelDmaProtectionEnabled",
"booleanActions": 1,
"defaultValue": false,
"policyType": 35,
"enabled": false
},
{
"dataType": 0,
"category": 39,
"nameResourceKey": "virtualizationBasedSecurityEnabledName",
"childSettings": [
],
"options": [
],
"entityKey": "virtualizationBasedSecurityEnabled",
"booleanActions": 1,
"defaultValue": false,
"policyType": 35,
"enabled": false
}
],
"options": [
],
"booleanActions": 0,
"policyType": 35,
"enabled": false
}
]
}

6
Documentation/ObjectInfo/scepproperties_androiddeviceownerscep.json
View File

@@ -448,6 +448,12 @@
"displayText": "2048",
"value": "size2048",
"enabled": true
},
{
"nameResourceKey": "",
"displayText": "4096",
"value": "size4096",
"enabled": false
}
],
"entityKey": "keySize",

6
Documentation/ObjectInfo/scepproperties_androidforworkscep.json
View File

@@ -418,6 +418,12 @@
"displayText": "2048",
"value": "size2048",
"enabled": true
},
{
"nameResourceKey": "",
"displayText": "4096",
"value": "size4096",
"enabled": false
}
],
"entityKey": "keySize",

6
Documentation/ObjectInfo/scepproperties_androidscep.json
View File

@@ -195,6 +195,12 @@
"displayText": "2048",
"value": "size2048",
"enabled": true
},
{
"nameResourceKey": "",
"displayText": "4096",
"value": "size4096",
"enabled": false
}
],
"entityKey": "keySize",

6
Documentation/ObjectInfo/scepproperties_aospdeviceownerscep.json
View File

@@ -418,6 +418,12 @@
"displayText": "2048",
"value": "size2048",
"enabled": true
},
{
"nameResourceKey": "",
"displayText": "4096",
"value": "size4096",
"enabled": false
}
],
"entityKey": "keySize",

6
Documentation/ObjectInfo/scepproperties_windows10scep.json
View File

@@ -457,6 +457,12 @@
"displayText": "2048",
"value": "size2048",
"enabled": true
},
{
"nameResourceKey": "",
"displayText": "4096",
"value": "size4096",
"enabled": false
}
],
"entityKey": "keySize",

6
Documentation/ObjectInfo/scepproperties_windows8scep.json
View File

@@ -457,6 +457,12 @@
"displayText": "2048",
"value": "size2048",
"enabled": true
},
{
"nameResourceKey": "",
"displayText": "4096",
"value": "size4096",
"enabled": false
}
],
"entityKey": "keySize",

6
Documentation/ObjectInfo/scepproperties_windowsphonescep.json
View File

@@ -234,6 +234,12 @@
"displayText": "2048",
"value": "size2048",
"enabled": true
},
{
"nameResourceKey": "",
"displayText": "4096",
"value": "size4096",
"enabled": false
}
],
"entityKey": "keySize",

44
Documentation/ObjectInfo/vpn_windows10vpn.json
View File

@@ -584,7 +584,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -2329,7 +2329,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -4074,7 +4074,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -5819,7 +5819,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -8052,7 +8052,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -9797,7 +9797,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -11542,7 +11542,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -13272,7 +13272,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -15390,7 +15390,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -17120,7 +17120,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -18850,7 +18850,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -20622,7 +20622,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -22367,7 +22367,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -24112,7 +24112,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -25857,7 +25857,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -28090,7 +28090,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -29835,7 +29835,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -31580,7 +31580,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -33310,7 +33310,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -35428,7 +35428,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -37158,7 +37158,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{
@@ -38888,7 +38888,7 @@
"booleanActions": 0,
"defaultValue": "outbound",
"policyType": 89,
"enabled": false
"enabled": true
}
},
{

17
Documentation/ObjectInfo/workprofile_androidforworkgeneral.json
View File

@@ -613,6 +613,23 @@
"policyType": 13,
"enabled": true
},
{
"dataType": 0,
"category": 127,
"nameResourceKey": "blockUnifiedPasswordForWorkProfileName",
"descriptionResourceKey": "blockUnifiedPasswordForWorkProfileDescription",
"childSettings": [
],
"options": [
],
"entityKey": "blockUnifiedPasswordForWorkProfile",
"booleanActions": 3,
"defaultValue": false,
"policyType": 13,
"enabled": false
},
{
"isSettingDescription": false,
"showAsSectionHeader": true,

