diff --git a/README.md b/README.md index c306c67..f458257 100644 Binary files a/README.md and b/README.md differ diff --git a/docs/index.html b/docs/index.html index da84fbc..6eca603 100644 Binary files a/docs/index.html and b/docs/index.html differ diff --git a/source/Public/Invoke-M365SecurityAudit.ps1 b/source/Public/Invoke-M365SecurityAudit.ps1 index bd4e675..abdaa72 100644 --- a/source/Public/Invoke-M365SecurityAudit.ps1 +++ b/source/Public/Invoke-M365SecurityAudit.ps1 @@ -28,18 +28,77 @@ .PARAMETER NoModuleCheck If specified, the cmdlet will not check for the presence of required modules. .EXAMPLE + PS> Invoke-M365SecurityAudit + Performs a security audit using default parameters. + Output: + Status : Fail + ELevel : E3 + ProfileLevel: L1 + Connection : Microsoft Graph + Rec : 1.1.1 + Result : False + Details : Non-compliant accounts: + Username | Roles | HybridStatus | Missing Licence + user1@domain.com| Global Administrator | Cloud-Only | AAD_PREMIUM + user2@domain.com| Global Administrator | Hybrid | AAD_PREMIUM, AAD_PREMIUM_P2 + FailureReason: Non-Compliant Accounts: 2 + .EXAMPLE PS> Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" -ELevel "E5" -ProfileLevel "L1" Performs a security audit for the E5 level and L1 profile in the specified Microsoft 365 environment. + Output: + Status : Fail + ELevel : E5 + ProfileLevel: L1 + Connection : Microsoft Graph + Rec : 1.1.1 + Result : False + Details : Non-compliant accounts: + Username | Roles | HybridStatus | Missing Licence + user1@domain.com| Global Administrator | Cloud-Only | AAD_PREMIUM + user2@domain.com| Global Administrator | Hybrid | AAD_PREMIUM, AAD_PREMIUM_P2 + FailureReason: Non-Compliant Accounts: 2 .EXAMPLE PS> Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" -IncludeIG1 Performs an audit including all tests where IG1 is true. + Output: + Status : Fail + ELevel : E3 + ProfileLevel: L1 + Connection : Microsoft Graph + Rec : 1.1.1 + Result : False + Details : Non-compliant accounts: + Username | Roles | HybridStatus | Missing Licence + user1@domain.com| Global Administrator | Cloud-Only | AAD_PREMIUM + user2@domain.com| Global Administrator | Hybrid | AAD_PREMIUM, AAD_PREMIUM_P2 + FailureReason: Non-Compliant Accounts: 2 .EXAMPLE PS> Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" -SkipRecommendation '1.1.3', '2.1.1' Performs an audit while excluding specific recommendations 1.1.3 and 2.1.1. + Output: + Status : Fail + ELevel : E3 + ProfileLevel: L1 + Connection : Microsoft Graph + Rec : 1.1.1 + Result : False + Details : Non-compliant accounts: + Username | Roles | HybridStatus | Missing Licence + user1@domain.com| Global Administrator | Cloud-Only | AAD_PREMIUM + user2@domain.com| Global Administrator | Hybrid | AAD_PREMIUM, AAD_PREMIUM_P2 + FailureReason: Non-Compliant Accounts: 2 .EXAMPLE PS> $auditResults = Invoke-M365SecurityAudit -TenantAdminUrl "https://contoso-admin.sharepoint.com" -M365DomainForPWPolicyTest "contoso.com" PS> $auditResults | Export-Csv -Path "auditResults.csv" -NoTypeInformation Captures the audit results into a variable and exports them to a CSV file. + Output: + CISAuditResult[] + auditResults.csv + .EXAMPLE + PS> Invoke-M365SecurityAudit -WhatIf + Displays what would happen if the cmdlet is run without actually performing the audit. + Output: + What if: Performing the operation "Invoke-M365SecurityAudit" on target "Microsoft 365 environment". .INPUTS None. You cannot pipe objects to Invoke-M365SecurityAudit. .OUTPUTS @@ -55,6 +114,7 @@ .LINK https://criticalsolutionsnetwork.github.io/M365FoundationsCISReport/#Invoke-M365SecurityAudit #> + function Invoke-M365SecurityAudit { [CmdletBinding(SupportsShouldProcess = $true, DefaultParameterSetName = 'Default')] [OutputType([CISAuditResult[]])]