Skip to content

Releases: KelvinTegelaar/CIPP

v7.2.0 - The Community Love

13 Feb 00:13
@KelvinTegelaar KelvinTegelaar
v7.2.0
0e4d787
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v7.2.0 - The Community Love Latest
Latest

Here everyone, we are back with a new release drafted by our wonderful team. Just here for the cocktail? go check out the recipe to our community love.

This version we focused on a request by some of our devs/members - @MWGMorningwood came up with the idea that he wanted to share some Intune templates with others, and our devs ran with this. More about that below.

This version is packed with QoL changes, minor facelifts to things like the dialog boxes, but also to output options. Let's dive into the nitty-gritty.

Community repositories

CIPP7.2 allows you to consume community repositories, simply go to Tools -> Community Repositories and you're able to download templates created by others. We already include some amazing repositories by default

  • The CIPP Templates repositories by CyberDrain will slowly be filled with the best of the best templates, resources such as Standards, ISO27001 or other compliance framework policies, etc etc. You'll also be able to pick up ready made standards based on risk levels here, or example templates to expand on.

  • @SkipToTheEndpoint Open Intune Baselines are available for import too. Imagine OIB as the best of all worlds - Microsoft Best Practices, CIS, other frameworks, all applied in a neat package.

  • @j0eyv his Conditional Access Framework is available as a default import location too, allowing you to set up a Conditional Access Strategy in minutes instead of days. The repository contains groups template, conditional access policies, and so much more.

Now that's all really cool stuff, but manual imports are boring right? We don't want to manually import when someone updates the repo. Of course we thought of that. Using the Template Library functionality you can now import the entire repository without having to worry about updates - It'll all take care of that automagically.

API Authentication

We've made changes to the way you setup APIs within CIPP, giving you more freedom and power for both self-hosted and hosted clients. Use the documentation to process a small update: https://docs.cipp.app/api-documentation/setup-and-authentication and enjoy the huge rewards,

The ability to whitelist IPs, add custom permissions per API, easily find the URL you need to use for the API, all of this and more can now be found in the integrations menu

Rooms Management, Contact Management, and more

We now have the ability to manage rooms in a smoother interface, allowing you to set all the properties that a room has, resource management has never been this easy. We added new standards for QR MFA, for new authentication methods, and improved on existing standards.

Github Integrations

Oh, I almost missed talking about this. Having a template library is fun right? Is it enough? No way! you need a way to easily store templates. If you look at our integration you can store all of these templates in your own Github account. That means you can privately store your templates securely, or even use the IntuneManagement tool to create your own template repository using Github. You can store any file in your Github repo directly from CIPP.

Intune Script Management

I don't like intune scripts, there's so many caveats for them. That's why we decided to make management better, specifically @redanthrax rocked out this new feature to manage Intune scripts directly from CIPP. Awesome work!

QoL

This release was also QoL focused, the frontend team introduced new buttons in our dialog boxes, we added a view as table option, and a download results button, this allows you to easily share the results, or copy and paste them somewhere you need them.

Sponsors

We extend our gratitude to our supporters at https://renroros.no/, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com/, https://rewst.io/ and of course https://augmentt.com/!

What's Changed

Full Changelog: v7.1.0...v7.2.0

Contributors

redanthrax, MWGMorningwood, and 6 other contributors
Assets 2
Loading

v7.1.0 - The Negroni

26 Jan 19:40
@KelvinTegelaar KelvinTegelaar
v7.1.0
1d499e8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v7.1.0 - The Negroni

And here we go! version 7.1.0 ready for CIPP users, I love being back to our normal release cycle, it just makes it so much more fun to bring everyone the features they've been clamoring for, that combined with our amazing contributors adding cool bug fixes or new functionality too really gets the gears going.

This release has one key new feature which we're pretty excited about; Dark Web Scanning. Some of you already found out that we now support HIBP lookups, but that's not all.

Dark Web Scanning

7.1.0 has new tools in the Alert Configuration, and under the tools section you'll be able to find our new Dark Web scanning tools. What do these do? Well, the video explains it well but in general; all your M365 domains can now be protected by using a constant dark web scanning tool that checks in which breaches you have been involved, including returning partial passwords

Check out the video for more information:

How.to.Use.CIPPs.new.darkweb.scanning.features.1.mp4

And yes, that does mean you no longer need external dark web scanning tool. Cool fact? No extra cost. It's free. We don't believe in limiting you by asking a couple of $ per user, or having you pay by tenant. The HIBP integration is free to all hosted users, if you're self hosted all you need is a HIBP API key to make this work.

