diff --git a/CHANGELOG.md b/CHANGELOG.md index 3aa0a2e752..b71a6b46a0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,29 +2,54 @@ # UNRELEASED +* AADGroup + * Fixes #4596 * AADGroupSettings * Added support for parameter NewUnifiedGroupWritebackDefault +* EXOManagementRoleEntry + * Initial Rrelease * SCAutoSensitivityLabelPolicy * Fix incorrect mandatory Credential parameter in Set and Test methods FIXES [#4283](https://github.com/microsoft/Microsoft365DSC/issues/4283) +* IntuneAntivirusPolicyWindows10SettingCatalog + * Add missing properties from templates + * Update setting handling so that the value is reverted to default when unset * IntuneDeviceConfigurationCustomPolicyWindows10 * Fixed an issue where the payload of xml files was not encoded as base64. * IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10 * Fixed a creation and update issue when the exported policy contains a onboarding blob and the tenant is connected to Defender for Endpoint Service. +<<<<<<< fix4653 * TeamsMeetingPolicy * Fix creation and set of resource when cloud recording is set to false (off) FIXES [#4653](https://github.com/microsoft/Microsoft365DSC/issues/4653) +======= +* SPOSharingSettings + * Remove properties from being tested in certain conditions + FIXES [#4649](https://github.com/microsoft/Microsoft365DSC/issues/4649) + * Changed logic to retrieve my site for sovereign clouds. +* TeamsGroupPolicyAssignment + * Add missing policy type TeamsVerticalPackagePolicy + FIXES [#4647](https://github.com/microsoft/Microsoft365DSC/issues/4647) +* TeamsUpdateManagementPolicy + * Remove unnecessary parameters from PSBoundParameters such as authentication + methods, Ensure and Verbose by calling Remove-M365DSCAuthenticationParameter + FIXES [#4651](https://github.com/microsoft/Microsoft365DSC/issues/4651) +>>>>>>> Dev * M365DSCUtil * Fixed an issue where one could not pass empty arrays to the `Compare-PSCustomObjectArrays` function. * DEPENDENCIES - * Updated Microsoft.Graph to version 2.18.0. - * Updated Microsoft.PowerApps.Administration.PowerShell to version 2.0.182. + * Updated DSCParser to version 2.0.0.4. + * Updated Microsoft.Graph to version 2.19.0. + * Updated Microsoft.PowerApps.Administration.PowerShell to version 2.0.187. * MISC * Added support for Access Tokens across AAD resources. + * Added support for Access Tokens across SC resources. + * Added support for Access Tokens across SPO resources. * Added support for Access Tokens across Teams resources. * Fixing fake passwords in Unit Tests. + * Added ability to configure Telemetry client by ConnectionString. # 1.24.424.1 diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 index 0938389967..162a88e537 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 @@ -437,8 +437,7 @@ function Set-TargetResource $currentParameters.Remove('Owners') | Out-Null $currentParameters.Remove('Members') | Out-Null $currentParameters.Remove('MemberOf') | Out-Null - $currentParameters.Remove('AssignedToRole') | Out-Null - $currentParameters.Remove('AccessTokens') | Out-Null + #$currentParameters.Remove('AssignedToRole') | Out-Null if ($Ensure -eq 'Present' -and ` ($null -ne $GroupTypes -and $GroupTypes.Contains('Unified')) -and ` @@ -717,6 +716,9 @@ function Set-TargetResource elseif ($diff.SideIndicator -eq '<=') { Write-Verbose -Message "Removing new member {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}" + $memberObject = @{ + '@odata.id' = "https://graph.microsoft.com/v1.0/users/{$($user.Id)}" + } Remove-MgGroupMemberDirectoryObjectByRef -GroupId ($currentGroup.Id) -DirectoryObjectId ($user.Id) | Out-Null } } @@ -792,7 +794,7 @@ function Set-TargetResource } } - if ($currentGroup.IsAssignableToRole -eq $true) + if ($currentGroup.IsAssignableToRole -eq $true -and $currentParameters.ContainsKey('AssignedToRole')) { #AssignedToRole $currentAssignedToRoleValue = @() @@ -843,7 +845,7 @@ function Set-TargetResource elseif ($diff.SideIndicator -eq '<=') { Write-Verbose -Message "Removing AAD group {$($currentGroup.DisplayName)} from Directory Role {$($role.DisplayName)}" - Remove-MgBetaDirectoryRoleMemberByRef -DirectoryRoleId ($role.Id) -DirectoryObjectId ($currentGroup.Id) | Out-Null + Remove-MgBetaDirectoryRoleMemberDirectoryObjectByRef -DirectoryRoleId ($role.Id) -DirectoryObjectId ($currentGroup.Id) | Out-Null } } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/MSFT_EXOManagementRoleEntry.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/MSFT_EXOManagementRoleEntry.psm1 new file mode 100644 index 0000000000..c0be8b1c49 --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/MSFT_EXOManagementRoleEntry.psm1 @@ -0,0 +1,420 @@ +function Get-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Collections.Hashtable])] + param + ( + [Parameter(Mandatory = $true)] + [System.String] + $Identity, + + [Parameter()] + [System.String[]] + $Parameters, + + [Parameter()] + [ValidateSet('Cmdlet', 'Script', 'ApplicationPermission')] + [System.String] + $Type, + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String] + $CertificatePath, + + [Parameter()] + [System.Management.Automation.PSCredential] + $CertificatePassword, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + Write-Verbose -Message "Getting Management Role Entry configuration for {$Identity}" + if ($Global:CurrentModeIsExport) + { + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` + -InboundParameters $PSBoundParameters ` + -SkipModuleReload $true + } + else + { + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` + -InboundParameters $PSBoundParameters + } + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName -replace 'MSFT_', '' + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + try + { + $IdentityParts = $Identity.Split('\') + if ($null -ne $Script:exportedInstances -and $Script:ExportMode) + { + $roleEntry = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $IdentityParts[0] -and $_.Name -eq $IdentityParts[1]} + } + else + { + $roleEntry = Get-ManagementRoleEntry -Identity $Identity -ResultSize 'Unlimited' -ErrorAction Stop + } + + if ($null -eq $roleEntry) + { + throw "Management Role Entry {$Identity} does not exist." + } + else + { + $result = @{ + Identity = $Identity + Parameters = $roleEntry.Parameters + Type = $roleEntry.Type + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + CertificatePath = $CertificatePath + CertificatePassword = $CertificatePassword + ManagedIdentity = $ManagedIdentity + AccessTokens = $AccessTokens + } + + Write-Verbose -Message "Found Management Role Entry {$Identity}." + return $result + } + } + catch + { + New-M365DSCLogEntry -Message 'Error retrieving data:' ` + -Exception $_ ` + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential + + throw $_ + } +} + +function Set-TargetResource +{ + [CmdletBinding()] + param + ( + [Parameter(Mandatory = $true)] + [System.String] + $Identity, + + [Parameter()] + [System.String[]] + $Parameters, + + [Parameter()] + [ValidateSet('Cmdlet', 'Script', 'ApplicationPermission')] + [System.String] + $Type, + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String] + $CertificatePath, + + [Parameter()] + [System.Management.Automation.PSCredential] + $CertificatePassword, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + + Write-Verbose -Message "Setting Management Role Entry configuration for {$Identity}" + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName -replace 'MSFT_', '' + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` + -InboundParameters $PSBoundParameters + + $currentValues = Get-TargetResource @PSBoundParameters + $paramDifference = Compare-Object -ReferenceObject $currentValues.Parameters -DifferenceObject $Parameters + + $paramsToAdd = $paramDifference | Where-Object -FilterScript {$_.SideIndicator -eq '=>'} + $paramsToAddEntries = @() + foreach ($diff in $paramsToAdd) + { + $paramsToAddEntries += $diff.InputObject.ToString() + } + if ($paramsToAddEntries.Count -gt 0) + { + Write-Verbose -Message "Adding the following parameters to {$Identity}: $($paramsToAddEntries -join ',')" + Set-ManagementRoleEntry -Identity $Identity -AddParameter -Parameters $paramsToAddEntries + } + + $paramsToRemove = $paramDifference | Where-Object -FilterScript {$_.SideIndicator -eq '<='} + $paramsToRemoveEntries = @() + foreach ($diff in $paramsToRemove) + { + $paramsToRemoveEntries += $diff.InputObject.ToString() + } + if ($paramsToRemoveEntries.Count -gt 0) + { + Write-Verbose -Message "Removing the following parameters to {$Identity}: $($paramsToRemoveEntries -join ',')" + Set-ManagementRoleEntry -Identity $Identity -RemoveParameter -Parameters $paramsToRemoveEntries + } +} + +function Test-TargetResource +{ + [CmdletBinding()] + [OutputType([System.Boolean])] + param + ( + [Parameter(Mandatory = $true)] + [System.String] + $Identity, + + [Parameter()] + [System.String[]] + $Parameters, + + [Parameter()] + [ValidateSet('Cmdlet', 'Script', 'ApplicationPermission')] + [System.String] + $Type, + + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String] + $CertificatePath, + + [Parameter()] + [System.Management.Automation.PSCredential] + $CertificatePassword, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName -replace 'MSFT_', '' + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + Write-Verbose -Message "Testing Management Role Entry for {$Identity}" + + $CurrentValues = Get-TargetResource @PSBoundParameters + + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" + Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" + + $ValuesToCheck = $PSBoundParameters + + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys + + Write-Verbose -Message "Test-TargetResource returned $TestResult" + + return $TestResult +} + +function Export-TargetResource +{ + [CmdletBinding()] + [OutputType([System.String])] + param + ( + [Parameter()] + [System.Management.Automation.PSCredential] + $Credential, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $CertificateThumbprint, + + [Parameter()] + [System.String] + $CertificatePath, + + [Parameter()] + [System.Management.Automation.PSCredential] + $CertificatePassword, + + [Parameter()] + [Switch] + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens + ) + $ConnectionMode = New-M365DSCConnection -Workload 'ExchangeOnline' ` + -InboundParameters $PSBoundParameters ` + -SkipModuleReload $true + + #Ensure the proper dependencies are installed in the current environment. + Confirm-M365DSCDependencies + + #region Telemetry + $ResourceName = $MyInvocation.MyCommand.ModuleName -replace 'MSFT_', '' + $CommandName = $MyInvocation.MyCommand + $data = Format-M365DSCTelemetryParameters -ResourceName $ResourceName ` + -CommandName $CommandName ` + -Parameters $PSBoundParameters + Add-M365DSCTelemetryEvent -Data $data + #endregion + + try + { + $Script:ExportMode = $true + [array] $Script:exportedInstances = Get-ManagementRoleEntry -Identity '*\*' -ResultSize 'Unlimited' + + $dscContent = [System.Text.StringBuilder]::New() + + if ($Script:exportedInstances.Length -eq 0) + { + Write-Host $Global:M365DSCEmojiGreenCheckMark + } + else + { + Write-Host "`r`n" -NoNewline + } + $i = 1 + foreach ($roleEntry in $Script:exportedInstances) + { + Write-Host " |---[$i/$($Script:exportedInstances.Count)] $($roleEntry.Identity + "\" + $roleEntry.Name)" -NoNewline + + $Params = @{ + Identity = $roleEntry.Identity + "\" + $roleEntry.Name + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + CertificatePassword = $CertificatePassword + Managedidentity = $ManagedIdentity.IsPresent + CertificatePath = $CertificatePath + AccessTokens = $AccessTokens + } + $Results = Get-TargetResource @Params + $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` + -Results $Results + $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $Results ` + -Credential $Credential + $dscContent.Append($currentDSCBlock) | Out-Null + Save-M365DSCPartialExport -Content $currentDSCBlock ` + -FileName $Global:PartialExportFileName + Write-Host $Global:M365DSCEmojiGreenCheckMark + $i++ + } + return $dscContent.ToString() + } + catch + { + Write-Host $Global:M365DSCEmojiRedX + + New-M365DSCLogEntry -Message 'Error during Export:' ` + -Exception $_ ` + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential + + return '' + } +} + +Export-ModuleMember -Function *-TargetResource + diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/MSFT_EXOManagementRoleEntry.