vibecoding/M365FoundationsCISReport
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add: test and call for 1.1.4

Browse Source
This commit is contained in:
DrIOS
2024-12-26 14:40:25 -06:00
parent 856bd0b8d8
commit 88f2566422
2 changed files with 81 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
source/Private/Get-CISMgOutput.ps1
View File

@@ -58,10 +58,6 @@ function Get-CISMgOutput {
return $AdminRoleAssignmentsAndUsers
}
}
'1.1.4' {
# 1.1.4 - MicrosoftGraphPlaceholder
# Placeholder for Test-AdminAccountLicenses
}
'1.1.3' {
# Test-GlobalAdminsCount
# Step: Retrieve global admin role
@@ -70,6 +66,32 @@ function Get-CISMgOutput {
$globalAdmins = Get-MgDirectoryRoleMember -DirectoryRoleId $globalAdminRole.Id
return $globalAdmins
}
'1.1.4' {
# 1.1.4 - MicrosoftGraphPlaceholder
$DirectoryRoles = Get-MgDirectoryRole
# Get privileged role IDs
$PrivilegedRoles = $DirectoryRoles |
Where-Object { $_.DisplayName -like '*Administrator*' -or $_.DisplayName -eq 'Global Reader' }
# Get the members of these various roles
$RoleMembers = $PrivilegedRoles | ForEach-Object { Get-MgDirectoryRoleMember -DirectoryRoleId $_.Id } |
Select-Object Id -Unique
# Retrieve details about the members in these roles
$PrivilegedUsers = $RoleMembers | ForEach-Object {
Get-MgUser -UserId $_.Id -Property UserPrincipalName, DisplayName, Id
}
$Report = [System.Collections.Generic.List[Object]]::new()
foreach ($Admin in $PrivilegedUsers) {
$License = $null
$License = (Get-MgUserLicenseDetail -UserId $Admin.id).SkuPartNumber -join ', '
$Object = [pscustomobject][ordered]@{
DisplayName = $Admin.DisplayName
UserPrincipalName = $Admin.UserPrincipalName
License = $License
}
$Report.Add($Object)
}
return $Report
}
'1.2.1' {
# Test-ManagedApprovedPublicGroups
$allGroups = Get-MgGroup -All | Where-Object { $_.Visibility -eq 'Public' } | Select-Object DisplayName, Visibility