4047
Documentation/Strings-cs.json
View File

File diff suppressed because it is too large Load Diff

4045
Documentation/Strings-de.json
View File

File diff suppressed because it is too large Load Diff

4053
Documentation/Strings-en.json
View File

File diff suppressed because it is too large Load Diff

4047
Documentation/Strings-es.json
View File

File diff suppressed because it is too large Load Diff

4047
Documentation/Strings-fr.json
View File

File diff suppressed because it is too large Load Diff

4047
Documentation/Strings-hu.json
View File

File diff suppressed because it is too large Load Diff

4047
Documentation/Strings-it.json
View File

File diff suppressed because it is too large Load Diff

4049
Documentation/Strings-ja.json
View File

File diff suppressed because it is too large Load Diff

4051
Documentation/Strings-ko.json
View File

File diff suppressed because it is too large Load Diff

4043
Documentation/Strings-nl.json
View File

File diff suppressed because it is too large Load Diff

4045
Documentation/Strings-pl.json
View File

File diff suppressed because it is too large Load Diff

4053
Documentation/Strings-pt.json
View File

File diff suppressed because it is too large Load Diff

4049
Documentation/Strings-ru.json
View File

File diff suppressed because it is too large Load Diff

4047
Documentation/Strings-sv.json
View File

File diff suppressed because it is too large Load Diff

4049
Documentation/Strings-tr.json
View File

File diff suppressed because it is too large Load Diff

4053
Documentation/Strings-zh-chs.json
View File

File diff suppressed because it is too large Load Diff

4053
Documentation/Strings-zh-cht.json
View File

File diff suppressed because it is too large Load Diff

4049
Documentation/Strings-zh-hans.json
View File

File diff suppressed because it is too large Load Diff

4051
Documentation/Strings-zh-hant.json
View File

File diff suppressed because it is too large Load Diff

4053
Documentation/Strings-zh.json
View File

File diff suppressed because it is too large Load Diff

29
Extensions/Documentation.psm1
View File

@@ -20,7 +20,7 @@ $global:documentationProviders = @()
function Get-ModuleVersion
{
'2.0.1'
'2.0.2'
}
function Invoke-InitializeModule
@@ -61,6 +61,7 @@ function Invoke-InitializeModule
Settings="TableHeaders.settings"
returnCode='Win32ReturnCodes.Columns.returnCode'
type='Win32ReturnCodes.Columns.codeType'
RecommendedValue="AzureIAMCommon.Recommended"
}
}
@@ -290,7 +291,8 @@ function Get-ObjectDocumentation
elseif($type -eq "#microsoft.graph.deviceManagementIntent")
{
Invoke-TranslateIntentObject $obj $objectType | Out-Null
$properties = @("Name","Value","Category","FullValueTable","RawValue","SettingId","Description")
$properties = @("Name","Value","Category","FullValueTable","RawValue","RecommendedValue","SettingId","Description")
$defaultDocumentationProperties = @("Name","Value","RecommendedValue")
}
#endregion
#region Administrative Templates
@@ -536,11 +538,15 @@ function Get-ObjectTypeString
elseif($objTypeId -eq "WinFeatureUpdates")
{
return (Get-LanguageString "Titles.featureUpdateDeployments")
}
}
elseif($objTypeId -eq "WinQualityUpdates")
{
return (Get-LanguageString "Titles.windows10QualityUpdate")
}
elseif($objTypeId -eq "WinDriverUpdatePolicies")
{
return (Get-LanguageString "Titles.windows10DriverUpdate")
}
elseif($objTypeId -eq "TenantAdmin")
{
return (Get-LanguageString "Titles.tenantAdmin")
@@ -1488,6 +1494,12 @@ function Add-IntentSettingObjectToList
$objSetting.Level = $objSetting.Level + 1
}
$recommendedSetting = $global:catRecommendedSettings[$objSetting.CategoryObject.Id] | Where definitionId -eq $objSetting.SettingId
if($recommendedSetting.valueJson -and ($objSetting.ValueSet -eq $false -or $recommendedSetting.valueJson -ne ($objSetting.RawValue | ConvertTo-Json -Compress))) {
$objSetting | Add-Member Noteproperty -Name "RecommendedValue" -Value ($recommendedSetting.valueJson | ConvertFrom-Json) -Force
}
$script:objectSettingsData += $objSetting
if($objSetting.ValueSet -eq $false) { return }
@@ -2415,6 +2427,17 @@ function Invoke-TranslateSection
}
$value = $arrTmp -join $script:objectSeparator
}
elseif($prop.dataType -eq 108) # String with format
{
$value = $propValue
if($prop.formatStringKey) {
$str = Get-LanguageString $prop.formatStringKey
if($str)
{
$value = $str -f $propValue
}
}
}
else
{
Write-Log "Unsupported property '$((Get-LanguageString "SettingDetails.$($prop.nameResourceKey)"))' ($($prop.nameResourceKey)) for object property $($prop.entityKey). Type: $($prop.dataType)" 2