New User Edit and User View features

The view user display has gotten some new banners to help you find more info, such as group and role membership. We've also added to the edit user and exchange overview to give you more options to easily manage user information.

New Alerts, Pages, and standards

Our contributors added new alerts, new pages such as the ability to view the GAL, and some new standards. We also have new filters added so go check those out.,

Sponsors

We extend our gratitude to our supporters at https://renroros.no/, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com/, https://rewst.io/ and of course https://augmentt.com/!

Bug fixes and changes

New Contributors

Full Changelog: v7.0.1...v7.1.0

Contributors

OfficialEsco, JohnDuprey, and 7 other contributors
Assets 2
Loading

v7.0.1 - The Winter

10 Jan 14:47
@KelvinTegelaar KelvinTegelaar
v7.0.1
1813c25
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v7.0.1 - The Winter

Wow. Just wow. It's been so long that I've wrote one of these that the entire concept of release notes feel foreign. I almost forgot that we name all of our releases after a cocktail. It's also been pretty cold here so hence the name of this release. Only here for the cocktail recipe? Check this out. Here for the actual goodies? the amazing CIPPv7 release? Let's get going!

Complete rewritten interface, by Devias

CIPPv7 contains an entirely new interface, complete rewritten from the ground up by our designers Devias. This interface rewrite was in beta for the past several weeks and tested by a good team of users. CIPPv7 has some pretty changes in regards to the interface, but also loading times and speeds. Of course we would not be us if we would not develop new features, and improve on what we had. This isn't just a minor rewrite, it's a huge change of some of the concepts we use inside of CIPP.

I truly hope you'll all enjoy it. The new interface is blazingly fast, has many new options and has a huge increase in UX.

Standards re-envisioned. WARNING: Attention required

We have revised our standards engine to be much more flexible. Instead of having 1 standard per tenant you can now build standard templates. You can also decide not to apply standards on a schedule, or just apply one or two items to all tenants. It also became easier than ever to create exclusions and complex standard setups. Want to know more? see it in action? Check out the video below.

You do need to take some action after upgrading. Head on over to the standards page, click on "Convert Standards" and enable their schedule once more if you like your setup.

Creating.your.standards.mp4

Audit log view

We've also made it possible to get the auditlogs that have been triggered inside of CIPP, including some cool new geo-location stuff. Something I've personally really wanted for a while. Again, video, right below.

How.to.use.CIPP.to.analyse.received.events.mp4

Business Email Compromise detection; improved being recognition.

Our previous BEC wizard was great; but still required you to have a pretty technical mind on things. We've eased this for you. CIPP now checks the logs for any sign, and tells you if it happened or not. Still wanna do the analysis yourself? that's okay too. We've made the report available so you can actually see and read the data yourself after a potential compromise. Check out the video below.

How.to.research.a.potentially.compromised.account.in.CIPP.mp4

Sherweb PUBLIC beta

And with the release of CIPPv7 we're also very proud to announce the public beta of the Sherweb CSP integration. This integration allows you to buy licenses, remove licenses, see which are assigned, and increase/decrease the count on demand using Sherwebs API.

One very cool coming feature is fully automated NCE migrations. Are you migrating away from an old CSP to Sherweb? CIPP will do this for you. It will decrease the license count at your old CSP and increase the license count at Sherweb so no one has to manually monitor NCE expiration dates anymore.

How.to.manage.M365.licenses.with.CIPP.mp4

OSS 4Lyfe

We also want to give special thanks to a couple of other OSS projects that have helped us in making CIPP as pretty as it can be;

Go check them out!

Sponsors

We extend our gratitude to our supporters at https://renroros.no/, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com/, https://rewst.io/ and of course https://augmentt.com/!

In this release, special thanks to @sherweb at https://sherweb.com for the CSP integration. We absolutely love it.

but wait there's more.

We've embedded so many new features, we've made so many QoL changes that not everything can be listed. Over the next few weeks we'll release more videos and guides about feature updates, and some very cool new stuff that's coming in two weeks. That's right. We're back to our two week release cycle.

Self hosted frontend update instructions

  1. Open Your Repository on GitHub

    • Go to GitHub.com and open the repository where you want to make changes.

