vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #146 from CriticalSolutionsNetwork/Fix-pw-notification-test

Browse Source 
Fix pw notification test
This commit is contained in:
Doug Rios
2024-07-23 08:17:32 -05:00
committed by GitHub
parent 9f28c976ce 8acae46b98
commit 37e2b70ba4
2 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGELOG.md
View File

@@ -4,6 +4,12 @@ The format is based on and uses the types of changes according to [Keep a Change
## [Unreleased] ## [Unreleased]
### Fixed
- Fixed test 1.3.1 as notification window for password expiration is no longer required.
## [0.1.24] - 2024-07-07
### Added ### Added
- New private function `Get-AuditMailboxDetail` for 6.1.2 and 6.1.3 tests to get the action details for the test. - New private function `Get-AuditMailboxDetail` for 6.1.2 and 6.1.3 tests to get the action details for the test.

8
source/tests/Test-PasswordNeverExpirePolicy.ps1
View File

@@ -45,13 +45,12 @@ function Test-PasswordNeverExpirePolicy {
$isDefault = $domain.IsDefault $isDefault = $domain.IsDefault
# Step (Condition C): Determine if the notification window is set to 30 days # Step (Condition C): Determine if the notification window is set to 30 days
$notificationWindow = $domain.PasswordNotificationWindowInDays $notificationWindow = $domain.PasswordNotificationWindowInDays
$notificationPolIsCompliant = $notificationWindow -eq 30 $notificationPolIsCompliant = $true # No longer a requirement
# Step (Condition A): Retrieve password expiration policy # Step (Condition A): Retrieve password expiration policy
$passwordPolicy = $domain.PasswordValidityPeriodInDays $passwordPolicy = $domain.PasswordValidityPeriodInDays
$pwPolIsCompliant = $passwordPolicy -eq 2147483647 $pwPolIsCompliant = $passwordPolicy -eq 2147483647
# Step (Condition A & B): Determine if the policy is compliant # Step (Condition A & B): Determine if the policy is compliant
$overallResult = $overallResult -and $notificationPolIsCompliant -and $pwPolIsCompliant $overallResult = $overallResult -and $notificationPolIsCompliant -and $pwPolIsCompliant
# Step (Condition A & B): Prepare failure reasons and details based on compliance # Step (Condition A & B): Prepare failure reasons and details based on compliance
$failureReasons = if ($notificationPolIsCompliant -and $pwPolIsCompliant) { $failureReasons = if ($notificationPolIsCompliant -and $pwPolIsCompliant) {
"N/A" "N/A"
@@ -59,18 +58,14 @@ function Test-PasswordNeverExpirePolicy {
else { else {
"Password expiration is not set to never expire or notification window is not set to 30 days for domain $domainName. Run the following command to remediate: `nUpdate-MgDomain -DomainId $domainName -PasswordValidityPeriodInDays 2147483647 -PasswordNotificationWindowInDays 30`n" "Password expiration is not set to never expire or notification window is not set to 30 days for domain $domainName. Run the following command to remediate: `nUpdate-MgDomain -DomainId $domainName -PasswordValidityPeriodInDays 2147483647 -PasswordNotificationWindowInDays 30`n"
} }
$details = "$domainName|$passwordPolicy days|$notificationWindow days|$isDefault" $details = "$domainName|$passwordPolicy days|$notificationWindow days|$isDefault"
# Add details and failure reasons to the lists # Add details and failure reasons to the lists
$detailsList += $details $detailsList += $details
$failureReasonsList += $failureReasons $failureReasonsList += $failureReasons
} }
# Prepare the final failure reason and details # Prepare the final failure reason and details
$finalFailureReason = $failureReasonsList -join "`n" $finalFailureReason = $failureReasonsList -join "`n"
$finalDetails = $detailsList -join "`n" $finalDetails = $detailsList -join "`n"
# Step: Create and populate the CISAuditResult object # Step: Create and populate the CISAuditResult object
$params = @{ $params = @{
Rec = $recnum Rec = $recnum
@@ -86,7 +81,6 @@ function Test-PasswordNeverExpirePolicy {
$auditResult = Get-TestError -LastError $LastError -recnum $recnum $auditResult = Get-TestError -LastError $LastError -recnum $recnum
} }
} }
end { end {
# Return the audit result # Return the audit result
return $auditResult return $auditResult