178
Extensions/DocumentationCustom.psm1
View File

@@ -10,7 +10,7 @@ This module will also document some objects based on PowerShell functions
function Get-ModuleVersion
{
'1.6.0'
'1.6.1'
}
function Invoke-InitializeModule
@@ -267,7 +267,7 @@ function Invoke-CDDocumentCustomPostAdd
if($prop.EntityKey -eq "featureUpdatesRollbackWindowInDays")
{
if($obj.businessReadyUpdatesOnly -eq "businessReadyOnly")
if($obj.businessReadyUpdatesOnly -eq "businessReadyOnly" -or $obj.businessReadyUpdatesOnly -eq "all" -or $obj.businessReadyUpdatesOnly -eq "userDefined")
{
$propValue = Get-LanguageString "BooleanActions.notConfigured"
}
@@ -288,7 +288,7 @@ function Invoke-CDDocumentCustomPostAdd
Add-PropertyInfo $tmpProp $propValue -originalValue $obj.businessReadyUpdatesOnly
if($obj.businessReadyUpdatesOnly -ne "businessReadyOnly")
if($obj.businessReadyUpdatesOnly -ne "businessReadyOnly" -and $obj.businessReadyUpdatesOnly -ne "all" -and $obj.businessReadyUpdatesOnly -ne "userDefined")
{
# Pre-release channel selected. Inject info
$propValue = Get-LanguageString "SettingDetails.$($obj.businessReadyUpdatesOnly)Option"
@@ -2029,17 +2029,17 @@ function Invoke-CDDocumentCountryNamedLocation
###################################################
Add-BasicDefaultValues $obj $objectType
Add-BasicPropertyValue (Get-LanguageString "TableHeaders.configurationType") (Get-LanguageString "AzureIAM.menuItemNamedNetworks")
Add-BasicPropertyValue (Get-LanguageString "TableHeaders.configurationType") (Get-LanguageString "AzureCA.menuItemNamedNetworks")
Add-BasicAdditionalValues $obj $objectType
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.NamedLocation.Form.CountryLookup.ariaLabel"
Value = Get-LanguageString "AzureIAM.NamedLocation.Form.CountryLookup.$((?: ($obj.countryLookupMethod -eq "clientIpAddress") "ip" "gps"))"
Name = Get-LanguageString "AzureCA.NamedLocation.Form.CountryLookup.ariaLabel"
Value = Get-LanguageString "AzureCA.NamedLocation.Form.CountryLookup.$((?: ($obj.countryLookupMethod -eq "clientIpAddress") "ip" "gps"))"
EntityKey = "countryLookupMethod"
})
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.NamedLocation.Form.Include.label"
Name = Get-LanguageString "AzureCA.NamedLocation.Form.Include.label"
Value = Get-LanguageString (?: ($obj.includeUnknownCountriesAndRegions -eq $true) "Inputs.enabled" "Inputs.disabled")
EntityKey = "includeUnknownCountriesAndRegions"
})
@@ -2047,11 +2047,11 @@ function Invoke-CDDocumentCountryNamedLocation
$countryList = @()
foreach($country in $obj.countriesAndRegions)
{
$countryList += Get-LanguageString "AzureIAMCommon.CountryNames.countryName$($country.ToLower())"
$countryList += Get-LanguageString "CountryNames.countryName$($country.ToLower())"
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.NamedLocation.Type.countries"
Name = Get-LanguageString "AzureCA.NamedLocation.Type.countries"
Value = $countryList -join $script:objectSeparator
EntityKey = "countriesAndRegions"
})
@@ -2072,11 +2072,11 @@ function Invoke-CDDocumentIPNamedLocation
###################################################
Add-BasicDefaultValues $obj $objectType
Add-BasicPropertyValue (Get-LanguageString "TableHeaders.configurationType") (Get-LanguageString "AzureIAM.menuItemNamedNetworks")
Add-BasicPropertyValue (Get-LanguageString "TableHeaders.configurationType") (Get-LanguageString "AzureCA.menuItemNamedNetworks")
Add-BasicAdditionalValues $obj $objectType
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.NamedLocation.Form.Trusted.label"
Name = Get-LanguageString "AzureCA.NamedLocation.Form.Trusted.label"
Value = Get-LanguageString (?: ($obj.isTrusted -eq $true) "Inputs.enabled" "Inputs.disabled")
EntityKey = "isTrusted"
})
@@ -2088,7 +2088,7 @@ function Invoke-CDDocumentIPNamedLocation
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.NamedLocation.Type.ipRanges"
Name = Get-LanguageString "AzureCA.NamedLocation.Type.ipRanges"
Value = $ipList -join $script:objectSeparator
EntityKey = "ipRanges"
})
@@ -2113,7 +2113,7 @@ function Invoke-CDDocumentTermsOfUse
###################################################
Add-BasicPropertyValue (Get-LanguageString "SettingDetails.nameName") $obj.displayName
Add-BasicPropertyValue (Get-LanguageString "TableHeaders.configurationType") (Get-LanguageString "AzureIAM.menuItemTermsOfUse")
Add-BasicPropertyValue (Get-LanguageString "TableHeaders.configurationType") (Get-LanguageString "AzureCA.menuItemTermsOfUse")
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "TermsOfUse.Wizard.agreementIsViewingBeforeAcceptanceRequiredLabel"
@@ -2222,22 +2222,22 @@ function Invoke-CDDocumentConditionalAccess
#Add-BasicDefaultValues $obj $objectType
Add-BasicPropertyValue (Get-LanguageString "SettingDetails.nameName") $obj.displayName
Add-BasicPropertyValue (Get-LanguageString "TableHeaders.configurationType") (Get-LanguageString "AzureIAM.conditionalAccessBladeTitle")
Add-BasicPropertyValue (Get-LanguageString "TableHeaders.configurationType") (Get-LanguageString "AzureCA.conditionalAccessBladeTitle")
if($obj.state -eq "enabledForReportingButNotEnforced")
{
$state = Get-LanguageString "AzureIAM.PolicyState.reportOnly"
$state = Get-LanguageString "AzureCA.PolicyState.reportOnly"
}
elseif($obj.state -eq "disabled")
{
$state = Get-LanguageString "AzureIAM.PolicyState.off"
$state = Get-LanguageString "AzureCA.PolicyState.off"
}
else
{
$state = Get-LanguageString "AzureIAM.PolicyState.on"
$state = Get-LanguageString "AzureCA.PolicyState.on"
}
Add-BasicPropertyValue (Get-LanguageString "AzureIAM.policyEnforceLabel") $state
Add-BasicPropertyValue (Get-LanguageString "AzureCA.policyEnforceLabel") $state
Add-BasicAdditionalValues $obj $objectType
@@ -2281,16 +2281,16 @@ function Invoke-CDDocumentConditionalAccess
$script:allAadRoles =(Invoke-GraphRequest -url "/directoryRoleTemplates?`$select=Id,displayName" -ODataMetadata "minimal").value
}
$includeLabel = Get-LanguageString "AzureIAM.userSelectionBladeIncludeTabTitle"
$excludeLabel = Get-LanguageString "AzureIAM.userSelectionBladeExcludeTabTitle"
$includeLabel = Get-LanguageString "AzureCA.userSelectionBladeIncludeTabTitle"
$excludeLabel = Get-LanguageString "AzureCA.userSelectionBladeExcludeTabTitle"
$category = Get-LanguageString "AzureIAM.usersGroupsLabel"
$category = Get-LanguageString "AzureCA.usersGroupsLabel"
if((($obj.conditions.users.includeUsers | Where { $_ -eq "All"}) -ne $null))
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = $includeLabel
Value = Get-LanguageString "AzureIAM.allUsersString"
Value = Get-LanguageString "AzureCA.allUsersString"
Category = $category
SubCategory = $includeLabel
EntityKey = "includeUsers"
@@ -2300,7 +2300,7 @@ function Invoke-CDDocumentConditionalAccess
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = $includeLabel
Value = Get-LanguageString "AzureIAM.chooseApplicationsNone"
Value = Get-LanguageString "AzureCA.chooseApplicationsNone"
Category = $category
SubCategory = $includeLabel
EntityKey = "includeUsers"
@@ -2310,7 +2310,7 @@ function Invoke-CDDocumentConditionalAccess
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = $includeLabel
Value = Get-LanguageString "AzureIAM.userSelectionBladeSelectedUsers"
Value = Get-LanguageString "AzureCA.userSelectionBladeSelectedUsers"
Category = $category
SubCategory = $includeLabel
EntityKey = "includeUsers"
@@ -2319,7 +2319,7 @@ function Invoke-CDDocumentConditionalAccess
if((($obj.conditions.users.includeUsers | Where { $_ -eq "GuestsOrExternalUsers"}) -ne $null))
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.allGuestUserLabel"
Name = Get-LanguageString "AzureCA.allGuestUserLabel"
Value = Get-LanguageString "Inputs.enabled" #$((?: (($obj.conditions.users.includeUsers | Where { $_ -eq "GuestsOrExternalUsers"}) -ne $null) "enabled" "disabled"))"
Category = $category
SubCategory = $includeLabel
@@ -2337,7 +2337,7 @@ function Invoke-CDDocumentConditionalAccess
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.directoryRolesLabel"
Name = Get-LanguageString "AzureCA.directoryRolesLabel"
Value = $tmpObjs -join $script:objectSeparator
Category = $category
SubCategory = $includeLabel
@@ -2367,7 +2367,7 @@ function Invoke-CDDocumentConditionalAccess
if((($obj.conditions.users.excludeUsers | Where { $_ -eq "GuestsOrExternalUsers"}) -ne $null))
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.allGuestUserLabel"
Name = Get-LanguageString "AzureCA.allGuestUserLabel"
Value = Get-LanguageString "Inputs.enabled" #$((?: (($obj.conditions.users.excludeUsers | Where { $_ -eq "GuestsOrExternalUsers"}) -ne $null) "enabled" "disabled"))"
Category = $category
SubCategory = $excludeLabel
@@ -2385,7 +2385,7 @@ function Invoke-CDDocumentConditionalAccess
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.directoryRolesLabel"