  2. Find the .github/workflows Folder

    • Look for the folder named .github at the root of your repo.
    • Inside .github, click on workflows.

  3. Locate the Relevant Workflow Files

    • Within workflows, look for all files whose names begin with azure-static-web-apps.
    • Examples: azure-static-web-apps-main.yml, azure-staticweb-apps-xyz.yml, etc.

  4. Edit Each File

    • Click on one of the azure-static-web-apps... files.
    • Click the pencil icon (✏️) or “Edit this file” button (top-right).
    • Search (Ctrl+F or Cmd+F) for the line: 
      output_location: "" # Built app content directory - optional
    • Replace that line with: 
      output_location: "/out" # Built app content directory - optional

  5. Commit Changes

    • Scroll to the bottom of the page.
    • In the “Commit changes” box, type a brief message (e.g., Update output_location to /out).
    • Make sure “Commit directly to the branch” is selected.
    • Click Commit changes.

  6. Repeat for All Matching Files

    • If multiple files start with azure-staticweb-apps, repeat steps 3–5 for each.

Are you getting the message that you must discard or make a pull request? Don't know Github or how PRs work?

Discard your changes and follow these instructions: https://docs.cipp.app/troubleshooting/troubleshooting#you-discarded-changes-when-syncing-github-repositories then return to do above. Remember to change/correct the output location as it says in the instructions above :)

Contributors

troyhunt, Leaflet, and sherweb
Assets 2
Loading

v6.4.0 - The Stop and Go

30 Aug 17:09
@KelvinTegelaar KelvinTegelaar
v6.4.0
3439e33
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v6.4.0 - The Stop and Go

Today is a day I get to make announcements, and I love making announcements. The reason for the cocktail this time will be made clear by the release notes, so lets make ourselves a stop and go and GO and check out what's happening.

First, an announcement

While we have cool new features, bug fixes and other things waiting for you. We first have a formal announcement to make. We've closed all the feature requests, we've closed all the bugs and are announcing a release stop. What does this mean? This means that we will not have our regular scheduled releases for a while as 100% of our focus is diverted. Instead of a release every two weeks, we expect to only make a new release in about 4-5 weeks.

Why? Because we're redeveloping our frontend. We've outgrown the current frontend and contacted a design studio to help us craft our new frontend. They've allowed us to release the frontend as open source but it's going to take our developers some work to get it all put together.

!!IMPORTANT: In the next release, the scheduler for standards will be disabled and you will have to manually intervene to re-enable the standards.

But this release does contain cool new features!

Let's start talking about the awesome new features we have, with first up our new alert for users that are inactive for more than 90 days, but still have a license assigned. You can now easily find those users by setting up an alert.

Quarantine viewer

you can now view the contents for quarantine(That word is so hard to spell!) messages using CIPP, you can check the headers, the contents, and easily see what's going on with the message.

BEC Updates

Our BEC viewer has been updated to collect more logs, more data means better data. We also show data immediately if its available, so you can check out exactly what happened in a tenant much quicker.

Other updates

  • We've fixed a minor issue with assigning Compliance policies from standards
  • We've improved the speed of assigning forwarding and loading mailbox related pages
  • My dear friend Nick Ross created a comparison between CIPP and Lighthouse, go check that out at https://www.youtube.com/watch?v=LqyhKjntX2s and give him a comment and like!

Sponsors

We extend our gratitude to our supporters at https://renroros.no/, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com/, https://rewst.io/ and our newest sponsor, https://traceless.io/ and of course https://augmentt.com/!

We also welcome our new Readme and documentation sponsor; Compliance Scorecard. If you're in need of tools to help you get your compliance frameworks implemented, go check out https://compliancescorecard.com

What's Changed

New Contributors

Full Changelog: v6.3.0...v6.4.0

Contributors

MoltenTesseract, OfficialEsco, and 5 other contributors
Assets 2
Loading

v6.3.0 - The Collaboration

19 Aug 17:43
@KelvinTegelaar KelvinTegelaar
v6.3.0
51b2170
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v6.3.0 - The Collaboration

God I love release day, especially when it's a sunny one where I'm making lots of people happy. And It's not just me making people happy, hence the name of this release, because we have many announcements. So, Stop, Collaborate and listen to our latest release notes while enjoying this fine cocktail or mocktail

First Collab: Huntress ❤️ CIPP with RogueApps

Our friends at Huntress just released RogueApps: https://huntresslabs.github.io/rogueapps/. Rogueapps is a community driven OSS project that lists all Rogue Applications inside of a tenant. Now we would not be us if we didn't immediately talk to the amazing @HuskyHacks about this and get it integrated inside of CIPP as a new alert. Check out the New CIPP scripted Alert for Rogue App detection.

image

Second Collab: CIPP ❤️ Contributors

This release our contributors made some serious moves. @CHRIS-BRANNON added Teams Voice fixes and new features. @rdkempt helped update our docs, and we have a bunch of new contributors!

