diff --git a/source/Private/Format-MissingActions.ps1 b/source/Private/Format-MissingActions.ps1 index b9efa97..f6fd0bf 100644 --- a/source/Private/Format-MissingActions.ps1 +++ b/source/Private/Format-MissingActions.ps1 @@ -15,12 +15,11 @@ function Format-MissingActions { } } - $formattedResults = @() - foreach ($type in $actionGroups.Keys) { - if ($actionGroups[$type].Count -gt 0) { - $formattedResults += "$($type) actions missing: $($actionGroups[$type] -join ', ')" - } + $formattedResults = @{ + Admin = $actionGroups["Admin"] -join ', ' + Delegate = $actionGroups["Delegate"] -join ', ' + Owner = $actionGroups["Owner"] -join ', ' } - return $formattedResults -join '; ' + return $formattedResults } \ No newline at end of file diff --git a/source/tests/Test-MailboxAuditingE3.ps1 b/source/tests/Test-MailboxAuditingE3.ps1 index fb9e129..9bb5e19 100644 --- a/source/tests/Test-MailboxAuditingE3.ps1 +++ b/source/tests/Test-MailboxAuditingE3.ps1 @@ -1,8 +1,6 @@ function Test-MailboxAuditingE3 { [CmdletBinding()] param ( - # Aligned - # Create Table for Details # Parameters can be added if needed ) @@ -15,7 +13,6 @@ function Test-MailboxAuditingE3 { $DelegateActions = @("ApplyRecord", "Create", "FolderBind", "HardDelete", "Move", "MoveToDeletedItems", "SendAs", "SendOnBehalf", "SoftDelete", "Update", "UpdateFolderPermissions", "UpdateInboxRules") $OwnerActions = @("ApplyRecord", "Create", "HardDelete", "MailboxLogin", "Move", "MoveToDeletedItems", "SoftDelete", "Update", "UpdateCalendarDelegation", "UpdateFolderPermissions", "UpdateInboxRules") - $allFailures = @() $allUsers = Get-AzureADUser -All $true $processedUsers = @{} # Dictionary to track processed users @@ -51,13 +48,13 @@ function Test-MailboxAuditingE3 { } } else { - $allFailures += "$userUPN`: AuditEnabled - False" + $allFailures += "$userUPN|False|||" continue } if ($missingActions) { - $formattedActions = Format-MissingActions $missingActions - $allFailures += "$userUPN`: AuditEnabled - True; $formattedActions" + $formattedActions = Format-MissingActions -missingActions $missingActions + $allFailures += "$userUPN|True|$($formattedActions.Admin)|$($formattedActions.Delegate)|$($formattedActions.Owner)" } # Mark the user as processed $processedUsers[$user.UserPrincipalName] = $true @@ -66,7 +63,12 @@ function Test-MailboxAuditingE3 { # Prepare failure reasons and details based on compliance $failureReasons = if ($allFailures.Count -eq 0) { "N/A" } else { "Audit issues detected." } - $details = if ($allFailures.Count -eq 0) { "All Office E3 users have correct mailbox audit settings." } else { $allFailures -join " | " } + $details = if ($allFailures.Count -eq 0) { + "All Office E3 users have correct mailbox audit settings." + } + else { + "UserPrincipalName|AuditEnabled|AdminActionsMissing|DelegateActionsMissing|OwnerActionsMissing`n" + ($allFailures -join "`n") + } # Populate the audit result $params = @{ @@ -77,7 +79,6 @@ function Test-MailboxAuditingE3 { FailureReason = $failureReasons } $auditResult = Initialize-CISAuditResult @params - } catch { Write-Error "An error occurred during the test: $_" diff --git a/source/tests/Test-MailboxAuditingE5.ps1 b/source/tests/Test-MailboxAuditingE5.ps1 index df8f145..978ffa2 100644 --- a/source/tests/Test-MailboxAuditingE5.ps1 +++ b/source/tests/Test-MailboxAuditingE5.ps1 @@ -1,8 +1,6 @@ function Test-MailboxAuditingE5 { [CmdletBinding()] param ( - # Aligned - # Create Table for Details # Parameters can be added if needed ) @@ -15,8 +13,6 @@ function Test-MailboxAuditingE5 { $DelegateActions = @("ApplyRecord", "Create", "FolderBind", "HardDelete", "MailItemsAccessed", "Move", "MoveToDeletedItems", "SendAs", "SendOnBehalf", "SoftDelete", "Update", "UpdateFolderPermissions", "UpdateInboxRules") $OwnerActions = @("ApplyRecord", "Create", "HardDelete", "MailboxLogin", "Move", "MailItemsAccessed", "MoveToDeletedItems", "Send", "SoftDelete", "Update", "UpdateCalendarDelegation", "UpdateFolderPermissions", "UpdateInboxRules") - - $allFailures = @() $allUsers = Get-AzureADUser -All $true $processedUsers = @{} # Dictionary to track processed users @@ -30,10 +26,10 @@ function Test-MailboxAuditingE5 { continue } - $licenseDetails = Get-MgUserLicenseDetail -UserId $user.UserPrincipalName $hasOfficeE5 = ($licenseDetails | Where-Object { $_.SkuPartNumber -in $e5SkuPartNumbers }).Count -gt 0 Write-Verbose "Evaluating user $($user.UserPrincipalName) for Office E5 license." + if ($hasOfficeE5) { $userUPN = $user.UserPrincipalName $mailbox = Get-EXOMailbox -Identity $userUPN -PropertySets Audit @@ -51,13 +47,13 @@ function Test-MailboxAuditingE5 { } } else { - $allFailures += "$userUPN`: AuditEnabled - False" + $allFailures += "$userUPN|False|||" continue } if ($missingActions) { - $formattedActions = Format-MissingActions $missingActions - $allFailures += "$userUPN`: AuditEnabled - True; $formattedActions" + $formattedActions = Format-MissingActions -missingActions $missingActions + $allFailures += "$userUPN|True|$($formattedActions.Admin)|$($formattedActions.Delegate)|$($formattedActions.Owner)" } else { Write-Verbose "User $($user.UserPrincipalName) passed the mailbox audit checks." @@ -68,12 +64,15 @@ function Test-MailboxAuditingE5 { # Adding verbose output to indicate the user does not have an E5 license Write-Verbose "User $($user.UserPrincipalName) does not have an Office E5 license." } - } # Prepare failure reasons and details based on compliance $failureReasons = if ($allFailures.Count -eq 0) { "N/A" } else { "Audit issues detected." } - $details = if ($allFailures.Count -eq 0) { "All Office E5 users have correct mailbox audit settings." } else { $allFailures -join " | " } + $details = if ($allFailures.Count -eq 0) { + "All Office E5 users have correct mailbox audit settings." + } else { + "UserPrincipalName|AuditEnabled|AdminActionsMissing|DelegateActionsMissing|OwnerActionsMissing`n" + ($allFailures -join "`n") + } # Populate the audit result $params = @{