Name = Get-LanguageString "AzureCA.directoryRolesLabel"
Value = $tmpObjs -join $script:objectSeparator
Category = $category
SubCategory = $excludeLabel
@@ -2416,8 +2416,8 @@ function Invoke-CDDocumentConditionalAccess
# Cloud apps or actions
###################################################
$category = Get-LanguageString "AzureIAM.UserActions.appsOrActionsTitle"
$cloudAppsLabel = Get-LanguageString "AzureIAM.policyCloudAppsLabel"
$category = Get-LanguageString "AzureCA.UserActions.appsOrActionsTitle"
$cloudAppsLabel = Get-LanguageString "AzureCA.policyCloudAppsLabel"
$cloudApps = Get-CDAllCloudApps
@@ -2425,7 +2425,7 @@ function Invoke-CDDocumentConditionalAccess
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = $includeLabel
Value = Get-LanguageString "AzureIAM.cloudappsSelectionBladeAllCloudapps" #Get-LanguageString "Inputs.enabled"
Value = Get-LanguageString "AzureCA.cloudappsSelectionBladeAllCloudapps" #Get-LanguageString "Inputs.enabled"
Category = $category
SubCategory = $cloudAppsLabel
EntityKey = "includeApplications"
@@ -2435,7 +2435,7 @@ function Invoke-CDDocumentConditionalAccess
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = $includeLabel
Value = Get-LanguageString "AzureIAM.chooseApplicationsNone" #Get-LanguageString "Inputs.enabled"
Value = Get-LanguageString "AzureCA.chooseApplicationsNone" #Get-LanguageString "Inputs.enabled"
Category = $category
SubCategory = $cloudAppsLabel
EntityKey = "includeApplications"
@@ -2477,18 +2477,18 @@ function Invoke-CDDocumentConditionalAccess
if($obj.conditions.applications.includeUserActions.Count -gt 0)
{
$userActionsLabel = Get-LanguageString "AzureIAM.UserActions.label"
$userActionsLabel = Get-LanguageString "AzureCA.UserActions.label"
if(($obj.conditions.applications.includeUserActions | Where { $_ -eq "urn:user:registersecurityinfo" }))
{
$value = Get-LanguageString "AzureIAM.UserActions.registerSecurityInfo"
$value = Get-LanguageString "AzureCA.UserActions.registerSecurityInfo"
}
else
{
$value = Get-LanguageString "AzureIAM.UserActions.registerOrJoinDevices"
$value = Get-LanguageString "AzureCA.UserActions.registerOrJoinDevices"
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.UserActions.selectionInfo"
Name = Get-LanguageString "AzureCA.UserActions.selectionInfo"
Value = $value
Category = $category
SubCategory = $userActionsLabel
@@ -2511,10 +2511,10 @@ function Invoke-CDDocumentConditionalAccess
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.AuthContext.checkBoxInfo"
Name = Get-LanguageString "AzureCA.AuthContext.checkBoxInfo"
Value = $tmpObjs -join $script:objectSeparator
Category = $category
SubCategory = Get-LanguageString "AzureIAM.AuthContext.label"
SubCategory = Get-LanguageString "AzureCA.AuthContext.label"
EntityKey = "includeAuthenticationContextClassReferences"
})
}
@@ -2523,23 +2523,23 @@ function Invoke-CDDocumentConditionalAccess
# Conditions
###################################################
$category = Get-LanguageString "AzureIAM.helpConditionsTitle"
$category = Get-LanguageString "AzureCA.helpConditionsTitle"
#$category = Get-LanguageString "AzureIAM.policyConditionUserRisk"
#$category = Get-LanguageString "AzureCA.policyConditionUserRisk"
if($obj.conditions.userRiskLevels.Count -gt 0)
{
$tmpObjs = @()
foreach($id in ($obj.conditions.userRiskLevels))
{
$tmpObjs += Get-LanguageString "AzureIAM.$($id)Risk"
$tmpObjs += Get-LanguageString "AzureCA.$($id)Risk"
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = $includeLabel
Value = $tmpObjs -join $script:objectSeparator
Category = $category
SubCategory = Get-LanguageString "AzureIAM.policyConditionUserRisk"
SubCategory = Get-LanguageString "AzureCA.policyConditionUserRisk"
EntityKey = "userRiskLevels"
})
}
@@ -2549,14 +2549,14 @@ function Invoke-CDDocumentConditionalAccess
$tmpObjs = @()
foreach($id in ($obj.conditions.signInRiskLevels))
{
$tmpObjs += Get-LanguageString "AzureIAM.$($id)Risk"
$tmpObjs += Get-LanguageString "AzureCA.$($id)Risk"
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = $includeLabel
Value = $tmpObjs -join $script:objectSeparator
Category = $category
SubCategory = Get-LanguageString "AzureIAM.policyConditionSigninRisk"
SubCategory = Get-LanguageString "AzureCA.policyConditionSigninRisk"
EntityKey = "signInRiskLevels"
})
}
@@ -2568,11 +2568,11 @@ function Invoke-CDDocumentConditionalAccess
{
if($id -eq "all")
{
$tmpObjs += Get-LanguageString "AzureIAM.allDevicePlatforms"
$tmpObjs += Get-LanguageString "AzureCA.allDevicePlatforms"
}
else
{
$tmpObjs += Get-LanguageString "AzureIAM.$($id)DisplayName"
$tmpObjs += Get-LanguageString "AzureCA.$($id)DisplayName"
}
}
@@ -2580,7 +2580,7 @@ function Invoke-CDDocumentConditionalAccess
Name = $includeLabel
Value = $tmpObjs -join $script:objectSeparator
Category = $category
SubCategory = Get-LanguageString "AzureIAM.devicePlatform"
SubCategory = Get-LanguageString "AzureCA.devicePlatform"
EntityKey = "includePlatforms"
})
}
@@ -2590,14 +2590,14 @@ function Invoke-CDDocumentConditionalAccess
$tmpObjs = @()
foreach($id in ($obj.conditions.platforms.excludePlatforms))
{
$tmpObjs += Get-LanguageString "AzureIAM.$($id)DisplayName"
$tmpObjs += Get-LanguageString "AzureCA.$($id)DisplayName"
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = $excludeLabel
Value = $tmpObjs -join $script:objectSeparator
Category = $category
SubCategory = Get-LanguageString "AzureIAM.devicePlatform"
SubCategory = Get-LanguageString "AzureCA.devicePlatform"
EntityKey = "excludePlatforms"
})
}
@@ -2614,7 +2614,7 @@ function Invoke-CDDocumentConditionalAccess
elseif($script:allNamedLocations -isnot [Object[]]) { $script:allNamedLocations = @($script:allNamedLocations) }
$script:allNamedLocations += [PSCustomObject]@{
displayName = Get-LanguageString "AzureIAM.chooseLocationTrustedIpsItem"
displayName = Get-LanguageString "AzureCA.chooseLocationTrustedIpsItem"
id = "00000000-0000-0000-0000-000000000000"
}
}
@@ -2637,11 +2637,11 @@ function Invoke-CDDocumentConditionalAccess
{
if($id -eq "AllTrusted")
{
$tmpObjs += Get-LanguageString "AzureIAM.allTrustedLocationLabel"
$tmpObjs += Get-LanguageString "AzureCA.allTrustedLocationLabel"
}
elseif($id -eq "All")
{
$tmpObjs += Get-LanguageString "AzureIAM.locationsAllLocationsLabel"
$tmpObjs += Get-LanguageString "AzureCA.locationsAllLocationsLabel"
}
else
{
@@ -2654,7 +2654,7 @@ function Invoke-CDDocumentConditionalAccess
Name = $includeLabel
Value = $tmpObjs -join $script:objectSeparator
Category = $category
SubCategory = Get-LanguageString "AzureIAM.policyConditionLocation"
SubCategory = Get-LanguageString "AzureCA.policyConditionLocation"
EntityKey = "includeLocations"
})
}
@@ -2666,11 +2666,11 @@ function Invoke-CDDocumentConditionalAccess
{
if($id -eq "AllTrusted")
{
$tmpObjs += Get-LanguageString "AzureIAM.allTrustedLocationLabel"
$tmpObjs += Get-LanguageString "AzureCA.allTrustedLocationLabel"
}
elseif($id -eq "All")
{
$tmpObjs += Get-LanguageString "AzureIAM.locationsAllLocationsLabel"
$tmpObjs += Get-LanguageString "AzureCA.locationsAllLocationsLabel"
}
else
{
@@ -2683,7 +2683,7 @@ function Invoke-CDDocumentConditionalAccess
Name = $excludeLabel
Value = $tmpObjs -join $script:objectSeparator
Category = $category
SubCategory = Get-LanguageString "AzureIAM.policyConditionLocation"
SubCategory = Get-LanguageString "AzureCA.policyConditionLocation"
EntityKey = "excludeLocations"
})
}
@@ -2693,10 +2693,10 @@ function Invoke-CDDocumentConditionalAccess
$tmpObjs = @()
foreach($id in ($obj.conditions.clientAppTypes))
{
if($id -eq "browser") { $tmpObjs += Get-LanguageString "AzureIAM.clientAppWebBrowser" }
elseif($id -eq "mobileAppsAndDesktopClients") { $tmpObjs += Get-LanguageString "AzureIAM.clientAppMobileDesktop" }
elseif($id -eq "exchangeActiveSync") { $tmpObjs += Get-LanguageString "AzureIAM.clientAppExchangeActiveSync" }
elseif($id -eq "other") { $tmpObjs += Get-LanguageString "AzureIAM.clientTypeOtherClients" }
if($id -eq "browser") { $tmpObjs += Get-LanguageString "AzureCA.clientAppWebBrowser" }
elseif($id -eq "mobileAppsAndDesktopClients") { $tmpObjs += Get-LanguageString "AzureCA.clientAppMobileDesktop" }
elseif($id -eq "exchangeActiveSync") { $tmpObjs += Get-LanguageString "AzureCA.clientAppExchangeActiveSync" }
elseif($id -eq "other") { $tmpObjs += Get-LanguageString "AzureCA.clientTypeOtherClients" }
elseif($id -eq "all") { break } # Not configured
else
{
@@ -2711,7 +2711,7 @@ function Invoke-CDDocumentConditionalAccess
Name = $includeLabel
Value = $tmpObjs -join $script:objectSeparator
Category = $category
SubCategory = Get-LanguageString "AzureIAM.policyConditioniClientApp"
SubCategory = Get-LanguageString "AzureCA.policyConditioniClientApp"
EntityKey = "clientAppTypes"
})
}
@@ -2721,9 +2721,9 @@ function Invoke-CDDocumentConditionalAccess