Third Collab: CIPP ❤️ Our Designers

You heard that right. CIPP loves our designers. The new management portal shows an example of our new design. It got a nice little facelist that we're working on getting into the full app soon too. Check out the management portal at https://management.cipp.app for a sneak peak.

Bug fixes and other things

  • The great @JohnDuprey fixed an issue with rerequire MFA, that button is now working again, including bulk actions.
  • We've solved some problems with task schedulers and alerting tasks running more than expected
  • We've fixed some interface issues
  • My dear friend Nick Ross created a comparison between CIPP and Lighthouse, go check that out at https://www.youtube.com/watch?v=LqyhKjntX2s and give him a comment and like!

Sponsors

We extend our gratitude to our supporters at https://renroros.no/, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com/, https://rewst.io/ and our newest sponsor, https://traceless.io/ and of course https://augmentt.com/!

What's Changed

New Contributors

Full Changelog: v6.2.0...v6.3.0

Contributors

rdkempt, MoltenTesseract, and 8 other contributors
Assets 2
Loading

v6.2.0 - The One Of Everything

02 Aug 18:05
@KelvinTegelaar KelvinTegelaar
v6.2.0
8db8c70
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v6.2.0 - The One Of Everything

Oh wow! it's time for a release again already?! insane that the last one was just a short two weeks ago. The last two weeks our team has been focused on making your wishes come true. That's why this release is called 'The one of everything' - If you want to check out the cocktail and drink it while reading this we won't mind.

Template Library

We've added a new feature called the 'Template Library'. CIPP has the ability to create static templates of any policy such as Conditional Access, Intune Configuration Policies, Intune Compliance Policies, and so much more.

Now that's cool and all but sometimes you just want things to stay in sync. Here's where we introduce Template Libraries. Instead of the template being a static object it's pulled from the tenant you point it too constantly, that keeps the templates fresh and good, and gives you a single location to enter updates.

image

Intune Standards v2

While we're on the subject of Intune, we've also updated our deployment engine for Intune Policies, you can now easily select which policies needs to be assigned to which group and get a better overview of how you've setup your policies.

Audit log view & Email viewer

We've also made it possible to get the auditlogs that have been triggered inside of CIPP, that allows you to view the audit log info directly in CIPP, and we've given you a new tool; the .eml reader that gives you headers, email information, attachments and everything else you're dreaming of.

354682627-5e30f065-46dd-4838-a260-bda86109a73e

Sponsors

We extend our gratitude to our supporters at https://renroros.no/, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com/, https://rewst.io/ and our newest sponsor, https://traceless.io/ and of course https://augmentt.com/!

And much more.

This release is so crazy long.

  • Fixed an issue with Hudu force syncs not working
  • Introduced spam filter settings using standards
  • Fixed issue with CA vacation mode not reporting the actual state
  • Added standard for read-receipts
  • Added Is Hidden property for hidden rules
  • Added the ability to change named locations using the actions menu.
  • Added standard to allow disable automatic email forwarding and reporting for mailboxes with automatic forwarding
  • Added the ability to schedule User Creation.
  • Added the ability to edit contacts
  • Added the ability to create alerts for out of compliance devices
  • Sanitized the secure score stuff
  • Added Teams Configuration
  • Added teams module
  • Added almost 20 new standards
  • Updated spam filters standards
  • Updated MFA report to reflect authentication methods
  • Added standard enable/disable option for OneDrive Shortcuts
  • Fixed an issue with Device Policies not applying correctly

What's Changed

Full Changelog: v6.1.0...v6.2.0

Contributors

OfficialEsco, JohnDuprey, and 4 other contributors
Assets 2
Loading

v6.1.0 - The Pink Elephant

19 Jul 17:22
@KelvinTegelaar KelvinTegelaar
v6.1.0
1502bc3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v6.1.0 - The Pink Elephant

Woo! It seems like this release is pretty close to the previous one right? That's because our previous release was out of band, to get back into our normal cycle we've decided to create a Quality of Life release, and how can we enjoy one of these releases? Well, we can grab a beautiful Pink Elephant and enjoy it while sitting in the sun.

