diff --git a/CHANGELOG.md b/CHANGELOG.md index 8ca5837830..ef121a5f6c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -11,16 +11,13 @@ * FIXES [#5550](https://github.com/microsoft/Microsoft365DSC/issues/5550) * MISC * Fixed the Fabric web request to use basic parsing. - * Fixed an issue where the export does not convert tenant name into - generic $OrganizationName variable correctly. * Reset only necessary authentication context. * M365DSCUtil * Update `Get-M365DSCWorkloadsListFromResourceNames` function for more input types. FIXES [#5525](https://github.com/microsoft/Microsoft365DSC/issues/5525) * DEPENDENCIES * Updated Microsoft.PowerApps.Administration.PowerShell to version 2.0.202. - * Updated MSCloudLoginAssistant to version 1.1.30. - * Updated ReverseDSC to version 2.0.0.23. + * Updated MSCloudLoginAssistant to version 1.1.31. # 1.24.1211.1 diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/MSFT_AADAccessReviewDefinition.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/MSFT_AADAccessReviewDefinition.psm1 index ecc41b20ff..a266c3ce52 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/MSFT_AADAccessReviewDefinition.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAccessReviewDefinition/MSFT_AADAccessReviewDefinition.psm1 @@ -792,6 +792,11 @@ function Export-TargetResource } foreach ($config in $getValue) { + if ($null -ne $Global:M365DSCExportResourceInstancesCount) + { + $Global:M365DSCExportResourceInstancesCount++ + } + $displayedKey = $config.Id if (-not [String]::IsNullOrEmpty($config.displayName)) { diff --git a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 index 47a92c30df..ae6428f743 100644 --- a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 +++ b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 @@ -122,7 +122,7 @@ }, @{ ModuleName = "MSCloudLoginAssistant" - RequiredVersion = "1.1.30" + RequiredVersion = "1.1.31" }, @{ ModuleName = 'PnP.PowerShell' @@ -138,7 +138,7 @@ }, @{ ModuleName = 'ReverseDSC' - RequiredVersion = '2.0.0.23' + RequiredVersion = '2.0.0.22' } ) } diff --git a/Modules/Microsoft365DSC/Modules/M365DSCDRGUtil.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCDRGUtil.psm1 index c260db44eb..9c136ae97f 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCDRGUtil.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCDRGUtil.psm1 @@ -8,7 +8,7 @@ function Get-StringFirstCharacterToUpper $Value ) - return $Value.Substring(0, 1).ToUpper() + $Value.Substring(1, $Value.length - 1) + return $Value.Substring(0,1).ToUpper() + $Value.Substring(1,$Value.length-1) } function Get-StringFirstCharacterToLower @@ -21,7 +21,7 @@ function Get-StringFirstCharacterToLower $Value ) - return $Value.Substring(0, 1).ToLower() + $Value.Substring(1, $Value.length - 1) + return $Value.Substring(0,1).ToLower() + $Value.Substring(1,$Value.length-1) } function Remove-M365DSCCimInstanceTrailingCharacterFromExport @@ -50,7 +50,7 @@ function Rename-M365DSCCimInstanceParameter [Parameter(Mandatory = $false)] [System.Collections.Hashtable] - $KeyMapping = @{'odataType' = '@odata.type' } + $KeyMapping = @{'odataType' = '@odata.type'} ) $result = $Properties @@ -429,7 +429,7 @@ function Get-M365DSCDRGComplexTypeToString $currentValue = $ComplexObject[$key] if ($currentValue.GetType().Name -eq 'String') { - $currentValue = $ComplexObject[$key].Replace("'", "''").Replace('�', "''") + $currentValue = $ComplexObject[$key].Replace("'", "''").Replace("�", "''") } $currentProperty += Get-M365DSCDRGSimpleObjectTypeToString -Key $key -Value $currentValue -Space ($indent) } @@ -452,7 +452,7 @@ function Get-M365DSCDRGComplexTypeToString } } $indent = '' - $indent = ' ' * ($IndentLevel - 1) + $indent = ' ' * ($IndentLevel -1) if ($key -in $ComplexTypeMapping.Name) { $currentProperty += "`r`n" @@ -467,7 +467,7 @@ function Get-M365DSCDRGComplexTypeToString #Indenting last parenthesis when the cim instance is an array if ($IndentLevel -eq 5) { - $indent = ' ' * ($IndentLevel - 2) + $indent = ' ' * ($IndentLevel -2) $currentProperty += $indent } @@ -479,8 +479,8 @@ function Get-M365DSCDRGComplexTypeToString if ($null -ne $currentProperty) { - $fancySingleQuotes = '[\u2019\u2018]' - $fancyDoubleQuotes = '[\u201C\u201D]' + $fancySingleQuotes = "[\u2019\u2018]" + $fancyDoubleQuotes = "[\u201C\u201D]" $currentProperty = [regex]::Replace($currentProperty, $fancySingleQuotes, "''") $currentProperty = [regex]::Replace($currentProperty, $fancyDoubleQuotes, '"') } @@ -517,11 +517,11 @@ function Get-M365DSCDRGSimpleObjectTypeToString { $key = 'odataType' } - $returnValue = $Space + $Key + ' = "' + $Value + """`r`n" + $returnValue = $Space + $Key + " = '" + $Value + "'`r`n" } '*.DateTime' { - $returnValue = $Space + $Key + ' = "' + $Value + """`r`n" + $returnValue = $Space + $Key + " = '" + $Value + "'`r`n" } '*[[\]]' { @@ -540,11 +540,11 @@ function Get-M365DSCDRGSimpleObjectTypeToString { '*.String' { - $returnValue += "$whitespace""$item""$newline" + $returnValue += "$whitespace'$item'$newline" } '*.DateTime' { - $returnValue += "$whitespace""$item""$newline" + $returnValue += "$whitespace'$item'$newline" } Default { @@ -574,11 +574,9 @@ function Compare-M365DSCComplexObject { [CmdletBinding()] [OutputType([System.Boolean])] - param - ( + param( [Parameter()] $Source, - [Parameter()] $Target ) @@ -662,12 +660,12 @@ function Compare-M365DSCComplexObject return $true } - if ($Source.GetType().FullName -like '*CimInstance') + if ($Source.GetType().FullName -like "*CimInstance") { $keys = @() - $Source.CimInstanceProperties | ForEach-Object { + $Source.CimInstanceProperties | Foreach-Object { if ($_.Name -notin @('PSComputerName', 'CimClass', 'CimInstanceProperties', 'CimSystemProperties') ` - -and $_.IsValueModified) + -and $_.IsValueModified) { $keys += $_.Name } @@ -678,18 +676,18 @@ function Compare-M365DSCComplexObject $keys = $Source.Keys | Where-Object -FilterScript { $_ -ne 'PSComputerName' } } - if ($Target.GetType().FullName -like '*CimInstance') + if ($Target.GetType().FullName -like "*CimInstance") { $targetKeys = @() - $Target.CimInstanceProperties | ForEach-Object { + $Target.CimInstanceProperties | Foreach-Object { if ($_.Name -notin @('PSComputerName', 'CimClass', 'CimInstanceProperties', 'CimSystemProperties') ` - -and $_.IsValueModified) + -and $_.IsValueModified) { $targetKeys += $_.Name } } } - elseif ($Target.GetType().FullName -like '*Hashtable') + elseif ($Target.GetType().FullName -like "*Hashtable") { $targetKeys = $Target.Keys | Where-Object -FilterScript { $_ -ne 'PSComputerName' } } @@ -826,8 +824,7 @@ function Convert-M365DSCDRGComplexTypeToHashtable { [CmdletBinding()] [OutputType([hashtable], [hashtable[]])] - param - ( + param( [Parameter(Mandatory = $true)] [AllowNull()] $ComplexObject, @@ -913,12 +910,10 @@ function ConvertFrom-IntunePolicyAssignment { [CmdletBinding()] [OutputType([System.Collections.Hashtable[]])] - param - ( + param ( [Parameter(Mandatory = $true)] [Array] $Assignments, - [Parameter()] [System.Boolean] $IncludeDeviceFilter = $true @@ -955,7 +950,7 @@ function ConvertFrom-IntunePolicyAssignment $collectionId = $assignment.Target.AdditionalProperties.collectionId } - $hashAssignment.Add('dataType', $dataType) + $hashAssignment.Add('dataType',$dataType) if (-not [string]::IsNullOrEmpty($groupId)) { $hashAssignment.Add('groupId', $groupId) @@ -997,15 +992,14 @@ function ConvertFrom-IntunePolicyAssignment $assignmentResult += $hashAssignment } - return , $assignmentResult + return ,$assignmentResult } function ConvertTo-IntunePolicyAssignment { [CmdletBinding()] [OutputType([Hashtable[]])] - param - ( + param ( [Parameter(Mandatory = $true)] [AllowNull()] $Assignments, @@ -1017,13 +1011,13 @@ function ConvertTo-IntunePolicyAssignment if ($null -eq $Assignments) { - return , @() + return ,@() } $assignmentResult = @() foreach ($assignment in $Assignments) { - $target = @{'@odata.type' = $assignment.dataType } + $target = @{"@odata.type" = $assignment.dataType} if ($IncludeDeviceFilter) { if ($null -ne $assignment.DeviceAndAppManagementAssignmentFilterType) @@ -1051,14 +1045,14 @@ function ConvertTo-IntunePolicyAssignment if ($null -eq $group) { $message = "Skipping assignment for the group with DisplayName {$($assignment.groupDisplayName)} as it could not be found in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or groupDisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or groupDisplayName." Write-Warning -Message $message $target = $null } if ($group -and $group.Count -gt 1) { $message = "Skipping assignment for the group with DisplayName {$($assignment.groupDisplayName)} as it is not unique in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or a unique group DisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." Write-Warning -Message $message $group = $null $target = $null @@ -1067,7 +1061,7 @@ function ConvertTo-IntunePolicyAssignment else { $message = "Skipping assignment for the group with Id {$($assignment.groupId)} as it could not be found in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or a unique group DisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." Write-Warning -Message $message $target = $null } @@ -1081,23 +1075,21 @@ function ConvertTo-IntunePolicyAssignment if ($target) { - $assignmentResult += @{target = $target } + $assignmentResult += @{target = $target} } } - return , $assignmentResult + return ,$assignmentResult } function ConvertFrom-IntuneMobileAppAssignment { [CmdletBinding()] [OutputType([System.Collections.Hashtable[]])] - param - ( + param ( [Parameter(Mandatory = $true)] [Array] $Assignments, - [Parameter()] [System.Boolean] $IncludeDeviceFilter = $true @@ -1177,15 +1169,14 @@ function ConvertFrom-IntuneMobileAppAssignment $assignmentResult += $hashAssignment } - return , $assignmentResult + return ,$assignmentResult } function ConvertTo-IntuneMobileAppAssignment { [CmdletBinding()] [OutputType([Hashtable[]])] - param - ( + param ( [Parameter(Mandatory = $true)] [AllowNull()] $Assignments, @@ -1197,14 +1188,14 @@ function ConvertTo-IntuneMobileAppAssignment if ($null -eq $Assignments) { - return , @() + return ,@() } $assignmentResult = @() foreach ($assignment in $Assignments) { $formattedAssignment = @{} - $target = @{'@odata.type' = $assignment.dataType } + $target = @{"@odata.type" = $assignment.dataType} if ($IncludeDeviceFilter) { if ($null -ne $assignment.DeviceAndAppManagementAssignmentFilterType) @@ -1227,14 +1218,14 @@ function ConvertTo-IntuneMobileAppAssignment if ($null -eq $group) { $message = "Skipping assignment for the group with DisplayName {$($assignment.groupDisplayName)} as it could not be found in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or groupDisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or groupDisplayName." Write-Warning -Message $message $target = $null } if ($group -and $group.Count -gt 1) { $message = "Skipping assignment for the group with DisplayName {$($assignment.groupDisplayName)} as it is not unique in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or a unique group DisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." Write-Warning -Message $message $group = $null $target = $null @@ -1243,13 +1234,12 @@ function ConvertTo-IntuneMobileAppAssignment else { $message = "Skipping assignment for the group with Id {$($assignment.groupId)} as it could not be found in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or a unique group DisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." Write-Warning -Message $message $target = $null } } - else - { + else { #Skipping assignment if group not found from either groupId or groupDisplayName $target.Add('groupId', $group.Id) } @@ -1262,22 +1252,18 @@ function ConvertTo-IntuneMobileAppAssignment $assignmentResult += $formattedAssignment } - return , $assignmentResult + return ,$assignmentResult } function Compare-M365DSCIntunePolicyAssignment { [CmdletBinding()] [OutputType([System.Boolean])] - param - ( + param ( [Parameter()] - [array] - $Source, - + [array]$Source, [Parameter()] - [array] - $Target + [array]$Target ) $testResult = $Source.Count -eq $Target.Count @@ -1296,7 +1282,7 @@ function Compare-M365DSCIntunePolicyAssignment if (-not $testResult) { Write-Verbose 'Group not found by groupId, checking if group exists by id' - $groupNotFound = $null -eq (Get-MgGroup -GroupId ($assignment.groupId) -ErrorAction SilentlyContinue) + $groupNotFound = $null -eq (Get-MgGroup -GroupId ($assignment.groupId) -ErrorAction SilentlyContinue) } if (-not $testResult -and $groupNotFound) { @@ -1309,9 +1295,9 @@ function Compare-M365DSCIntunePolicyAssignment { Write-Verbose 'Group found by groupId or groupDisplayName, checking filters' $isFilterTypeSpecified = ($null -ne $assignment.deviceAndAppManagementAssignmentFilterType -and $assignment.deviceAndAppManagementAssignmentFilterType -ne 'none') -or ` - ($null -ne $assignmentTarget.deviceAndAppManagementAssignmentFilterType -and $assignmentTarget.deviceAndAppManagementAssignmentFilterType -ne 'none') + ($null -ne $assignmentTarget.deviceAndAppManagementAssignmentFilterType -and $assignmentTarget.deviceAndAppManagementAssignmentFilterType -ne 'none') $isFilterIdSpecified = ($null -ne $assignment.deviceAndAppManagementAssignmentFilterId -and $assignment.deviceAndAppManagementAssignmentFilterId -ne '00000000-0000-0000-0000-000000000000') -or ` - ($null -ne $assignmentTarget.deviceAndAppManagementAssignmentFilterId -and $assignmentTarget.deviceAndAppManagementAssignmentFilterId -ne '00000000-0000-0000-0000-000000000000') + ($null -ne $assignmentTarget.deviceAndAppManagementAssignmentFilterId -and $assignmentTarget.deviceAndAppManagementAssignmentFilterId -ne '00000000-0000-0000-0000-000000000000') if ($isFilterTypeSpecified) { Write-Verbose 'FilterType specified, checking filterType' @@ -1334,10 +1320,7 @@ function Compare-M365DSCIntunePolicyAssignment { $testResult = $null -ne ($Target | Where-Object -FilterScript { $_.dataType -eq $assignment.DataType }) } - if (-not $testResult) - { - break - } + if (-not $testResult) { break } } } @@ -1348,8 +1331,7 @@ function Update-DeviceConfigurationPolicyAssignment { [CmdletBinding()] [OutputType([System.Collections.Hashtable])] - param - ( + param ( [Parameter(Mandatory = $true)] [System.String] $DeviceConfigurationPolicyId, @@ -1363,7 +1345,7 @@ function Update-DeviceConfigurationPolicyAssignment $Repository = 'deviceManagement/configurationPolicies', [Parameter()] - [ValidateSet('v1.0', 'beta')] + [ValidateSet('v1.0','beta')] [System.String] $APIVersion = 'beta', @@ -1384,10 +1366,10 @@ function Update-DeviceConfigurationPolicyAssignment $target = $target.target } - $formattedTarget = @{'@odata.type' = $target.dataType } - if (-not $formattedTarget.'@odata.type' -and $target.'@odata.type') + $formattedTarget = @{"@odata.type" = $target.dataType} + if(-not $formattedTarget."@odata.type" -and $target."@odata.type") { - $formattedTarget.'@odata.type' = $target.'@odata.type' + $formattedTarget."@odata.type" = $target."@odata.type" } if ($target.groupId) { @@ -1400,14 +1382,14 @@ function Update-DeviceConfigurationPolicyAssignment if ($null -eq $group) { $message = "Skipping assignment for the group with DisplayName {$($target.groupDisplayName)} as it could not be found in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or groupDisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or groupDisplayName." Write-Warning -Message $message $target = $null } if ($group -and $group.count -gt 1) { $message = "Skipping assignment for the group with DisplayName {$($target.groupDisplayName)} as it is not unique in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or a unique group DisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." Write-Warning -Message $message $group = $null $target = $null @@ -1416,7 +1398,7 @@ function Update-DeviceConfigurationPolicyAssignment else { $message = "Skipping assignment for the group with Id {$($target.groupId)} as it could not be found in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or a unique group DisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." Write-Warning -Message $message $target = $null } @@ -1424,25 +1406,25 @@ function Update-DeviceConfigurationPolicyAssignment #Skipping assignment if group not found from either groupId or groupDisplayName if ($null -ne $group) { - $formattedTarget.Add('groupId', $group.Id) + $formattedTarget.Add('groupId',$group.Id) } } if ($target.collectionId) { - $formattedTarget.Add('collectionId', $target.collectionId) + $formattedTarget.Add('collectionId',$target.collectionId) } if ($target.deviceAndAppManagementAssignmentFilterType) { - $formattedTarget.Add('deviceAndAppManagementAssignmentFilterType', $target.deviceAndAppManagementAssignmentFilterType) + $formattedTarget.Add('deviceAndAppManagementAssignmentFilterType',$target.deviceAndAppManagementAssignmentFilterType) } if ($target.deviceAndAppManagementAssignmentFilterId) { - $formattedTarget.Add('deviceAndAppManagementAssignmentFilterId', $target.deviceAndAppManagementAssignmentFilterId) + $formattedTarget.Add('deviceAndAppManagementAssignmentFilterId',$target.deviceAndAppManagementAssignmentFilterId) } - $deviceManagementPolicyAssignments += @{'target' = $formattedTarget } + $deviceManagementPolicyAssignments += @{'target' = $formattedTarget} } - $body = @{$RootIdentifier = $deviceManagementPolicyAssignments } | ConvertTo-Json -Depth 20 + $body = @{$RootIdentifier = $deviceManagementPolicyAssignments} | ConvertTo-Json -Depth 20 Write-Verbose -Message $body Invoke-MgGraphRequest -Method POST -Uri $Uri -Body $body -ErrorAction Stop @@ -1463,8 +1445,7 @@ function Update-DeviceAppManagementPolicyAssignment { [CmdletBinding()] [OutputType([System.Collections.Hashtable])] - param - ( + param ( [Parameter(Mandatory = $true)] [System.String] $AppManagementPolicyId, @@ -1478,7 +1459,7 @@ function Update-DeviceAppManagementPolicyAssignment $Repository = 'deviceAppManagement/mobileApps', [Parameter()] - [ValidateSet('v1.0', 'beta')] + [ValidateSet('v1.0','beta')] [System.String] $APIVersion = 'beta', @@ -1496,7 +1477,7 @@ function Update-DeviceAppManagementPolicyAssignment { $formattedAssignment = @{ '@odata.type' = '#microsoft.graph.mobileAppAssignment' - intent = $assignment.intent + intent = $assignment.intent } if ($assigment.settings) { @@ -1508,10 +1489,10 @@ function Update-DeviceAppManagementPolicyAssignment $target = $assignment.target } - $formattedTarget = @{'@odata.type' = $target.dataType } - if (-not $formattedTarget.'@odata.type' -and $target.'@odata.type') + $formattedTarget = @{"@odata.type" = $target.dataType} + if(-not $formattedTarget."@odata.type" -and $target."@odata.type") { - $formattedTarget.'@odata.type' = $target.'@odata.type' + $formattedTarget."@odata.type" = $target."@odata.type" } if ($target.groupId) { @@ -1524,14 +1505,14 @@ function Update-DeviceAppManagementPolicyAssignment if ($null -eq $group) { $message = "Skipping assignment for the group with DisplayName {$($target.groupDisplayName)} as it could not be found in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or groupDisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or groupDisplayName." Write-Warning -Message $message $target = $null } if ($group -and $group.count -gt 1) { $message = "Skipping assignment for the group with DisplayName {$($target.groupDisplayName)} as it is not unique in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or a unique group DisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." Write-Warning -Message $message $group = $null $target = $null @@ -1540,7 +1521,7 @@ function Update-DeviceAppManagementPolicyAssignment else { $message = "Skipping assignment for the group with Id {$($target.groupId)} as it could not be found in the directory.`r`n" - $message += 'Please update your DSC resource extract with the correct groupId or a unique group DisplayName.' + $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." Write-Warning -Message $message $target = $null } @@ -1548,22 +1529,22 @@ function Update-DeviceAppManagementPolicyAssignment #Skipping assignment if group not found from either groupId or groupDisplayName if ($null -ne $group) { - $formattedTarget.Add('groupId', $group.Id) + $formattedTarget.Add('groupId',$group.Id) } } if ($target.deviceAndAppManagementAssignmentFilterType) { - $formattedTarget.Add('deviceAndAppManagementAssignmentFilterType', $target.deviceAndAppManagementAssignmentFilterType) + $formattedTarget.Add('deviceAndAppManagementAssignmentFilterType',$target.deviceAndAppManagementAssignmentFilterType) } if ($target.deviceAndAppManagementAssignmentFilterId) { - $formattedTarget.Add('deviceAndAppManagementAssignmentFilterId', $target.deviceAndAppManagementAssignmentFilterId) + $formattedTarget.Add('deviceAndAppManagementAssignmentFilterId',$target.deviceAndAppManagementAssignmentFilterId) } $formattedAssignment.Add('target', $formattedTarget) $appManagementPolicyAssignments += $formattedAssignment } - $body = @{$RootIdentifier = $appManagementPolicyAssignments } | ConvertTo-Json -Depth 20 + $body = @{$RootIdentifier = $appManagementPolicyAssignments} | ConvertTo-Json -Depth 20 Write-Verbose -Message $body Invoke-MgGraphRequest -Method POST -Uri $Uri -Body $body -ErrorAction Stop @@ -1584,8 +1565,7 @@ function Get-OmaSettingPlainTextValue { [CmdletBinding()] [OutputType([System.String])] - param - ( + Param( [Parameter(Mandatory = $true)] [System.String] $SecretReferenceValueId, @@ -1602,7 +1582,7 @@ function Get-OmaSettingPlainTextValue e.g. PolicyId for SecretReferenceValueId '35ea58ec-2a79-471d-8eea-7e28e6cd2722_bdf6c690-05fb-4d02-835d-5a7406c35d58_abe32712-2255-445f-a35e-0c6f143d82ca' is 'bdf6c690-05fb-4d02-835d-5a7406c35d58' #> - $SplitSecretReferenceValueId = $SecretReferenceValueId.Split('_') + $SplitSecretReferenceValueId = $SecretReferenceValueId.Split("_") if ($SplitSecretReferenceValueId.Count -eq 3) { $PolicyId = $SplitSecretReferenceValueId[1] @@ -1626,7 +1606,7 @@ function Get-OmaSettingPlainTextValue } catch { - $Message = 'Error decrypting OmaSetting with SecretReferenceValueId {0}:' -f $SecretReferenceValueId + $Message = "Error decrypting OmaSetting with SecretReferenceValueId {0}:" -f $SecretReferenceValueId New-M365DSCLogEntry -Message $Message ` -Exception $_ ` -Source $($MyInvocation.MyCommand.Source) ` @@ -1639,9 +1619,7 @@ function Get-OmaSettingPlainTextValue