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/MSFT_EXOManagementRoleEntry.schema.mof new file mode 100644 index 0000000000..fc354aa94b --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/MSFT_EXOManagementRoleEntry.schema.mof @@ -0,0 +1,15 @@ +[ClassVersion("1.0.0.0"), FriendlyName("EXOManagementRoleEntry")] +class MSFT_EXOManagementRoleEntry : OMI_BaseResource +{ + [Key, Description("The Identity parameter specifies the role entry that you want to modify.")] String Identity; + [Write, Description("The Parameters parameter specifies the parameters to be added to or removed from the role entry.")] String Parameters[]; + [Write, Description("The Type parameter specifies the type of role entry to return."), ValueMap{"Cmdlet","Script","ApplicationPermission"}, Values{"Cmdlet","Script","ApplicationPermission"}] String Type; + [Write, Description("Credentials of the Exchange Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; + [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; + [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; + [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; + [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; + [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; +}; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/readme.md new file mode 100644 index 0000000000..c92217fa69 --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/readme.md @@ -0,0 +1,5 @@ +# EXOManagementRoleEntry + +## Description + +This resource configures RBAC Management Roles Entries in Exchange Online. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/settings.json new file mode 100644 index 0000000000..1c575b126b --- /dev/null +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOManagementRoleEntry/settings.json @@ -0,0 +1,31 @@ +{ + "resourceName": "EXOManagementRoleEntry", + "description": "", + "roles": { + "read": [ + "Global Reader" + ], + "update": [ + "Exchange Administrator" + ] + }, + "permissions": { + "graph": { + "delegated": { + "read": [], + "update": [] + }, + "application": { + "read": [], + "update": [] + } + }, + "exchange": { + "requiredroles": [ + "Role Management", + "View-Only Configuration" + ], + "requiredrolegroups": "Organization Management" + } + } +} diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 index 426936fbb4..b77d3ffd54 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 @@ -90,6 +90,14 @@ function Get-TargetResource [System.int32] $avgcpuloadfactor, + [Parameter] + [System.Int32] + $archivemaxdepth, + + [Parameter] + [System.Int32] + $archivemaxsize, + [Parameter()] [ValidateSet('0', '1')] [System.String] @@ -242,6 +250,11 @@ function Get-TargetResource [System.String] $engineupdateschannel, + [Parameter()] + [ValidateSet('0', '1')] + [System.String] + $meteredconnectionupdates, + [Parameter()] [ValidateSet('0', '2', '3', '4', '5', '6')] [System.String] @@ -275,6 +288,21 @@ function Get-TargetResource [System.Int32] $schedulescantime, + [Parameter()] + [ValidateSet('0', '1')] + [System.String] + $disabletlsparsing, + + [Parameter()] + [ValidateSet('0', '1')] + [System.String] + $randomizescheduletasktimes, + + [Parameter()] + [ValidateRange(1,23)] + [System.Int32] + $schedulerrandomizationtime, + [Parameter()] [System.String[]] $signatureupdatefallbackorder, @@ -600,6 +628,14 @@ function Set-TargetResource [System.int32] $avgcpuloadfactor, + [Parameter] + [System.Int32] + $archivemaxdepth, + + [Parameter] + [System.Int32] + $archivemaxsize, + [Parameter()] [ValidateSet('0', '1')] [System.String] @@ -752,6 +788,11 @@ function Set-TargetResource [System.String] $engineupdateschannel, + [Parameter()] + [ValidateSet('0', '1')] + [System.String] + $meteredconnectionupdates, + [Parameter()] [ValidateSet('0', '2', '3', '4', '5', '6')] [System.String] @@ -785,6 +826,21 @@ function Set-TargetResource [System.Int32] $schedulescantime, + [Parameter()] + [ValidateSet('0', '1')] + [System.String] + $disabletlsparsing, + + [Parameter()] + [ValidateSet('0', '1')] + [System.String] + $randomizescheduletasktimes, + + [Parameter()] + [ValidateRange(1,23)] + [System.Int32] + $schedulerrandomizationtime, + [Parameter()] [System.String[]] $signatureupdatefallbackorder, @@ -1062,6 +1118,14 @@ function Test-TargetResource [System.int32] $avgcpuloadfactor, + [Parameter] + [System.Int32] + $archivemaxdepth, + + [Parameter] + [System.Int32] + $archivemaxsize, + [Parameter()] [ValidateSet('0', '1')] [System.String] @@ -1214,6 +1278,11 @@ function Test-TargetResource [System.String] $engineupdateschannel, + [Parameter()] + [ValidateSet('0', '1')] + [System.String] + $meteredconnectionupdates, + [Parameter()] [ValidateSet('0', '2', '3', '4', '5', '6')] [System.String] @@ -1247,6 +1316,21 @@ function Test-TargetResource [System.Int32] $schedulescantime, + [Parameter()] + [ValidateSet('0', '1')] + [System.String] + $disabletlsparsing, + + [Parameter()] + [ValidateSet('0', '1')] + [System.String] + $randomizescheduletasktimes, + + [Parameter()] + [ValidateRange(1,23)] + [System.Int32] + $schedulerrandomizationtime, + [Parameter()] [System.String[]] $signatureupdatefallbackorder, @@ -1369,16 +1453,46 @@ function Test-TargetResource Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" - $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() + [Hashtable]$ValuesToCheck = @{} + $MyInvocation.MyCommand.Parameters.GetEnumerator() | ForEach-Object { + if ($_.Key -notlike '*Variable' -or $_.Key -notin @('Verbose', 'Debug', 'ErrorAction', 'WarningAction', 'InformationAction')) + { + if ($null -ne $CurrentValues[$_.Key] -or $null -ne $PSBoundParameters[$_.Key]) + { + $ValuesToCheck.Add($_.Key, $null) + if (-not $PSBoundParameters.ContainsKey($_.Key)) + { + $value = $null + switch ($CurrentValues[$_.Key].GetType().Name) + { + 'String' + { + $value = '' + } + 'Int32' + { + $value = 0 + } + 'String[]' + { + $value = @() + } + } + $PSBoundParameters.Add($_.Key, $value) + } + } + } + } $ValuesToCheck.Remove('Identity') | Out-Null + $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck + $testResult = $true if ($CurrentValues.Ensure -ne $Ensure) { $testResult = $false } - #region Assignments if ($testResult) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.schema.mof index 38669ca1f8..01e5b4d249 100644 Binary files a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.schema.mof and b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.schema.mof differ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.schema.mof index 5312d83fa4..81a1efa3dd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.schema.mof @@ -10,4 +10,5 @@ class MSFT_M365DSCRuleEvaluation : OMI_BaseResource [Write, Description("Secret of the Azure Active Directory application to authenticate with."