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = $includeLabel
Value = Get-LanguageString "AzureIAM.deviceStateAll"
Value = Get-LanguageString "AzureCA.deviceStateAll"
Category = $category
SubCategory = Get-LanguageString "AzureIAM.deviceStateConditionSelectorLabel"
SubCategory = Get-LanguageString "AzureCA.deviceStateConditionSelectorLabel"
EntityKey = "includeDevices"
})
}
@@ -2733,14 +2733,14 @@ function Invoke-CDDocumentConditionalAccess
$tmpObjs = @()
foreach($id in ($obj.conditions.devices.excludeDevices))
{
$tmpObjs += Get-LanguageString "AzureIAM.classicPolicyControlRequire$($id)Device"
$tmpObjs += Get-LanguageString "AzureCA.classicPolicyControlRequire$($id)Device"
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = $excludeLabel
Value = $tmpObjs -join $script:objectSeparator
Category = $category
SubCategory = Get-LanguageString "AzureIAM.deviceStateConditionSelectorLabel"
SubCategory = Get-LanguageString "AzureCA.deviceStateConditionSelectorLabel"
EntityKey = "excludeDevices"
})
}
@@ -2749,11 +2749,11 @@ function Invoke-CDDocumentConditionalAccess
# Grant
###################################################
$category = Get-LanguageString "AzureIAM.policyControlBladeTitle"
$category = Get-LanguageString "AzureCA.policyControlBladeTitle"
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.policyControlContentDescription"
Value = Get-LanguageString "AzureIAM.$((?: (($obj.grantControls.builtInControls | Where { $_ -eq "block"}) -ne $null) "policyControlBlockAccessDisplayedName" "policyControlAllowAccessDisplayedName"))"
Name = Get-LanguageString "AzureCA.policyControlContentDescription"
Value = Get-LanguageString "AzureCA.$((?: (($obj.grantControls.builtInControls | Where { $_ -eq "block"}) -ne $null) "policyControlBlockAccessDisplayedName" "policyControlAllowAccessDisplayedName"))"
Category = $category
SubCategory = ""
EntityKey = "policyControl"
@@ -2766,7 +2766,7 @@ function Invoke-CDDocumentConditionalAccess
if(($obj.grantControls.builtInControls | Where { $_ -eq "mfa"}))
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.policyControlMfaChallengeDisplayedName"
Name = Get-LanguageString "AzureCA.policyControlMfaChallengeDisplayedName"
Value = Get-LanguageString "Inputs.enabled"
Category = $category
SubCategory = ""
@@ -2777,7 +2777,7 @@ function Invoke-CDDocumentConditionalAccess
if(($obj.grantControls.builtInControls | Where { $_ -eq "compliantDevice"}))
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.policyControlCompliantDeviceDisplayedName"
Name = Get-LanguageString "AzureCA.policyControlCompliantDeviceDisplayedName"
Value = Get-LanguageString "Inputs.enabled"
Category = $category
SubCategory = ""
@@ -2788,7 +2788,7 @@ function Invoke-CDDocumentConditionalAccess
if(($obj.grantControls.builtInControls | Where { $_ -eq "domainJoinedDevice"}))
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.policyControlRequireDomainJoinedDisplayedName"
Name = Get-LanguageString "AzureCA.policyControlRequireDomainJoinedDisplayedName"
Value = Get-LanguageString "Inputs.enabled"
Category = $category
SubCategory = ""
@@ -2799,7 +2799,7 @@ function Invoke-CDDocumentConditionalAccess
if(($obj.grantControls.builtInControls | Where { $_ -eq "approvedApplication"}))
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.policyControlRequireMamDisplayedName"
Name = Get-LanguageString "AzureCA.policyControlRequireMamDisplayedName"
Value = Get-LanguageString "Inputs.enabled"
Category = $category
SubCategory = ""
@@ -2810,7 +2810,7 @@ function Invoke-CDDocumentConditionalAccess
if(($obj.grantControls.builtInControls | Where { $_ -eq "compliantApplication"}))
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.policyControlRequireCompliantAppDisplayedName"
Name = Get-LanguageString "AzureCA.policyControlRequireCompliantAppDisplayedName"
Value = Get-LanguageString "Inputs.enabled"
Category = $category
SubCategory = ""
@@ -2821,7 +2821,7 @@ function Invoke-CDDocumentConditionalAccess
if(($obj.grantControls.builtInControls | Where { $_ -eq "passwordChange"}))
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.policyControlRequiredPasswordChangeDisplayedName"
Name = Get-LanguageString "AzureCA.policyControlRequiredPasswordChangeDisplayedName"
Value = Get-LanguageString "Inputs.enabled"
Category = $category
SubCategory = ""
@@ -2840,7 +2840,7 @@ function Invoke-CDDocumentConditionalAccess
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.menuItemTermsOfUse"
Name = Get-LanguageString "AzureCA.menuItemTermsOfUse"
Value = $termsOfUse -join $script:objectSeparator
Category = $category
SubCategory = ""
@@ -2849,8 +2849,8 @@ function Invoke-CDDocumentConditionalAccess
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.descriptionContentForControlsAndOr"
Value = Get-LanguageString "AzureIAM.$((?: ($obj.grantControls.operator -eq "OR") "requireOneControlText" "requireAllControlsText"))"
Name = Get-LanguageString "AzureCA.descriptionContentForControlsAndOr"
Value = Get-LanguageString "AzureCA.$((?: ($obj.grantControls.operator -eq "OR") "requireOneControlText" "requireAllControlsText"))"
Category = $category
SubCategory = ""
EntityKey = "grantOperator"
@@ -2861,12 +2861,12 @@ function Invoke-CDDocumentConditionalAccess
# Session
###################################################
$category = Get-LanguageString "AzureIAM.sessionControlBladeTitle"
$category = Get-LanguageString "AzureCA.sessionControlBladeTitle"
if($obj.sessionControls.applicationEnforcedRestrictions.isEnabled -eq $true)
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.sessionControlsAppEnforcedLabel"
Name = Get-LanguageString "AzureCA.sessionControlsAppEnforcedLabel"
Value = Get-LanguageString "Inputs.enabled"
Category = $category
SubCategory = ""
@@ -2881,8 +2881,8 @@ function Invoke-CDDocumentConditionalAccess
elseif($obj.sessionControls.cloudAppSecurity.cloudAppSecurityType -eq "blockDownloads") { $strId = "blockDownloads" }
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.sessionControlsCasLabel"
Value = Get-LanguageString "AzureIAM.CAS.BuiltinPolicy.Option.$strId"
Name = Get-LanguageString "AzureCA.sessionControlsCasLabel"
Value = Get-LanguageString "AzureCA.CAS.BuiltinPolicy.Option.$strId"
Category = $category
SubCategory = ""
EntityKey = "cloudAppSecurity"
@@ -2899,27 +2899,27 @@ function Invoke-CDDocumentConditionalAccess
{
if($obj.sessionControls.signInFrequency.value -gt 1)
{
$value = (Get-LanguageString "AzureIAM.SessionLifetime.SignInFrequency.Option.Hour.plural") -f $obj.sessionControls.signInFrequency.value
$value = (Get-LanguageString "AzureCA.SessionLifetime.SignInFrequency.Option.Hour.plural") -f $obj.sessionControls.signInFrequency.value
}
else
{
$value = Get-LanguageString "AzureIAM.SessionLifetime.SignInFrequency.Option.Hour.singular"
$value = Get-LanguageString "AzureCA.SessionLifetime.SignInFrequency.Option.Hour.singular"
}
}
else
{
if($obj.sessionControls.signInFrequency.value -gt 1)
{
$value = (Get-LanguageString "AzureIAM.SessionLifetime.SignInFrequency.Option.Day.plural") -f $obj.sessionControls.signInFrequency.value
$value = (Get-LanguageString "AzureCA.SessionLifetime.SignInFrequency.Option.Day.plural") -f $obj.sessionControls.signInFrequency.value
}
else
{
$value = Get-LanguageString "AzureIAM.SessionLifetime.SignInFrequency.Option.Day.singular"
$value = Get-LanguageString "AzureCA.SessionLifetime.SignInFrequency.Option.Day.singular"
}
}
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.SessionLifetime.SignInFrequency.Option.label"
Name = Get-LanguageString "AzureCA.SessionLifetime.SignInFrequency.Option.label"
Value = $value
Category = $category
SubCategory = ""
@@ -2930,8 +2930,8 @@ function Invoke-CDDocumentConditionalAccess
if($obj.sessionControls.persistentBrowser.isEnabled -eq $true)
{
Add-CustomSettingObject ([PSCustomObject]@{
Name = Get-LanguageString "AzureIAM.SessionLifetime.PersistentBrowser.Option.label"
Value = Get-LanguageString "AzureIAM.SessionLifetime.PersistentBrowser.Option.$($obj.sessionControls.persistentBrowser.mode)"
Name = Get-LanguageString "AzureCA.SessionLifetime.PersistentBrowser.Option.label"
Value = Get-LanguageString "AzureCA.SessionLifetime.PersistentBrowser.Option.$($obj.sessionControls.persistentBrowser.mode)"
Category = $category
SubCategory = ""
EntityKey = "persistentBrowser"
@@ -3899,7 +3899,7 @@ function Invoke-CDDocumentDeviceEnrollmentPlatformRestrictionConfiguration
if($obj.'@OData.Type' -eq '#microsoft.graph.deviceEnrollmentPlatformRestrictionsConfiguration')
{
$platform = Get-LanguageString "AzureIAM.classicPolicyAllPlatforms"
$platform = Get-LanguageString "AzureCA.classicPolicyAllPlatforms"
$properties = @("androidForWorkRestriction","androidRestriction","iosRestriction","macRestriction","windowsRestriction")
$policyType = "all"
}