Let's get started on what makes this release special. We've added some very very cool features.

Preprovision OneDrive

Ever had a large migration where you had to create hundreds of users, and then move data into their OneDrive? If you have, you know that Microsoft only provisions OneDrive storage after the first logon. That means if you have 1000 users, you'd need to logon a thousand times to get their OneDrive available.

That will no longer be an issue with this version of CIPP. In the user menu you can now select any user, or bulk select users, and make sure their OneDrive is available before logging on.

image

Create SharePoint Sites (and bulk creation!)

With the latest version you can now create SharePoint sites using the SharePoint menu, you can even set retention labels, but that's not all. We thought about those major migrations. Bulk adding SharePoint sites easily using a CSV file.

Edit Contacts, Better searches, Dismiss Risky Users

Thanks to @BNWEIN we now have the ability to edit contacts easily, allowing you to easily set the properties of contacts, but that's not all. We also improved the searches in our side menu allowing you to easily grab the correct user in dropdowns, then finally @OfficialEsco also added a new method to allow you to dismiss user risk using CIPP.

And much more.

We've of course worked our way through our feature requests and standards to, here's a quick rundown of those changes:

  • Fixed an issue with Hudu force syncs not working
  • Fixed an issue with dashboard domain rows having incorrect counts
  • Added a new standard to disable Legacy workflows
  • added bulk delete to contacts
  • added the ability managed folder assistant for mailboxes
  • added a standard for quarantine releases
  • Updated the text for password clears
  • Fixed an issue with Choco not getting all parameters
  • added ability to set localization on mailboxes
  • Fixed an issue with exchange standard not applying
  • and so much more

What's Changed

Full Changelog: v6.0.0...v6.1.0

Contributors

OfficialEsco, JohnDuprey, and 6 other contributors
Assets 2
Loading

v6.0.0 - The Voodoo

09 Jul 20:38
@KelvinTegelaar KelvinTegelaar
v6.0.0
3a763c8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v6.0.0 - The Voodoo

Woowoo! We are proud to announce CIPP version 6.0.0 - The Voodoo! This release is named after the magic that happens when you combine the right products together to create the fantastic mix. We've focused on new extension, improvements to our extensions menu, and so many feature requests, Oh! and a complete backup tool for your M365 configuration.

Let's dive into the wizardy that this release has to offer. Oh, and if you need a drink first, check out The Voodoo

Voodoo? No! Hudu!

Our team brought our magical Tophats to the Hudu Team, to see if we can make something cool, and with a bit of fun we've created a beautiful extension into the Hudu universe. Syncing your M365 Users and Devices becomes a piece of cake. Get a complete contact database? Get a full overview of your users and licenses? what devices they have and need? It's all in there. Want to see how it looks? check out the screenshot below.
image

Now this isn't all, we're just getting started. So much more is coming faster than you can say "This extension creates magical automatic documentation"

CIPP Backup Wizard

We've added a new Wizard that allows you to create a backup of your M365 environment, fully automagical. You just set it up, you decide which items you want included on the backup and from that moment forward it runs it nightly - You can restore the backup whenever you make a mistake, delete a conditional access policy,

image

Storage Updates & Offboarding Wizard Updates & SharePoint links

As a couple of notable changes we've added the ability to create a direct copy of the required sharepoint URLs for automapping too. You no longer need to look up all these URLs and you can just hit copy and paste it directly into the Intune configuration.

The backend was improved too - We can now store larger and larger files, want to store a large file? want to create a really big template? go right ahead. We've added an option to our offboarding wizard to allow removing old calendar updates.

Other fixes

We've added about 15 new standards, SharePoint standards, we've added a litigation hold standard since you can use this with BP, we've added a self-service license standard, we've upgraded our MFA report to be faster. We improved our Gradient Syncing and functioned a whole lot of backend functions, making everything that much faster. That's not all - Check out the full release notes for more information.

Sponsors

We extend our gratitude to our supporters at https://renroros.no, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com, https://rewst.io and our newest sponsor, https://traceless.io and of course https://augmentt.com!