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365AdminAuditLogConfig/MSFT_O365AdminAuditLogConfig.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_O365AdminAuditLogConfig/MSFT_O365AdminAuditLogConfig.schema.mof index 6cba94f8a2..8be2416a22 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365AdminAuditLogConfig/MSFT_O365AdminAuditLogConfig.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365AdminAuditLogConfig/MSFT_O365AdminAuditLogConfig.schema.mof @@ -11,4 +11,5 @@ class MSFT_O365AdminAuditLogConfig : OMI_BaseResource [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.schema.mof index 0e5417dc50..da4efabba8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.schema.mof @@ -13,4 +13,5 @@ class MSFT_O365Group : OMI_BaseResource [Write, Description("Secret of the Azure Active Directory application used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgCustomizationSetting/MSFT_O365OrgCustomizationSetting.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgCustomizationSetting/MSFT_O365OrgCustomizationSetting.schema.mof index 6b1fa5a53c..f58af2732c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgCustomizationSetting/MSFT_O365OrgCustomizationSetting.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgCustomizationSetting/MSFT_O365OrgCustomizationSetting.schema.mof @@ -9,4 +9,5 @@ class MSFT_O365OrgCustomizationSetting : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/MSFT_O365OrgSettings.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/MSFT_O365OrgSettings.schema.mof index 024b86dc3a..2eb2767c73 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/MSFT_O365OrgSettings.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/MSFT_O365OrgSettings.schema.mof @@ -35,4 +35,5 @@ class MSFT_O365OrgSettings : OMI_BaseResource [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365SearchAndIntelligenceConfigurations/MSFT_O365SearchAndIntelligenceConfigurations.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_O365SearchAndIntelligenceConfigurations/MSFT_O365SearchAndIntelligenceConfigurations.schema.mof index a957be4321..80dfaf25b2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365SearchAndIntelligenceConfigurations/MSFT_O365SearchAndIntelligenceConfigurations.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365SearchAndIntelligenceConfigurations/MSFT_O365SearchAndIntelligenceConfigurations.schema.mof @@ -7,4 +7,5 @@ class MSFT_O365SearchAndIntelligenceConfigurations : OMI_BaseResource [Write, Description("Specifies whether or not Person Insights should be available for the organization.")] Boolean PersonInsightsIsEnabledInOrganization; [Write, Description("Specifies a single Azure AD Group for which Person Insights needs to be disabled.")] String PersonInsightsDisabledForGroup; [Write, Description("Credentials of the Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_ODSettings/MSFT_ODSettings.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_ODSettings/MSFT_ODSettings.schema.mof index 8ded842c3c..8480f15bbe 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_ODSettings/MSFT_ODSettings.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_ODSettings/MSFT_ODSettings.schema.mof @@ -23,5 +23,5 @@ class MSFT_ODSettings : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; - diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAuditConfigurationPolicy/MSFT_SCAuditConfigurationPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAuditConfigurationPolicy/MSFT_SCAuditConfigurationPolicy.psm1 index df65de69c0..3bbe70dde1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAuditConfigurationPolicy/MSFT_SCAuditConfigurationPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAuditConfigurationPolicy/MSFT_SCAuditConfigurationPolicy.psm1 @@ -36,7 +36,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCAuditConfigurationPolicy for Workload {$Workload}" @@ -99,6 +103,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -154,7 +159,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCAuditConfigurationPolicy for $Workload" @@ -250,7 +259,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -271,16 +284,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -319,7 +322,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAuditConfigurationPolicy/MSFT_SCAuditConfigurationPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAuditConfigurationPolicy/MSFT_SCAuditConfigurationPolicy.schema.mof index 9c432cc3a1..aaf14d206b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAuditConfigurationPolicy/MSFT_SCAuditConfigurationPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAuditConfigurationPolicy/MSFT_SCAuditConfigurationPolicy.schema.mof @@ -9,4 +9,5 @@ class MSFT_SCAuditConfigurationPolicy : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.psm1 index c82516cd0b..d0e9f6df7d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.psm1 @@ -128,7 +128,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of Auto sensitivity Label Policy for $Name" @@ -209,6 +213,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -356,7 +361,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of Sensitivity label policy for $Name" @@ -401,6 +410,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null Write-Verbose "Creating new Auto Sensitivity label policy $Name." @@ -436,6 +446,7 @@ function Set-TargetResource $SetParams.Remove('CertificateThumbprint') | Out-Null $SetParams.Remove('ManagedIdentity') | Out-Null $SetParams.Remove('ApplicationSecret') | Out-Null + $SetParams.Remove('AccessTokens') | Out-Null Set-AutoSensitivityLabelPolicy @SetParams -Identity $Name } @@ -467,6 +478,7 @@ function Set-TargetResource $SetParams.Remove('CertificateThumbprint') | Out-Null $SetParams.Remove('ManagedIdentity') | Out-Null $SetParams.Remove('ApplicationSecret') | Out-Null + $SetParams.Remove('AccessTokens') | Out-Null try { @@ -623,7 +635,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #region Telemetry @@ -640,16 +656,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - if ($null -ne $RemoveExchangeLocation -or $null -ne $AddExchangeLocation -or $null -ne $ExchangeLocation) { $configData = New-PolicyData -configData $ExchangeLocation -currentData $CurrentValues.ExchangeLocation ` @@ -792,7 +798,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.schema.mof index 6cd6920db3..e605851bbb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelPolicy/MSFT_SCAutoSensitivityLabelPolicy.schema.mof @@ -32,4 +32,5 @@ class MSFT_SCAutoSensitivityLabelPolicy : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.psm1 index ab4ff4e9be..e098b6010d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.psm1 @@ -218,7 +218,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of DLPCompliancePolicy for $Name" @@ -351,6 +355,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } $paramsToRemove = @() @@ -603,7 +608,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of DLPComplianceRule for $Name" @@ -676,6 +685,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null Write-Verbose -Message 'Flipping the parent policy to Mode = TestWithoutNotification while we create the rule' $parentPolicy = Get-AutoSensitivityLabelPolicy -Identity $Policy @@ -745,6 +755,7 @@ function Set-TargetResource $UpdateParams.Remove('CertificateThumbprint') | Out-Null $UpdateParams.Remove('ManagedIdentity') | Out-Null $UpdateParams.Remove('ApplicationSecret') | Out-Null + $UpdateParams.Remove('AccessTokens') | Out-Null Write-Verbose -Message 'Flipping the parent policy to Mode = TestWithoutNotification while we editing the rule' $parentPolicy = Get-AutoSensitivityLabelPolicy -Identity $Policy @@ -988,7 +999,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #region Telemetry $ResourceName = $MyInvocation.MyCommand.ModuleName -replace 'MSFT_', '' @@ -1007,16 +1022,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - #region Test Sensitive Information Type # For each Desired SIT check to see if there is an existing rule with the same name if ($null -ne $ValuesToCheck['ContentContainsSensitiveInformation']) @@ -1101,7 +1106,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.schema.mof index 1794528c44..3cf16cb20d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.schema.mof @@ -90,4 +90,5 @@ class MSFT_SCAutoSensitivityLabelRule : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldPolicy/MSFT_SCCaseHoldPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldPolicy/MSFT_SCCaseHoldPolicy.psm1 index d1b762f7a6..42c646d0c8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldPolicy/MSFT_SCCaseHoldPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldPolicy/MSFT_SCCaseHoldPolicy.psm1 @@ -59,7 +59,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCCaseHoldPolicy for $Name" @@ -117,6 +121,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -196,7 +201,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCCaseHoldPolicy for $Name" @@ -232,6 +241,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-CaseHoldPolicy @CreationParams } @@ -251,6 +261,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null $policy = Get-CaseHoldPolicy -Identity $Name -Case $Case $CreationParams.Add('Identity', $policy.Name) @@ -392,7 +403,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -413,16 +428,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -461,7 +466,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldPolicy/MSFT_SCCaseHoldPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldPolicy/MSFT_SCCaseHoldPolicy.schema.mof index f72a91f853..7bb7633ff7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldPolicy/MSFT_SCCaseHoldPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldPolicy/MSFT_SCCaseHoldPolicy.schema.mof @@ -15,4 +15,5 @@ class MSFT_SCCaseHoldPolicy : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldRule/MSFT_SCCaseHoldRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldRule/MSFT_SCCaseHoldRule.psm1 index e70dce2d4d..76933e8f09 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldRule/MSFT_SCCaseHoldRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldRule/MSFT_SCCaseHoldRule.psm1 @@ -51,7 +51,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. @@ -108,6 +112,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -179,7 +184,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCCaseHoldRule for $Name" @@ -215,6 +224,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null Write-Verbose "Creating new Case Hold Rule $Name calling the New-CaseHoldRule cmdlet." New-CaseHoldRule @CreationParams @@ -291,7 +301,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -312,16 +326,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -360,7 +364,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldRule/MSFT_SCCaseHoldRule.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldRule/MSFT_SCCaseHoldRule.schema.mof index 64b31714d1..a6c732d13c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldRule/MSFT_SCCaseHoldRule.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCCaseHoldRule/MSFT_SCCaseHoldRule.schema.mof @@ -13,4 +13,5 @@ class MSFT_SCCaseHoldRule : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceCase/MSFT_SCComplianceCase.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceCase/MSFT_SCComplianceCase.psm1 index 777de72029..f994da49b5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceCase/MSFT_SCComplianceCase.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceCase/MSFT_SCComplianceCase.psm1 @@ -44,7 +44,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCComplianceCase for $Name" @@ -102,6 +106,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -165,7 +170,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCComplianceCase for $Name" @@ -202,6 +211,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null Write-Verbose "Creating new Compliance Case $Name calling the New-ComplianceCase cmdlet." New-ComplianceCase @CreationParams @@ -286,7 +296,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -307,16 +321,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -355,7 +359,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceCase/MSFT_SCComplianceCase.