fix : changelog and formatting
This commit is contained in:
DrIOS
39
CHANGELOG.md
39
CHANGELOG.md
@@ -6,28 +6,6 @@ The format is based on and uses the types of changes according to [Keep a Change
|
|||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|
||||||
- Adds new CSV for PowerShell commands and updates PnP update check handling
|
|
||||||
- Introduces a new CSV file listing various PowerShell commands for different Microsoft services.
|
|
||||||
- Updates the `Invoke-M365SecurityAudit` script to temporarily disable PnP PowerShell update checks during execution and restores the original setting afterward.
|
|
||||||
|
|
||||||
## [v0.1.28] - 2025-01-14
|
|
||||||
|
|
||||||
### Fixed
|
|
||||||
|
|
||||||
- Get-SPOSite command to return all but voided output for no code runs (Ex: PowerAutomate)
|
|
||||||
|
|
||||||
## [0.1.27] - 2025-01-13
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
- Added additional error handling to connect function to identify problematic steps when they occur.
|
|
||||||
- Added new method of verifying spo tenant for Connect-SPOService branch of connect function.
|
|
||||||
- Added method to avoid "assembly already loaded" error in PNP Powershell function on first run, subsequent runs in the same session will still throw the error.
|
|
||||||
|
|
||||||
## [0.1.26] - 2024-08-04
|
|
||||||
|
|
||||||
### Added
|
|
||||||
|
|
||||||
- Link to App Authentication documentation in `New-M365SecurityAuditAuthObject` help file.
|
- Link to App Authentication documentation in `New-M365SecurityAuditAuthObject` help file.
|
||||||
- TestDefinitions-v4.0.0.csv file to the helper folder for version choices.
|
- TestDefinitions-v4.0.0.csv file to the helper folder for version choices.
|
||||||
- Test Definition Placeholders
|
- Test Definition Placeholders
|
||||||
@@ -40,12 +18,29 @@ The format is based on and uses the types of changes according to [Keep a Change
|
|||||||
- Rec numbers to include and exclude rec numbers for version 4.0.0 so the 'validate set' works correctly.
|
- Rec numbers to include and exclude rec numbers for version 4.0.0 so the 'validate set' works correctly.
|
||||||
- Get-PhishPolicyCompliance and Get-ScopeOverlap private functions for 2.1.7 v4.
|
- Get-PhishPolicyCompliance and Get-ScopeOverlap private functions for 2.1.7 v4.
|
||||||
- Test-PhishPolicyCompliance4 function for 2.1.7 v4.
|
- Test-PhishPolicyCompliance4 function for 2.1.7 v4.
|
||||||
|
- Adds new CSV for PowerShell commands and updates PnP update check handling
|
||||||
|
- Introduces a new CSV file listing various PowerShell commands for different Microsoft services.
|
||||||
|
- Updates the `Invoke-M365SecurityAudit` script to temporarily disable PnP PowerShell update checks during execution and restores the original setting afterward.
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
||||||
- Fixed Pnp PowerShell MgGraph assembly load error with workaround to load the MgGraph assembly as soon as it's imported with a call to Get-MgGroup.
|
- Fixed Pnp PowerShell MgGraph assembly load error with workaround to load the MgGraph assembly as soon as it's imported with a call to Get-MgGroup.
|
||||||
- Phish policy test to return if highest priority policy conforms to the benchmark.
|
- Phish policy test to return if highest priority policy conforms to the benchmark.
|
||||||
|
|
||||||
|
## [v0.1.28] - 2025-01-14
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
|
||||||
|
- Get-SPOSite command to return all but voided output for no code runs (Ex: PowerAutomate)
|
||||||
|
|
||||||
|
## [0.1.27] - 2025-01-13
|
||||||
|
|
||||||
|
### Added
|
||||||
|
|
||||||
|
- Added additional error handling to connect function to identify problematic steps when they occur.
|
||||||
|
- Added new method of verifying spo tenant for Connect-SPOService branch of connect function.
|
||||||
|
- Added method to avoid "assembly already loaded" error in PNP Powershell function on first run, subsequent runs in the same session will still throw the error.
