52 lines
2.1 KiB
PowerShell
52 lines
2.1 KiB
PowerShell
function Test-AdministrativeAccountCompliance4 {
|
|
[CmdletBinding()]
|
|
param ()
|
|
begin {
|
|
$RecNum = "1.1.1"
|
|
Write-Verbose "Starting Test-AdministrativeAccountCompliance4 for Rec: $RecNum"
|
|
}
|
|
process {
|
|
try {
|
|
# Retrieve privileged users with OnPremisesSyncEnabled
|
|
Write-Verbose "Retrieving data for privileged users"
|
|
$PrivilegedUsers = Get-CISMgOutput -Rec $RecNum
|
|
# Filter for users with OnPremisesSyncEnabled
|
|
$NonCompliantUsers = $PrivilegedUsers | Where-Object { $_.OnPremisesSyncEnabled -eq $true }
|
|
if ($NonCompliantUsers.Count -gt 0) {
|
|
Write-Verbose "Non-compliant users found: $($NonCompliantUsers.Count)"
|
|
# Generate pipe-delimited failure table as plain text
|
|
$Header = "DisplayName|UserPrincipalName|OnPremisesSyncEnabled"
|
|
$FailureRows = $NonCompliantUsers | ForEach-Object {
|
|
"$($_.DisplayName)|$($_.UserPrincipalName)|$($_.OnPremisesSyncEnabled)"
|
|
}
|
|
$Details = "$Header`n$($FailureRows -join "`n")"
|
|
$Status = "Fail"
|
|
$FailureReason = "Non-compliant accounts detected: $($NonCompliantUsers.Count)"
|
|
}
|
|
else {
|
|
Write-Verbose "All accounts are compliant."
|
|
$Details = "N/A"
|
|
$Status = "Pass"
|
|
$FailureReason = "All administrative accounts are cloud-only."
|
|
}
|
|
# Prepare audit result
|
|
$Params = @{
|
|
Rec = $RecNum
|
|
Result = ($NonCompliantUsers.Count -eq 0)
|
|
Status = $Status
|
|
Details = $Details
|
|
FailureReason = $FailureReason
|
|
}
|
|
$AuditResult = Initialize-CISAuditResult @Params
|
|
}
|
|
catch {
|
|
Write-Error "Error during compliance check: $_"
|
|
$AuditResult = Get-TestError -LastError $_ -RecNum $RecNum
|
|
}
|
|
}
|
|
end {
|
|
# Output result
|
|
return $AuditResult
|
|
}
|
|
}
|