61
Extensions/EndpointManager.psm1
View File

@@ -10,7 +10,7 @@ This module is for the Endpoint Manager/Intune View. It manages Export/Import/Co
#>
function Get-ModuleVersion
{
'3.9.0'
'3.9.1'
}
function Invoke-InitializeModule
@@ -455,6 +455,7 @@ function Invoke-InitializeModule
PostExportCommand = { Start-PostExportApplications @args }
PostListCommand = { Start-PostListApplications @args }
ExportExtension = { Add-ScriptExportExtensions @args }
PostGetCommand = { Start-PostGetApplications @args }
GroupId = "Apps"
ScopeTagsReturnedInList = $false
})
@@ -767,6 +768,16 @@ function Invoke-InitializeModule
Icon = "Devices"
GroupId = "DeviceConfiguration"
})
Add-ViewItem (New-Object PSObject -Property @{
Title = "Driver Update Profiles"
Id = "DriverUpdateProfiles"
ViewID = "IntuneGraphAPI"
API = "/deviceManagement/windowsDriverUpdateProfiles"
Permissons = @("DeviceManagementConfiguration.ReadWrite.All")
Icon = "UpdatePolicies"
GroupId = "WinDriverUpdatePolicies"
})
}
function Invoke-EMAuthenticateToMSAL
@@ -2193,6 +2204,29 @@ function Start-PostListApplications
$objList
}
function Start-PostGetApplications {
param($obj, $objectType)
$relationships = (Invoke-GraphRequest -Url "/deviceAppManagement/mobileApps/$($obj.Id)/relationships?`$filter=targetType%20eq%20microsoft.graph.mobileAppRelationshipType%27child%27").value
$dependencyApps = @()
$supersededApps = @()
foreach ($rel in $relationships) {
if ($rel."@odata.type" -eq "#microsoft.graph.mobileAppDependency") {
$dependencyApps += "$($rel.targetDisplayName)|!|$($rel.targetDisplayVersion)|!|$($rel.targetId)|!|$($rel.dependencyType)"
}
elseif ($rel."@odata.type" -eq "#microsoft.graph.mobileAppSupersedence") {
$supersededApps += "$($rel.targetDisplayName)|!|$($rel.targetDisplayVersion)|!|$($rel.targetId)|!|$($rel.supersedenceType)"
}
}
if ($dependencyApps.Count -gt 0) {
$obj.Object | Add-Member -MemberType NoteProperty -Name "#CustomRefDependency" -Value ($dependencyApps -join "|*|")
}
if ($supersededApps.Count -gt 0) {
$obj.Object | Add-Member -MemberType NoteProperty -Name "#CustomRefSupersedence" -Value ($supersededApps -join "|*|")
}
}
#endregion
#region Group Policy/Administrative Templates functions
@@ -2202,6 +2236,13 @@ function Get-GPOObjectSettings
$gpoSettings = @()
if ($GPOObj.policyConfigurationIngestionType -eq "unknown") {
$tmpObj = (Invoke-GraphRequest -Url "/deviceManagement/groupPolicyConfigurations?`$filter=id eq '$($GPOObj.id)'").value[0]
if ($tmpObj.policyConfigurationIngestionType) {
$GPOObj.policyConfigurationIngestionType = $tmpObj.policyConfigurationIngestionType
}
}
# Get all configured policies in the Administrative Templates profile
$GPODefinitionValues = Invoke-GraphRequest -Url "/deviceManagement/groupPolicyConfigurations/$($GPOObj.id)/definitionValues?`$expand=definition" -ODataMetadata "skip"
foreach($definitionValue in $GPODefinitionValues.value)
@@ -3253,6 +3294,11 @@ function Add-ConditionalAccessImportExtensions
$label = [Windows.Markup.XamlReader]::Parse($xaml)
$CAStates = @()
$CAStates += [PSCustomObject]@{
Name = "As Exported - Change On to Report-only"
Value = "AsExportedReportOnly"
}
$CAStates += [PSCustomObject]@{
Name = "As Exported"
Value = "AsExported"
@@ -3277,7 +3323,7 @@ function Add-ConditionalAccessImportExtensions
$global:cbImportCAState.DisplayMemberPath = "Name"
$global:cbImportCAState.SelectedValuePath = "Value"
$global:cbImportCAState.ItemsSource = $CAStates
$global:cbImportCAState.SelectedValue = "AsExported"
$global:cbImportCAState.SelectedValue = "disabled"
$global:cbImportCAState.Margin="0,5,0,0"
$global:cbImportCAState.HorizontalAlignment="Left"
$global:cbImportCAState.Width=250
@@ -3290,9 +3336,14 @@ function Start-PreImportConditionalAccess
{
param($obj, $objectType, $file, $assignments)
if($global:cbImportCAState.SelectedValue -and $global:cbImportCAState.SelectedValue -ne "AsExported")
{
$obj.state = $global:cbImportCAState.SelectedValue
if ($global:cbImportCAState.SelectedValue -and $global:cbImportCAState.SelectedValue -ne "AsExported") {
if ($global:cbImportCAState.SelectedValue -eq "AsExportedReportOnly" -and $obj.state -eq "enabled") {
Write-Log "Change Enabled policy to Report-only"
$obj.state = "enabledForReportingButNotEnforced"
}
else {
$obj.state = $global:cbImportCAState.SelectedValue
}
}
if($obj.grantControls.authenticationStrength)