|
||||||
|
|
||||||
## [0.1.26] - 2024-08-04
|
## [0.1.26] - 2024-08-04
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
|
|||||||
@@ -7,19 +7,19 @@ function Test-AdminAccountLicenses {
|
|||||||
# Condition B: The account is assigned a valid license (e.g., Microsoft Entra ID P1 or P2).
|
# Condition B: The account is assigned a valid license (e.g., Microsoft Entra ID P1 or P2).
|
||||||
# Condition C: The administrative account does not have any other application assignments (only valid licenses).
|
# Condition C: The administrative account does not have any other application assignments (only valid licenses).
|
||||||
$validLicenses = @('AAD_PREMIUM', 'AAD_PREMIUM_P2')
|
$validLicenses = @('AAD_PREMIUM', 'AAD_PREMIUM_P2')
|
||||||
$RecNum = "1.1.4"
|
$RecNum = '1.1.4'
|
||||||
Write-Verbose "Starting Test-AdministrativeAccountCompliance with Rec: $RecNum"
|
Write-Verbose "Starting Test-AdministrativeAccountCompliance with Rec: $RecNum"
|
||||||
}
|
}
|
||||||
process {
|
process {
|
||||||
try {
|
try {
|
||||||
# Retrieve admin roles, assignments, and user details including licenses
|
# Retrieve admin roles, assignments, and user details including licenses
|
||||||
Write-Verbose "Retrieving admin roles, assignments, and user details including licenses"
|
Write-Verbose 'Retrieving admin roles, assignments, and user details including licenses'
|
||||||
$Report = Get-CISMgOutput -Rec $RecNum
|
$Report = Get-CISMgOutput -Rec $RecNum
|
||||||
$NonCompliantUsers = $Report | Where-Object {$_.License -notin $validLicenses}
|
$NonCompliantUsers = $Report | Where-Object { $_.License -notin $validLicenses }
|
||||||
# Generate failure reasons
|
# Generate failure reasons
|
||||||
Write-Verbose "Generating failure reasons for non-compliant users"
|
Write-Verbose 'Generating failure reasons for non-compliant users'
|
||||||
$failureReasons = $nonCompliantUsers | ForEach-Object {
|
$failureReasons = $nonCompliantUsers | ForEach-Object {
|
||||||
"$($_.DisplayName)|$($_.UserPrincipalName)|$(if ($_.License) {$_.License}else{"No licenses found"})"
|
"$($_.DisplayName)|$($_.UserPrincipalName)|$(if ($_.License) {$_.License}else{'No licenses found'})"
|
||||||
}
|
}
|
||||||
$failureReasons = $failureReasons -join "`n"
|
$failureReasons = $failureReasons -join "`n"
|
||||||
$failureReason = if ($nonCompliantUsers) {
|
$failureReason = if ($nonCompliantUsers) {
|
||||||
@@ -30,7 +30,7 @@ function Test-AdminAccountLicenses {
|
|||||||
}
|
}
|
||||||
$result = $nonCompliantUsers.Count -eq 0
|
$result = $nonCompliantUsers.Count -eq 0
|
||||||
$status = if ($result) { 'Pass' } else { 'Fail' }
|
$status = if ($result) { 'Pass' } else { 'Fail' }
|
||||||
$details = if ($nonCompliantUsers) { "DisplayName | UserPrincipalName | License`n$failureReasons" } else { "N/A" }
|
$details = if ($nonCompliantUsers) { "DisplayName | UserPrincipalName | License`n$failureReasons" } else { 'N/A' }
|
||||||
Write-Verbose "Assessment completed. Result: $status"
|
Write-Verbose "Assessment completed. Result: $status"
|
||||||
# Create the parameter splat
|
# Create the parameter splat
|
||||||
$params = @{
|
$params = @{
|
||||||
@@ -52,4 +52,4 @@ function Test-AdminAccountLicenses {
|
|||||||
return $auditResult
|
return $auditResult
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
# $validLicenses = @('AAD_PREMIUM', 'AAD_PREMIUM_P2')
|
# $validLicenses = @('AAD_PREMIUM', 'AAD_PREMIUM_P2')
|
||||||
Reference in New Issue
Block a user