if (![String]::IsNullOrEmpty($Result.Value)) { return $Result.Value - } - else - { + } else { return $null } } @@ -1650,8 +1628,7 @@ function Get-IntuneSettingCatalogPolicySetting { [CmdletBinding()] [OutputType([System.Array])] - param - ( + param ( [Parameter(Mandatory = $true)] [System.Collections.Hashtable] $DSCParams, @@ -1695,11 +1672,11 @@ function Get-IntuneSettingCatalogPolicySetting if ($ContainsDeviceAndUserSettings) { - $deviceSettingTemplates = $SettingTemplates | Where-Object -FilterScript { - $_.SettingInstanceTemplate.SettingDefinitionId.StartsWith('device_') + $deviceSettingTemplates = $SettingTemplates | Where-object -FilterScript { + $_.SettingInstanceTemplate.SettingDefinitionId.StartsWith("device_") } - $userSettingTemplates = $SettingTemplates | Where-Object -FilterScript { - $_.SettingInstanceTemplate.SettingDefinitionId.StartsWith('user_') + $userSettingTemplates = $SettingTemplates | Where-object -FilterScript { + $_.SettingInstanceTemplate.SettingDefinitionId.StartsWith("user_") } $deviceDscParams = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $DSCParams.DeviceSettings -SingleLevel -ExcludeUnchangedProperties $userDscParams = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $DSCParams.UserSettings -SingleLevel -ExcludeUnchangedProperties @@ -1707,7 +1684,7 @@ function Get-IntuneSettingCatalogPolicySetting $combinedSettingInstances += Get-IntuneSettingCatalogPolicySetting -DSCParams $deviceDscParams -SettingTemplates $deviceSettingTemplates $combinedSettingInstances += Get-IntuneSettingCatalogPolicySetting -DSCParams $userDscParams -SettingTemplates $userSettingTemplates - return , $combinedSettingInstances + return ,$combinedSettingInstances } } @@ -1783,15 +1760,14 @@ function Get-IntuneSettingCatalogPolicySetting } } - return , $settingInstances + return ,$settingInstances } function Get-IntuneSettingCatalogPolicySettingInstanceValue { [CmdletBinding()] [OutputType([System.Collections.Hashtable])] - param - ( + param( [Parameter(Mandatory = 'true')] [System.Collections.Hashtable] $DSCParams, @@ -1853,12 +1829,12 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue $instanceCount = 1 if (($Level -gt 1 -and $groupSettingCollectionDefinitionChildren.Count -gt 1) -or - ($Level -eq 1 -and $SettingDefinition.AdditionalProperties.maximumCount -gt 1 -and $groupSettingCollectionDefinitionChildren.Count -ge 1 -and $groupSettingCollectionDefinitionChildren.AdditionalProperties.'@odata.type' -notcontains '#microsoft.graph.deviceManagementConfigurationSettingGroupCollectionDefinition')) + ($Level -eq 1 -and $SettingDefinition.AdditionalProperties.maximumCount -gt 1 -and $groupSettingCollectionDefinitionChildren.Count -ge 1 -and $groupSettingCollectionDefinitionChildren.AdditionalProperties.'@odata.type' -notcontains "#microsoft.graph.deviceManagementConfigurationSettingGroupCollectionDefinition")) { $SettingInstanceName += Get-SettingsCatalogSettingName -SettingDefinition $SettingDefinition -AllSettingDefinitions $AllSettingDefinitions - $settingInstanceNameAlternate = $SettingInstanceName + '_Intune' + $settingInstanceNameAlternate = $SettingInstanceName + "_Intune" $cimDSCParams = @() - $cimDSCParamsName = '' + $cimDSCParamsName = "" $DSCParams.GetEnumerator() | ForEach-Object { if ($_.Value.CimClass.CimClassName -eq $SettingInstanceName -or $_.Value.CimClass.CimClassName -like "$settingInstanceNameAlternate*") { @@ -1869,12 +1845,10 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue $newDSCParams = @{ $cimDSCParamsName = @() } - foreach ($instance in $cimDSCParams) - { + foreach ($instance in $cimDSCParams) { $newInstanceDSCParams = @{} # Preserve CIM instances when converting to hashtable - foreach ($property in $instance.CimInstanceProperties) - { + foreach ($property in $instance.CimInstanceProperties) { if ($property.IsValueModified) { $newInstanceDSCParams.Add($property.Name, $property.Value) @@ -1884,14 +1858,7 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue } $instanceCount = $newDSCParams.$cimDSCParamsName.Count $DSCParams = @{ - $cimDSCParamsName = if ($instanceCount -eq 1) - { - $newDSCParams.$cimDSCParamsName[0] - } - else - { - $newDSCParams.$cimDSCParamsName - } + $cimDSCParamsName = if ($instanceCount -eq 1) { $newDSCParams.$cimDSCParamsName[0] } else { $newDSCParams.$cimDSCParamsName } } $AllSettingDefinitions = $groupSettingCollectionDefinitionChildren + $SettingDefinition } @@ -1899,25 +1866,16 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue for ($i = 0; $i -lt $instanceCount; $i++) { $groupSettingCollectionValueChildren = @() - $currentDSCParams = if ($instanceCount -eq 1) - { - if (-not [System.String]::IsNullOrEmpty($cimDSCParamsName)) - { + $currentDSCParams = if ($instanceCount -eq 1) { + if (-not [System.String]::IsNullOrEmpty($cimDSCParamsName)) { $DSCParams.$cimDSCParamsName - } - else - { + } else { $DSCParams } - } - else - { - if (-not [System.String]::IsNullOrEmpty($cimDSCParamsName)) - { + } else { + if (-not [System.String]::IsNullOrEmpty($cimDSCParamsName)) { $DSCParams.