vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: 8.5.3 aligned with test-template

Browse Source
This commit is contained in:
DrIOS
2024-05-28 13:12:38 -05:00
parent 8d03d1825b
commit 776b0bf2ec
1 changed files with 30 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
source/tests/Test-OrgOnlyBypassLobby.ps1
View File

@@ -1,13 +1,14 @@
function Test-OrgOnlyBypassLobby { function Test-OrgOnlyBypassLobby {
[CmdletBinding()] [CmdletBinding()]
param ( param (
# Aligned
# Parameters can be defined here if needed # Parameters can be defined here if needed
) )
begin { begin {
# Dot source the class script # Dot source the class script if necessary
#. .\source\Classes\CISAuditResult.ps1
$auditResults = @() # Initialization code, if needed
} }
process { process {
@@ -15,31 +16,45 @@ function Test-OrgOnlyBypassLobby {
# Connect to Teams PowerShell using Connect-MicrosoftTeams # Connect to Teams PowerShell using Connect-MicrosoftTeams
# Retrieve the Teams meeting policy for lobby bypass settings
$CsTeamsMeetingPolicyLobby = Get-CsTeamsMeetingPolicy -Identity Global | Select-Object -Property AutoAdmittedUsers $CsTeamsMeetingPolicyLobby = Get-CsTeamsMeetingPolicy -Identity Global | Select-Object -Property AutoAdmittedUsers
$lobbyBypassRestricted = $CsTeamsMeetingPolicyLobby.AutoAdmittedUsers -eq 'EveryoneInCompanyExcludingGuests' $lobbyBypassRestricted = $CsTeamsMeetingPolicyLobby.AutoAdmittedUsers -eq 'EveryoneInCompanyExcludingGuests'
# Create an instance of CISAuditResult and populate it # Prepare failure reasons and details based on compliance
$failureReasons = if (-not $lobbyBypassRestricted) {
"External participants can bypass the lobby"
}
else {
"N/A"
}
$details = if ($lobbyBypassRestricted) {
"Only people in the organization can bypass the lobby."
}
else {
"AutoAdmittedUsers is set to $($CsTeamsMeetingPolicyLobby.AutoAdmittedUsers)"
}
# Create and populate the CISAuditResult object
$auditResult = [CISAuditResult]::new() $auditResult = [CISAuditResult]::new()
$auditResult.Status = if ($lobbyBypassRestricted) { "Pass" } else { "Fail" }
$auditResult.ELevel = "E3"
$auditResult.ProfileLevel = "L1"
$auditResult.Rec = "8.5.3"
$auditResult.RecDescription = "Ensure only people in my org can bypass the lobby"
$auditResult.CISControlVer = "v8" $auditResult.CISControlVer = "v8"
$auditResult.CISControl = "6.8" $auditResult.CISControl = "6.8"
$auditResult.CISDescription = "Define and Maintain Role-Based Access Control" $auditResult.CISDescription = "Define and Maintain Role-Based Access Control"
$auditResult.Rec = "8.5.3"
$auditResult.ELevel = "E3"
$auditResult.ProfileLevel = "L1"
$auditResult.IG1 = $false # Set based on the CIS Controls image $auditResult.IG1 = $false # Set based on the CIS Controls image
$auditResult.IG2 = $false # Set based on the CIS Controls image $auditResult.IG2 = $false # Set based on the CIS Controls image
$auditResult.IG3 = $true # Set based on the CIS Controls image $auditResult.IG3 = $true # Set based on the CIS Controls image
$auditResult.RecDescription = "Ensure only people in my org can bypass the lobby"
$auditResult.Result = $lobbyBypassRestricted $auditResult.Result = $lobbyBypassRestricted
$auditResult.Details = "AutoAdmittedUsers is set to $($CsTeamsMeetingPolicyLobby.AutoAdmittedUsers)" $auditResult.Details = $details
$auditResult.FailureReason = if ($lobbyBypassRestricted) { "N/A" } else { "External participants can bypass the lobby" } $auditResult.FailureReason = $failureReasons
$auditResult.Status = if ($lobbyBypassRestricted) { "Pass" } else { "Fail" }
$auditResults += $auditResult
} }
end { end {
# Return auditResults # Return the audit result
return $auditResults return $auditResult
} }
} }