24
Extensions/IntuneAppManagement.psm1
View File

@@ -10,7 +10,7 @@ This module manages Application objects in Intune e.g. uploading application fil
#>
function Get-ModuleVersion
{
'3.9.0'
'3.9.1'
}
#########################################################################################
@@ -423,9 +423,17 @@ function Set-FinalizeAzureStorageUpload
}
$xml += '</BlockList>'
$params = @{}
$proxyURI = Get-ProxyURI
if($proxyURI)
{
$params.Add("proxy", $proxyURI)
$params.Add("UseBasicParsing", $true)
}
try
{
Invoke-RestMethod $uri -Method Put -Body $xml
Invoke-RestMethod $uri -Method Put -Body $xml @params
}
catch
{
@@ -457,12 +465,18 @@ function Write-AzureStorageChunk
$success = $false
$retryCount = 0
while($true)
$params = @{}
$proxyURI = Get-ProxyURI
if($proxyURI)
{
$params.Add("proxy", $proxyURI)
}
while($true)
{
try
{
$response = Invoke-WebRequest $uri -Method Put -Headers $headers -Body $encodedBody -UseBasicParsing
$response = Invoke-WebRequest $uri -Method Put -Headers $headers -Body $encodedBody -UseBasicParsing @params
if($retryCount -gt 0)
{
Write-Log "Chunk uploaded successfully"

4
Extensions/IntuneTools.psm1
View File

@@ -22,7 +22,7 @@ $global:EMToolsViewObject = $null
function Get-ModuleVersion
{
'1.0.3'
'1.0.4'
}
function Invoke-InitializeModule
@@ -82,7 +82,7 @@ function Add-EMToolsViewItem
Activating = { Invoke-EMToolsActivatingView }
Authentication = (Get-MSALAuthenticationObject)
Authenticate = { Invoke-EMToolsAuthenticateToMSAL }
AppInfo = (Get-GraphAppInfo "EM" "d1ddf0e4-d672-4dae-b554-9d5bdfd93547")
AppInfo = (Get-GraphAppInfo "EMAzureApp" "d1ddf0e4-d672-4dae-b554-9d5bdfd93547")
SaveSettings = { Invoke-EMSaveSettings }
Permissions = @()
})

60
Extensions/MSALAuthentication.psm1
View File

@@ -10,7 +10,7 @@ This module manages Authentication for the application with MSAL. It is also res
#>
function Get-ModuleVersion
{
'3.8.1'
'3.9.1'
}
$global:msalAuthenticator = $null
@@ -535,12 +535,14 @@ function Add-MSALPrereq
Write-Log "Some MSAL features might not work!" 3
Write-Log "This could happen if another version of MSAL.DLL was loaded beforethe script tried to load it" 3
$RequiredAssemblies.Add($fiLoaded.FullName)
$script:msalFile = $fiLoaded.FullName
}
else
{
Write-Log "Using MSAL file $msalPath. Version: $($fi.VersionInfo.FileVersion)"
[void][System.Reflection.Assembly]::LoadFile($msalPath)
$RequiredAssemblies.Add($msalPath)
$script:msalFile = $msalPath
}
$RequiredAssemblies.Add('System.Security.dll')
@@ -598,6 +600,7 @@ function Connect-MSALClientApp
{
return
}
Add-MSALProxy $ClientApplicationBuilder
$script:MSALApp = $ClientApplicationBuilder.Build()
}
@@ -677,6 +680,43 @@ function Get-MsalAuthenticationToken
$authResult
}
function Add-MSALProxy
{
param($appBuilder)
$proxy = Get-SettingValue "ProxyURI"
if($proxy)
{
Write-Log "Use proxy $proxy"
if(-not ("HttpFactoryWithProxy" -as [type]))
{
try
{
Write-Log "Add type HttpFactoryWithProxy"
[System.Collections.Generic.List[string]] $RequiredAssemblies = New-Object System.Collections.Generic.List[string]
$RequiredAssemblies.Add($script:msalFile)
$RequiredAssemblies.Add('System.Net.Http.dll')
$RequiredAssemblies.Add('System.Net.Primitives.dll')
Add-Type -Path ($global:AppRootFolder + "\CS\HttpFactoryWithProxy.cs") -ReferencedAssemblies $RequiredAssemblies
}
catch
{
Write-LogError "Failed to compile HttpFactoryWithProxy" $_.Exception
}
}
try
{
$hcf = [HttpFactoryWithProxy]::new($proxy)
[void] $appBuilder.WithHttpClientFactory($hcf)
}
catch
{
Write-LogError "Failed to set proxy for MSAL" $_.Exception
}
}
}
function Get-MSALLoginEnvironment
{
$loginEnv = $script:lstAADEnvironments | Where value -eq (Get-Setting "" "MSALCloudType" "public")
@@ -716,6 +756,8 @@ function Get-MSALApp
[void] $appBuilder.WithClientName("CloudAPIPowerShellManagement")
[void] $appBuilder.WithClientVersion($PSVersionTable.PSVersion)
Add-MSALProxy $appBuilder
# Ceck if correct version...
#$appBuilder.WithMultiCloudSupport($true)
@@ -1065,6 +1107,8 @@ function Connect-MSALUser
else { [void]$appBuilder.WithAuthority($global:MSALApp.Authority) }
if($global:appObj.RedirectUri) { [void]$appBuilder.WithRedirectUri($global:appObj.RedirectUri) }
Add-MSALProxy $appBuilder
$app = $appBuilder.Build()
if((Get-SettingValue "CacheMSALToken"))
@@ -1091,9 +1135,17 @@ function Connect-MSALUser
'Content-Type' = 'application/json'
'Authorization' = "Bearer " + $tmpResults.AccessToken
'ExpiresOn' = $tmpResults.ExpiresOn
}
$ret = Invoke-RestMethod "https://management.azure.com/tenants?api-version=2020-01-01" -Headers $Headers
}
$params = @{}
$proxyURI = Get-ProxyURI
if($proxyURI)
{
$params.Add("proxy", $proxyURI)
$params.Add("UseBasicParsing", $true)
}
$ret = Invoke-RestMethod "https://management.azure.com/tenants?api-version=2020-01-01" -Headers $Headers @params
if($ret)
{
$script:AccessableTenants = $ret.Value