What's Changed

New Contributors

Full Changelog: v5.9.0...v6.0.0

Contributors

OfficialEsco, JohnDuprey, and 6 other contributors
Assets 2
Loading

v5.9.0 - The Chupa Chup

24 Jun 20:41
@KelvinTegelaar KelvinTegelaar
v5.9.0
3acfdb1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.9.0 - The Chupa Chup

After last weeks surprise release, have a smaller release for you today. It's one filled with fun and flavour. Are you ready for some sweetness at the start of your week? Do you know what you really need? a fresh cocktail of course. Let's check out the chupa chup cocktail while we get to work.

Recap of the last release

In the last release we've added a new API Microsoft made available just because of us; per user MFA. You can now enable per user MFA, disable it, enforce it, and report it on it all through CIPP.

CIPP GDAP migration Wizard easy mode.

We improved the GDAP migration wizard, no need to go to multiple screens if you want to migrate to GDAP. The wizard now has a checkbox "Use CIPP Recommended configuration" which will take care of a lot of the work for you, Making implementing CIPP another step easier.

BPA updates

BPA has received some polishing and additives to it's formatters. We've also updated the speed of some of the updates running under BPA so you'll notice reports run faster.

Audit log updates

We used to receive audit logs from Microsoft whenever they felt like sending us some. This got quite busy at times. Instead we've decided to pick the packages up ourselves as we're just better drivers than MS ;) This causes a performance boost in the way we process audit logs. It also helps in keeping costs lower as we're no longer processing each webrequest.

Bugfixes and other notable changes

We've implemented a bunch of bug fixes; some issues with Exchange sometimes giving a strange result as the wrong anchor header was used, we've added some performance boosts to bulk requests for exchange, added a handful of new standards by @OfficialEsco and he also added a new risky sign in report, we've also expanded the default sign-in report to allow selection of how many failed logins trigger the log.

Sponsors

We extend our gratitude to our supporters at https://renroros.no, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com, https://rewst.io and our newest sponsor, https://traceless.io and of course https://augmentt.com!

What's Changed

New Contributors

Full Changelog: v5.8.5...v5.9.0

Contributors

OfficialEsco, JohnDuprey, and 4 other contributors
Assets 2
Loading

v5.8.5 - Per User MFA

14 Jun 14:11
@KelvinTegelaar KelvinTegelaar
v5.8.5
4269a2c
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.8.5 - Per User MFA

So last weeks release was already a little spoiler to this one. We knew we had to wait on Microsoft so we made you all expect the unexpected.

Microsoft and our team has been working closely on this for the past 6 months, having hard discussions with Microsoft on needs and creating an API isn't always the easiest, but thanks to @microsoft and specifically Luc van der Ende at Microsoft it is now possible to use CIPP to control per user MFA. This is an amazing feature and worthy of an in between release.

Per user MFA Explained

Per user MFA is a legacy method of MFA that many tenants still use, it has no license requirements and is free to use for anyone. It used to be managed via the Microsoft MSOL module which is now gone. Thanks to our hard work this has been converted to a Graph API by Microsoft.

Per User MFA is on a deprecation path, but currently is still the only way for you to use MFA for each logon when you do not have Conditional Access Available. CIPP introduces management of per user MFA in multiple ways:

Reports

The CIPP MFA report has been updated to include per user MFA, Now you know that as long as one of the checkboxes are green, your users are protected by some form of MFA
image

User Settings

It's pretty useless to report on something, and then not set it right? We've added the set per user MFA option to the users flyout. Select a user, set their MFA.
image

Of course that's also available as a bulk option, so you can set it for multiple users in one go.

Standard

Of course you don't want to keep checking which users have MFA and which do not. You can set the new Per User MFA standard. This standard allows you to set up MFA for all users that are missing it, report on it in our reporting engine, or alert on it when you need to know what's going on.

image

Other notable changes

  • Fixed an issue with exchange sometimes using the incorrect domain
  • Fixed an issue with SAM Wizard not completing without a hard refresh
  • Fixed an issue with blocked domains blocking access everywhere.

Sponsors

We extend our gratitude to our supporters at https://renroros.no, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com, https://rewst.io and our newest sponsor, https://traceless.io and of course https://augmentt.com!

What's Changed

Full Changelog: v5.8.0...v5.8.5

Contributors

microsoft, OfficialEsco, and 2 other contributors
Assets 2
Loading