$cimDSCParamsName[$i] - } - else - { + } else { $DSCParams[$i] } } @@ -1933,12 +1891,9 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue $childSettingValueName = $childSettingType.Replace('#microsoft.graph.deviceManagementConfiguration', '').Replace('Instance', 'Value') $childSettingValueType = "#microsoft.graph.deviceManagementConfiguration$($childSettingValueName)" $childSettingValueName = $childSettingValueName.Substring(0, 1).ToLower() + $childSettingValueName.Substring(1, $childSettingValueName.length - 1 ) - $childSettingInstanceTemplate = if ($null -ne $SettingInstanceTemplate.AdditionalProperties) - { + $childSettingInstanceTemplate = if ($null -ne $SettingInstanceTemplate.AdditionalProperties) { $SettingInstanceTemplate.AdditionalProperties.groupSettingCollectionValueTemplate.children | Where-Object { $_.settingDefinitionId -eq $childDefinition.Id } | Select-Object -First 1 - } - else - { + } else { $SettingInstanceTemplate.groupSettingCollectionValueTemplate.children | Where-Object { $_.settingDefinitionId -eq $childDefinition.Id } | Select-Object -First 1 } @@ -1974,13 +1929,13 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue } $childSettingValueItem.Add('@odata.type', $childSettingType) $childSettingValueInner.children += @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' groupSettingCollectionValue = @( @{ children = $childSettingValueItem.children } ) - settingDefinitionId = $childDefinition.Id + settingDefinitionId = $childDefinition.Id } <# GroupSettingCollection do not have a setting instance template reference if (-not [string]::IsNullOrEmpty($childSettingInstanceTemplate.settingInstanceTemplateId)) @@ -2021,8 +1976,7 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue } } - if ($groupSettingCollectionDefinitionChildren.Count -gt 0 -and $groupSettingCollectionValue.Count -gt 0) - { + if ($groupSettingCollectionDefinitionChildren.Count -gt 0 -and $groupSettingCollectionValue.Count -gt 0) { $settingValuesToReturn.Add('groupSettingCollectionValue', @($groupSettingCollectionValue)) } } @@ -2048,12 +2002,9 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue $childSettingValueName = $childSettingType.Replace('#microsoft.graph.deviceManagementConfiguration', '').Replace('Instance', 'Value') $childSettingValueType = "#microsoft.graph.deviceManagementConfiguration$($childSettingValueName)" $childSettingValueName = $childSettingValueName.Substring(0, 1).ToLower() + $childSettingValueName.Substring(1, $childSettingValueName.Length - 1 ) - $childSettingInstanceTemplate = if ($null -ne $SettingInstanceTemplate.AdditionalProperties) - { + $childSettingInstanceTemplate = if ($null -ne $SettingInstanceTemplate.AdditionalProperties) { $SettingInstanceTemplate.AdditionalProperties.choiceSettingValueTemplate.children | Where-Object { $_.settingDefinitionId -eq $childDefinition.Id } - } - else - { + } else { $SettingInstanceTemplate.choiceSettingValueTemplate.children | Where-Object { $_.settingDefinitionId -eq $childDefinition.Id } } $childSettingValueTemplateId = $childSettingInstanceTemplate."$($childSettingValueName)Template" | Where-Object { @@ -2084,19 +2035,16 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue if ($childSettingType -eq '#microsoft.graph.deviceManagementConfigurationSettingGroupCollectionInstance') { $childSettingType = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - } + } $childSettingValue.Add('@odata.type', $childSettingType) $choiceSettingValueChildren += $childSettingValue } } # Depending on the children count, we add the children to the choice setting or an empty array since the children property is required - if ($choiceSettingDefinitionChildren.Count -gt 0) - { + if ($choiceSettingDefinitionChildren.Count -gt 0) { $choiceSettingValue.Add('children', $choiceSettingValueChildren) - } - else - { + } else { $choiceSettingValue.Add('children', @()) } @@ -2145,8 +2093,8 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue foreach ($value in $values) { $choiceSettingValueCollection += @{ - value = $value - children = @() + value = $value + children = @() '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue' } } @@ -2179,8 +2127,7 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue '@odata.type' = $SettingValueType } } - if ($settingValueCollection.Count -gt 0) - { + if ($settingValueCollection.Count -gt 0) { $settingValuesToReturn.Add($SettingValueName, $settingValueCollection) } } @@ -2207,7 +2154,7 @@ function Get-IntuneSettingCatalogPolicySettingInstanceValue { if ($SettingDefinition.AdditionalProperties.valueDefinition.isSecret) { - $SettingValueType = '#microsoft.graph.deviceManagementConfigurationSecretSettingValue' + $SettingValueType = "#microsoft.graph.deviceManagementConfigurationSecretSettingValue" $settingValue.Add('valueState', 'NotEncrypted') } $settingValue.Add('@odata.type', $SettingValueType) @@ -2231,7 +2178,7 @@ function Get-IntuneSettingCatalogPolicySettingDSCValue ( [Parameter()] [System.String] - $SettingValueType = '', + $SettingValueType = "", [Parameter()] $SettingDefinition, @@ -2253,44 +2200,37 @@ function Get-IntuneSettingCatalogPolicySettingDSCValue } $isArray = $false - if ($SettingValueType -like '*Simple*') + if ($SettingValueType -like "*Simple*") { if ($DSCParams[$key] -is [System.String]) { - $SettingValueType = '#microsoft.graph.deviceManagementConfigurationStringSettingValue' + $SettingValueType = "#microsoft.graph.deviceManagementConfigurationStringSettingValue" } elseif ($DSCParams[$key] -is [System.Int32]) { - $SettingValueType = '#microsoft.graph.deviceManagementConfigurationIntegerSettingValue' + $SettingValueType = "#microsoft.graph.deviceManagementConfigurationIntegerSettingValue" } elseif ($DSCParams[$key] -is [System.String[]]) { - $SettingValueType = '#microsoft.graph.deviceManagementConfigurationStringSettingValue' + $SettingValueType = "#microsoft.graph.deviceManagementConfigurationStringSettingValue" $isArray = $true } elseif ($DSCParams[$key] -is [System.Int32[]]) { - $SettingValueType = '#microsoft.graph.deviceManagementConfigurationIntegerSettingValue' + $SettingValueType = "#microsoft.graph.deviceManagementConfigurationIntegerSettingValue" $isArray = $true } } - if ($SettingValueType -like '*Simple*' -or $SettingValueType -in @('#microsoft.graph.deviceManagementConfigurationIntegerSettingValue', '#microsoft.graph.deviceManagementConfigurationStringSettingValue')) + if ($SettingValueType -like "*Simple*" -or $SettingValueType -in @("#microsoft.graph.deviceManagementConfigurationIntegerSettingValue", "#microsoft.graph.deviceManagementConfigurationStringSettingValue")) { return @{ SettingDefinition = $SettingDefinition - SettingValueType = $SettingValueType - Value = if ($isArray) - { - , $DSCParams[$key] - } - else - { - $DSCParams[$key] - } + SettingValueType = $SettingValueType + Value = if ($isArray) { ,$DSCParams[$key] } else { $DSCParams[$key] } } } - elseif ($SettingValueType -like '*ChoiceSettingCollection*') + elseif ($SettingValueType -like "*ChoiceSettingCollection*") { $values = @() foreach ($value in $DSCParams[$key]) @@ -2306,8 +2246,8 @@ function Get-IntuneSettingCatalogPolicySettingDSCValue { return @{ SettingDefinition = $SettingDefinition - SettingValueType = $SettingValueType - Value = "$($SettingDefinition.Id)_$($DSCParams[$key])" + SettingValueType = $SettingValueType + Value = "$($SettingDefinition.Id)_$($DSCParams[$key])" } } } @@ -2316,8 +2256,7 @@ function Export-IntuneSettingCatalogPolicySettings { [CmdletBinding()] [OutputType([System.Collections.Hashtable])] - param - ( + param( [Parameter( Mandatory = $true, ParameterSetName = 'Start' @@ -2368,7 +2307,7 @@ function Export-IntuneSettingCatalogPolicySettings { $deviceSettingsReturnHashtable = @{} $deviceSettings = $Settings | Where-Object -FilterScript { - $_.SettingInstance.settingDefinitionId.StartsWith('device_') + $_.SettingInstance.settingDefinitionId.StartsWith("device_") } if ($AllSettingDefinitions.Count -eq 0) { @@ -2377,7 +2316,7 @@ function Export-IntuneSettingCatalogPolicySettings else { $allDeviceSettingDefinitions = $AllSettingDefinitions | Where-Object -FilterScript { - $_.Id.StartsWith('device_') + $_.Id.StartsWith("device_") } } foreach ($setting in $deviceSettings) @@ -2387,7 +2326,7 @@ function Export-IntuneSettingCatalogPolicySettings $userSettingsReturnHashtable = @{} $userSettings = $Settings | Where-Object -FilterScript { - $_.SettingInstance.settingDefinitionId.StartsWith('user_') + $_.SettingInstance.settingDefinitionId.StartsWith("user_") } if ($AllSettingDefinitions.Count -eq 0) { @@ -2396,7 +2335,7 @@ function Export-IntuneSettingCatalogPolicySettings else { $allUserSettingDefinitions = $AllSettingDefinitions | Where-Object -FilterScript { - $_.Id.StartsWith('user_') + $_.Id.StartsWith("user_") } } @@ -2431,26 +2370,12 @@ function Export-IntuneSettingCatalogPolicySettings $addToParameters = $true $settingDefinition = $SettingDefinitions | Where-Object -FilterScript { $_.Id -eq $SettingInstance.settingDefinitionId } $settingName = Get-SettingsCatalogSettingName -SettingDefinition $settingDefinition -AllSettingDefinitions $AllSettingDefinitions - $odataType = if ($IsRoot) - { - $SettingInstance.AdditionalProperties.'@odata.type' - } - else - { - $SettingInstance.'@odata.type' - } + $odataType = if ($IsRoot) { $SettingInstance.AdditionalProperties.'@odata.type' } else { $SettingInstance.'@odata.type' } switch ($odataType) { '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance' { - $simpleSetting = if ($IsRoot) - { - $SettingInstance.AdditionalProperties.simpleSettingValue - } - else - { - $SettingInstance.simpleSettingValue - } + $simpleSetting = if ($IsRoot) { $SettingInstance.AdditionalProperties.simpleSettingValue } else { $SettingInstance.simpleSettingValue } if ($simpleSetting.'@odata.type' -eq '#microsoft.graph.deviceManagementConfigurationIntegerSettingValue') { $settingValue = [int]$simpleSetting.value @@ -2462,23 +2387,9 @@ function Export-IntuneSettingCatalogPolicySettings } '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' { - $settingValue = if ($IsRoot) - { - $SettingInstance.AdditionalProperties.choiceSettingValue.value - } - else - { - $SettingInstance.choiceSettingValue.value - } + $settingValue = if ($IsRoot) { $SettingInstance.AdditionalProperties.choiceSettingValue.value } else { $SettingInstance.choiceSettingValue.value } $settingValue = $settingValue.Split('_') | Select-Object -Last 1 - $childSettings = if ($IsRoot) - { - $SettingInstance.AdditionalProperties.choiceSettingValue.children - } - else - { - $SettingInstance.choiceSettingValue.children - } + $childSettings = if ($IsRoot) { $SettingInstance.AdditionalProperties.choiceSettingValue.children } else { $SettingInstance.choiceSettingValue.children } foreach ($childSetting in $childSettings) { Export-IntuneSettingCatalogPolicySettings -SettingInstance $childSetting -SettingDefinitions $SettingDefinitions -ReturnHashtable $ReturnHashtable -AllSettingDefinitions $AllSettingDefinitions @@ -2487,14 +2398,7 @@ function Export-IntuneSettingCatalogPolicySettings '#microsoft.graph.deviceManagementConfigurationChoiceSettingCollectionInstance' { $values = @() - $childValues = if ($IsRoot) - { - $SettingInstance.AdditionalProperties.choiceSettingCollectionValue.value - } - else - { - $SettingInstance.choiceSettingCollectionValue.value - } + $childValues = if ($IsRoot) { $SettingInstance.AdditionalProperties.choiceSettingCollectionValue.value } else { $SettingInstance.choiceSettingCollectionValue.value } foreach ($value in $childValues) { $values += $value.Split('_') | Select-Object -Last 1 @@ -2503,14 +2407,7 @@ function Export-IntuneSettingCatalogPolicySettings } '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' { - $groupSettingCollectionValue = if ($IsRoot) - { - $SettingInstance.AdditionalProperties.groupSettingCollectionValue - } - else - { - $SettingInstance.groupSettingCollectionValue - } + $groupSettingCollectionValue = if ($IsRoot) { $SettingInstance.AdditionalProperties.groupSettingCollectionValue } else { $SettingInstance.groupSettingCollectionValue } [array]$childSettingDefinitions = $SettingDefinitions | Where-Object -FilterScript { $settingDefinition.AdditionalProperties.childIds -contains $_.Id } @@ -2560,14 +2457,7 @@ function Export-IntuneSettingCatalogPolicySettings } $childValue += $childHashtable } - $settingValue = if ($null -eq $childValue) - { - $childHashtable - } - else - { - , $childValue - } + $settingValue = if ($null -eq $childValue) { $childHashtable } else { ,$childValue } } else { @@ -2583,14 +2473,7 @@ function Export-IntuneSettingCatalogPolicySettings '#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' { $values = @() - $childValues = if ($IsRoot) - { - $SettingInstance.AdditionalProperties.simpleSettingCollectionValue - } - else - { - $SettingInstance.simpleSettingCollectionValue - } + $childValues = if ($IsRoot) { $SettingInstance.AdditionalProperties.simpleSettingCollectionValue } else { $SettingInstance.simpleSettingCollectionValue } foreach ($value in $childValues) { if ($value.'@odata.type' -eq '#microsoft.graph.deviceManagementConfigurationIntegerSettingValue') @@ -2694,15 +2577,11 @@ function Update-IntuneDeviceConfigurationPolicy } } -function Get-ComplexFunctionsFromFilterQuery -{ +function Get-ComplexFunctionsFromFilterQuery { [CmdletBinding()] [OutputType([System.Array])] - param - ( - [Parameter()] - [System.String] - $FilterQuery + param ( + [string]$FilterQuery ) $complexFunctionsRegex = "startswith\((.*?),\s*'(.*?)'\)|endswith\((.*?),\s*'(.*?)'\)|contains\((.*?),\s*'(.*?)'\)" @@ -2713,55 +2592,38 @@ function Get-ComplexFunctionsFromFilterQuery return $complexFunctions } -function Remove-ComplexFunctionsFromFilterQuery -{ +function Remove-ComplexFunctionsFromFilterQuery { [CmdletBinding()] [OutputType([System.String])] - param - ( - [Parameter()] - [System.String] - $FilterQuery + param ( + [string]$FilterQuery ) $complexFunctionsRegex = "startswith\((.*?),\s*'(.*?)'\)|endswith\((.*?),\s*'(.*?)'\)|contains\((.*?),\s*'(.*?)'\)" - $basicFilterQuery = [regex]::Replace($FilterQuery, $complexFunctionsRegex, '').Trim() - $basicFilterQuery = $basicFilterQuery -replace '^and\s', '' -replace '\sand$', '' -replace '\sand\s+', ' and ' -replace '\sor\s+', ' or ' + $basicFilterQuery = [regex]::Replace($FilterQuery, $complexFunctionsRegex, "").Trim() + $basicFilterQuery = $basicFilterQuery -replace "^and\s","" -replace "\sand$","" -replace "\sand\s+", " and " -replace "\sor\s+", " or " return $basicFilterQuery } -function Find-GraphDataUsingComplexFunctions -{ +function Find-GraphDataUsingComplexFunctions { [CmdletBinding()] [OutputType([System.Array])] - param - ( - [Parameter()] - [array] - $Policies, - - [Parameter()] - [array] - $ComplexFunctions + param ( + [array]$Policies, + [array]$ComplexFunctions ) - foreach ($function in $ComplexFunctions) - { - if ($function -match "startswith\((.*?),\s*'(.*?)'") - { + foreach ($function in $ComplexFunctions) { + if ($function -match "startswith\((.*?),\s*'(.*?)'") { $property = $matches[1] $value = $matches[2] $Policies = $Policies | Where-Object { $_.$property -like "$value*" } - } - elseif ($function -match "endswith\((.*?),\s*'(.*?)'") - { + } elseif ($function -match "endswith\((.*?),\s*'(.*?)'") { $property = $matches[1] $value = $matches[2] $Policies = $Policies | Where-Object { $_.$property -like "*$value" } - } - elseif ($function -match "contains\((.*?),\s*'(.*?)'") - { + } elseif ($function -match "contains\((.*?),\s*'(.*?)'") { $property = $matches[1] $value = $matches[2] $Policies = $Policies | Where-Object { $_.$property -like "*$value*" } diff --git a/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 index 3846ec98ce..76e01728c3 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 @@ -6,7 +6,7 @@ $Global:SessionSecurityCompliance = $null #region Extraction Modes $Global:DefaultComponents = @('SPOApp', 'SPOSiteDesign') -$Global:FullComponents = @('AADGroup', 'AADServicePrincipal', 'ADOSecurityPolicy', 'AzureSubscription','FabricAdminTenantSettings', ` +$Global:FullComponents = @('AADRoleManagementPolicyRule', 'AADGroup', 'AADServicePrincipal', 'ADOSecurityPolicy', 'AzureSubscription','FabricAdminTenantSettings', ` 'DefenderSubscriptionPlan', 'EXOCalendarProcessing', 'EXODistributionGroup', 'EXOMailboxAutoReplyConfiguration', ` 'EXOMailboxPermission','EXOMailboxCalendarFolder','EXOMailboxSettings', 'EXOManagementRole', 'O365Group', 'AADUser', ` 'PlannerPlan', 'PlannerBucket', 'PlannerTask', 'PPPowerAppsEnvironment', 'PPTenantSettings', 'SentinelSetting', 'SentinelWatchlist', ` @@ -3755,7 +3755,7 @@ function Get-M365DSCExportContentForResource if ($ConnectionMode -like 'ServicePrincipal*' -or ` $ConnectionMode -eq 'ManagedIdentity') { - $OrganizationName = $TenantId + $OrganizationName = $Results.TenantId } elseif ($null -ne $Credential.UserName) { @@ -3935,7 +3935,7 @@ function Get-M365DSCExportContentForResource } } - if ($null -ne $OrganizationName -and $partialContent.ToLower().IndexOf($OrganizationName.ToLower()) -gt 0) + if ($partialContent.ToLower().IndexOf($OrganizationName.ToLower()) -gt 0) { $partialContent = $partialContent -ireplace [regex]::Escape($OrganizationName + ':'), "`$($OrganizationName):" $partialContent = $partialContent -ireplace [regex]::Escape($OrganizationName), "`$OrganizationName"