60
Extensions/MSGraph.psm1
View File

@@ -10,7 +10,7 @@ This module manages Microsoft Grap fuctions like calling APIs, managing graph ob
#>
function Get-ModuleVersion
{
'3.9.0'
'3.9.1'
}
$global:MSGraphGlobalApps = @(
@@ -394,6 +394,13 @@ function Invoke-GraphRequest
$url = "$($url.Trim())`$top=$($PageSize)"
}
$proxyURI = Get-ProxyURI
if($proxyURI)
{
$params.Add("proxy", $proxyURI)
$params.Add("UseBasicParsing", $true)
}
$ret = $null
$retryCount = 0
@@ -1028,6 +1035,12 @@ function Get-GraphMetaData
[void][System.Reflection.Assembly]::LoadWithPartialName("System.Web.Extensions")
$wc = New-Object System.Net.WebClient
$wc.Encoding = [System.Text.Encoding]::UTF8
$proxyURI = Get-ProxyURI
if($proxyURI)
{
$wc.Proxy = $proxyURI
}
try
{
[xml]$global:metaDataXML = $wc.DownloadString($url)
@@ -2497,25 +2510,36 @@ function Set-ScopeTags
else { return }
$scopesIds = @()
$loadedScopeTags = $global:LoadedDependencyObjects["ScopeTags"]
$usingDefault = (($obj."$scopeTagProperty" | measure).Count -eq 1 -and ($obj."$scopeTagProperty")[0] -eq "0")
if($loadedScopeTags -and $global:chkImportScopes.IsChecked -eq $true -and $usingDefault -eq $false -and $loadedScopeTags)
{
foreach($scopeId in $obj."$scopeTagProperty")
if($global:chkReplaceDependencyIDs.IsChecked -eq $false -and $global:chkReplaceDependencyIDs.IsEnabled -eq $false)
{
if($global:chkImportScopes.IsChecked -eq $true)
{
if($scopeId -eq 0) { $scopesIds += "0"; continue } # Add default
$scopeMigObj = $loadedScopeTags | Where OriginalId -eq $scopeId
if($scopeMigObj -and $scopeMigObj.Id)
{
$scopesIds += "$($scopeMigObj.Id)"
}
elseif($scopeMigObj)
{
Write-Log "Could not find a ScopeTag for exported Id '$($obj.Id)' ($($scopeMigObj.Name)). Make sure all ScopeTags are imported into the environment" 2
}
$scopesIds += $obj.$scopeTagProperty
}
}
else
{
$loadedScopeTags = $global:LoadedDependencyObjects["ScopeTags"]
$usingDefault = (($obj."$scopeTagProperty" | measure).Count -eq 1 -and ($obj."$scopeTagProperty")[0] -eq "0")
if($loadedScopeTags -and $global:chkImportScopes.IsChecked -eq $true -and $usingDefault -eq $false -and $loadedScopeTags)
{
foreach($scopeId in $obj."$scopeTagProperty")
{
if($scopeId -eq 0) { $scopesIds += "0"; continue } # Add default
$scopeMigObj = $loadedScopeTags | Where OriginalId -eq $scopeId
if($scopeMigObj -and $scopeMigObj.Id)
{
$scopesIds += "$($scopeMigObj.Id)"
}
elseif($scopeMigObj)
{
Write-Log "Could not find a ScopeTag for exported Id '$($obj.Id)' ($($scopeMigObj.Name)). Make sure all ScopeTags are imported into the environment" 2
}
}
}
}
if($scopesIds.Count -eq 0)
{
$scopesIds += "0" # Import with Default ScopeTag as default.
@@ -2961,7 +2985,7 @@ function Add-GraphDependencyObjects
{
if($global:LoadedDependencyObjects.ContainsKey($dep)) { continue }
$depObjectType = $global:currentViewObject.ViewItems | Where Id -eq $Dep
$depObjectType = $global:viewObjects.ViewItems | Where Id -eq $Dep
if(-not $depObjectType)
{

38
ReleaseNotes.md
View File

@@ -1,4 +1,42 @@
# Release Notes
## 3.9.1 - 2023-08-30
**New features**
- **Added support for Windows Update Driver Policies**<br />
- **Support for new Settings**<br />
- Proxy configuration - If configured, Proxy will be used for authentication, APIs and upload<br />
- Disable Write-Error output - Skip PowerShell errors in output<br />
**Default Settings Value Changes**
- Conditional Access policies will now be imported as Disabled by default<br />
- New import option added: As Exported - Change On to Report-only<br />
- This is to avoid being locked out from the tenant when importing Conditional Access policies<br />
- Based on [Discussion 139](https://github.com/Micke-K/IntuneManagement/discussions/139)<br />
**Fixes**
- **Documentation**<br />
- Fixed issues with some Feature Updates properties<br />
- Added missing strings on Windows Update polices<br />
- Regenerated Language files and Translation tables for Template policies<br />
Note: Conditional Access string has changed file in background. Please report if there is anything missing<br />
- **Custom ADMX Files**<br />
- Fixed issues with migrating custom policies between environments<br />
- Case reopened due to something broke the initial functionality<br />
- Only custom ADMX policies with #Definition properties can be imported into a new environment<br />
- Based on [Issue 124](https://github.com/Micke-K/IntuneManagement/issues/124)<br />
- **Scope Tags**<br />
- Fixed issues with importing policies with Scope Tags but they were not set<br />
- Based on [Issue 133](https://github.com/Micke-K/IntuneManagement/issues/133)<br />
**Generic**<br />
- Remove invalid characters from path.<br />
- Based on [Issue 150](https://github.com/Micke-K/IntuneManagement/issues/150)<br />
<br />
## 3.9.0 - 2023-05-04
**New features**