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceCase/MSFT_SCComplianceCase.schema.mof index 198efeb8f2..04601a1416 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceCase/MSFT_SCComplianceCase.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceCase/MSFT_SCComplianceCase.schema.mof @@ -11,4 +11,5 @@ class MSFT_SCComplianceCase : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearch/MSFT_SCComplianceSearch.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearch/MSFT_SCComplianceSearch.psm1 index f0e4d7f2cd..18e5eadc36 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearch/MSFT_SCComplianceSearch.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearch/MSFT_SCComplianceSearch.psm1 @@ -83,7 +83,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCComplianceSearch for $Name" @@ -153,6 +157,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } $nullParams = @() @@ -269,7 +274,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCComplianceSearch for $Name" @@ -305,6 +314,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null Write-Verbose "Creating new Compliance Search $Name calling the New-ComplianceSearch cmdlet." New-ComplianceSearch @CreationParams @@ -327,6 +337,7 @@ function Set-TargetResource $SetParams.Remove('CertificateThumbprint') | Out-Null $SetParams.Remove('ManagedIdentity') | Out-Null $SetParams.Remove('ApplicationSecret') | Out-Null + $SetParams.Remove('AccessTokens') | Out-Null Set-ComplianceSearch @SetParams -Identity $Name } @@ -422,7 +433,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -443,16 +458,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -491,7 +496,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` @@ -561,6 +570,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } Write-Host " |---[$i/$($searches.Name.Count)] $($search.Name)" -NoNewline $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearch/MSFT_SCComplianceSearch.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearch/MSFT_SCComplianceSearch.schema.mof index 717e5ce660..3c87e41099 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearch/MSFT_SCComplianceSearch.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearch/MSFT_SCComplianceSearch.schema.mof @@ -21,4 +21,5 @@ class MSFT_SCComplianceSearch : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.psm1 index 1573313c8b..0ad798b17b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.psm1 @@ -70,7 +70,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCComplianceSearchAction for $SearchName - $Action" if ($Global:CurrentModeIsExport) @@ -142,6 +146,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } if ($ActionName -eq 'Preview') { @@ -163,6 +168,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } } @@ -264,7 +270,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCComplianceSearchAction for $SearchName - $Action" @@ -301,6 +311,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null if ($null -ne $ActionScope) { @@ -459,7 +470,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -479,16 +494,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -527,7 +532,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.schema.mof index 332dd71188..0c089b16aa 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceSearchAction/MSFT_SCComplianceSearchAction.schema.mof @@ -17,4 +17,5 @@ class MSFT_SCComplianceSearchAction : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.psm1 index 7de1bcf6c9..305306883f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.psm1 @@ -77,7 +77,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of ComplianceTag for $Name" @@ -137,6 +141,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } if (-not [System.String]::IsNullOrEmpty($tagObject.FilePlanMetadata)) @@ -239,7 +244,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of ComplianceTag for $Name" @@ -275,6 +284,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null #Convert File plan to JSON before Set if ($FilePlanProperty) @@ -307,6 +317,7 @@ function Set-TargetResource $SetParams.Remove('CertificateThumbprint') | Out-Null $SetParams.Remove('ManagedIdentity') | Out-Null $SetParams.Remove('ApplicationSecret') | Out-Null + $SetParams.Remove('AccessTokens') | Out-Null # Once set, a label can't be removed; if ($SetParams.IsRecordLabel -eq $false -and $CurrentTag.IsRecordLabel -eq $true) @@ -432,7 +443,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -454,16 +469,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestFilePlanProperties = Test-SCFilePlanProperties -CurrentProperty $CurrentValues ` -DesiredProperty $PSBoundParameters @@ -511,7 +516,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.schema.mof index c8544dc6c8..4814e8bc00 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.schema.mof @@ -29,4 +29,5 @@ class MSFT_SCComplianceTag : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPCompliancePolicy/MSFT_SCDLPCompliancePolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPCompliancePolicy/MSFT_SCDLPCompliancePolicy.psm1 index bf578df467..0b9538e51e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPCompliancePolicy/MSFT_SCDLPCompliancePolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPCompliancePolicy/MSFT_SCDLPCompliancePolicy.psm1 @@ -116,7 +116,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of DLPCompliancePolicy for $Name" @@ -206,6 +210,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -341,7 +346,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of DLPCompliancePolicy for $Name" @@ -366,27 +375,29 @@ function Set-TargetResource if (('Present' -eq $Ensure) -and ('Absent' -eq $CurrentPolicy.Ensure)) { $CreationParams = $PSBoundParameters - $CreationParams.Remove('Credential') - $CreationParams.Remove('ApplicationId') - $CreationParams.Remove('TenantId') - $CreationParams.Remove('CertificateThumbprint') - $CreationParams.Remove('CertificatePath') - $CreationParams.Remove('CertificatePassword') - $CreationParams.Remove('Ensure') + $CreationParams.Remove('Credential') | Out-Null + $CreationParams.Remove('ApplicationId') | Out-Null + $CreationParams.Remove('TenantId') | Out-Null + $CreationParams.Remove('CertificateThumbprint') | Out-Null + $CreationParams.Remove('CertificatePath') | Out-Null + $CreationParams.Remove('CertificatePassword') | Out-Null + $CreationParams.Remove('Ensure') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-DLPCompliancePolicy @CreationParams } elseif (('Present' -eq $Ensure) -and ('Present' -eq $CurrentPolicy.Ensure)) { $CreationParams = $PSBoundParameters - $CreationParams.Remove('Credential') - $CreationParams.Remove('ApplicationId') - $CreationParams.Remove('TenantId') - $CreationParams.Remove('CertificateThumbprint') - $CreationParams.Remove('CertificatePath') - $CreationParams.Remove('CertificatePassword') - $CreationParams.Remove('Ensure') - $CreationParams.Remove('Name') - $CreationParams.Add('Identity', $Name) + $CreationParams.Remove('Credential') | Out-Null + $CreationParams.Remove('ApplicationId') | Out-Null + $CreationParams.Remove('TenantId') | Out-Null + $CreationParams.Remove('CertificateThumbprint') | Out-Null + $CreationParams.Remove('CertificatePath') | Out-Null + $CreationParams.Remove('CertificatePassword') | Out-Null + $CreationParams.Remove('Ensure') | Out-Null + $CreationParams.Remove('Name') | Out-Null + $CreationParams.Add('Identity', $Name) | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null # SharePoint Location is specified or already existing, we need to determine # the delta. @@ -854,7 +865,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -915,7 +930,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPCompliancePolicy/MSFT_SCDLPCompliancePolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPCompliancePolicy/MSFT_SCDLPCompliancePolicy.schema.mof index a8d38e2d39..0392c191fe 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPCompliancePolicy/MSFT_SCDLPCompliancePolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPCompliancePolicy/MSFT_SCDLPCompliancePolicy.schema.mof @@ -29,4 +29,5 @@ class MSFT_SCDLPCompliancePolicy : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 index 8e2cf780e5..b62340f1b4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.psm1 @@ -307,7 +307,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of DLPCompliancePolicy for $Name" @@ -461,6 +465,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } $paramsToRemove = @() @@ -801,7 +806,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of DLPComplianceRule for $Name" @@ -872,7 +881,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null - + $CreationParams.Remove('AccessTokens') | Out-Null Write-Verbose -Message "Calling New-DLPComplianceRule with Values: $(Convert-M365DscHashtableToString -Hashtable $CreationParams)" New-DLPComplianceRule @CreationParams @@ -930,6 +939,7 @@ function Set-TargetResource $UpdateParams.Remove('CertificateThumbprint') | Out-Null $UpdateParams.Remove('ManagedIdentity') | Out-Null $UpdateParams.Remove('ApplicationSecret') | Out-Null + $UpdateParams.Remove('AccessTokens') | Out-Null Write-Verbose "Updating Rule with values: $(Convert-M365DscHashtableToString -Hashtable $UpdateParams)" Set-DLPComplianceRule @UpdateParams @@ -1250,7 +1260,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -1272,16 +1286,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - #region Test Sensitive Information Type # For each Desired SIT check to see if there is an existing rule with the same name if ($null -ne $ValuesToCheck['ContentContainsSensitiveInformation']) @@ -1367,7 +1371,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof index e827a0ecfa..16990b0c55 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof @@ -108,4 +108,5 @@ class MSFT_SCDLPComplianceRule : OMI_BaseResource [Write, Description("The SetHeader The SetHeader parameter specifies an action for the DLP rule that adds or modifies a header field and value in the message header. You can specify multiple header name and value pairs separated by commas")] String SetHeader[]; [Write, Description("The ContentExtensionMatchesWords parameter specifies a condition for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas.")] String ContentExtensionMatchesWords[]; [Write, Description("The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas.")] String ExceptIfContentExtensionMatchesWords[]; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessPolicy/MSFT_SCDeviceConditionalAccessPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessPolicy/MSFT_SCDeviceConditionalAccessPolicy.psm1 index ee3ad5cdff..0fb94c806c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessPolicy/MSFT_SCDeviceConditionalAccessPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessPolicy/MSFT_SCDeviceConditionalAccessPolicy.psm1 @@ -43,7 +43,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of Device Conditional Access Policy for $Name" @@ -99,6 +103,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -162,7 +167,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of Device Conditional Access Policy for $Name" @@ -198,6 +207,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-DeviceConditionalAccessPolicy @CreationParams } @@ -217,6 +227,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null Write-Verbose "Updating Policy with values: $(Convert-M365DscHashtableToString -Hashtable $CreationParams)" Set-DeviceConditionalAccessPolicy @CreationParams @@ -273,7 +284,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -296,16 +311,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -344,7 +349,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessPolicy/MSFT_SCDeviceConditionalAccessPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessPolicy/MSFT_SCDeviceConditionalAccessPolicy.schema.mof index d11fb99dc0..aadf4a04a6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessPolicy/MSFT_SCDeviceConditionalAccessPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConditionalAccessPolicy/MSFT_SCDeviceConditionalAccessPolicy.schema.mof @@ -11,4 +11,5 @@ class MSFT_SCDeviceConditionalAccessPolicy : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationPolicy/MSFT_SCDeviceConfigurationPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationPolicy/MSFT_SCDeviceConfigurationPolicy.psm1 index 6a4809efc9..cf2ecfc407 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationPolicy/MSFT_SCDeviceConfigurationPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationPolicy/MSFT_SCDeviceConfigurationPolicy.psm1 @@ -43,7 +43,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of Device Configuration Policy for $Name" @@ -99,6 +103,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -162,7 +167,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of Device Configuration Policy for $Name" @@ -198,6 +207,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-DeviceConfigurationPolicy @CreationParams } @@ -216,6 +226,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null $CreationParams.Add('Identity', $Name) @@ -274,7 +285,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -297,16 +312,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -345,7 +350,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationPolicy/MSFT_SCDeviceConfigurationPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationPolicy/MSFT_SCDeviceConfigurationPolicy.schema.mof index b2bfef28a1..e40501c0ff 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationPolicy/MSFT_SCDeviceConfigurationPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDeviceConfigurationPolicy/MSFT_SCDeviceConfigurationPolicy.schema.mof @@ -11,4 +11,5 @@ class MSFT_SCDeviceConfigurationPolicy : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyAuthority/MSFT_SCFilePlanPropertyAuthority.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyAuthority/MSFT_SCFilePlanPropertyAuthority.psm1 index dadd25c22e..30ee99b616 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyAuthority/MSFT_SCFilePlanPropertyAuthority.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyAuthority/MSFT_SCFilePlanPropertyAuthority.psm1 @@ -35,7 +35,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCFilePlanPropertyAuthority for $Name" @@ -88,6 +92,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -142,7 +147,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCFilePlanPropertyAuthority for $Name" @@ -178,6 +187,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-FilePlanPropertyAuthority @CreationParams } @@ -245,7 +255,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -266,16 +280,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -314,7 +318,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyAuthority/MSFT_SCFilePlanPropertyAuthority.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyAuthority/MSFT_SCFilePlanPropertyAuthority.schema.mof index 85a7f732e1..339ddb9d48 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyAuthority/MSFT_SCFilePlanPropertyAuthority.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyAuthority/MSFT_SCFilePlanPropertyAuthority.schema.mof @@ -9,4 +9,5 @@ class MSFT_SCFilePlanPropertyAuthority : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCategory/MSFT_SCFilePlanPropertyCategory.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCategory/MSFT_SCFilePlanPropertyCategory.psm1 index 6b215b5a80..5e613dbe33 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCategory/MSFT_SCFilePlanPropertyCategory.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCategory/MSFT_SCFilePlanPropertyCategory.psm1 @@ -35,7 +35,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCFilePlanPropertyCategory for $Name" @@ -87,6 +91,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -141,7 +146,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCFilePlanPropertyCategory for $Name" @@ -177,6 +186,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-FilePlanPropertyCategory @CreationParams } @@ -244,7 +254,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. @@ -266,16 +280,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -314,7 +318,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCategory/MSFT_SCFilePlanPropertyCategory.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCategory/MSFT_SCFilePlanPropertyCategory.schema.mof index 0d46339c3c..ffb38cec68 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCategory/MSFT_SCFilePlanPropertyCategory.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCategory/MSFT_SCFilePlanPropertyCategory.schema.mof @@ -9,4 +9,5 @@ class MSFT_SCFilePlanPropertyCategory : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCitation/MSFT_SCFilePlanPropertyCitation.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCitation/MSFT_SCFilePlanPropertyCitation.psm1 index e7b4a5684d..18c98f6693 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCitation/MSFT_SCFilePlanPropertyCitation.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCitation/MSFT_SCFilePlanPropertyCitation.psm1 @@ -43,7 +43,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCFilePlanPropertyCitation for $Name" @@ -99,6 +103,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -161,7 +166,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCFilePlanPropertyCitation for $Name" @@ -197,6 +206,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-FilePlanPropertyCitation @CreationParams } @@ -272,7 +282,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -293,16 +307,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -341,7 +345,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCitation/MSFT_SCFilePlanPropertyCitation.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCitation/MSFT_SCFilePlanPropertyCitation.schema.mof index ca93e7a793..d7c6be3d91 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCitation/MSFT_SCFilePlanPropertyCitation.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyCitation/MSFT_SCFilePlanPropertyCitation.schema.mof @@ -11,4 +11,5 @@ class MSFT_SCFilePlanPropertyCitation : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyDepartment/MSFT_SCFilePlanPropertyDepartment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyDepartment/MSFT_SCFilePlanPropertyDepartment.psm1 index 34ac454972..0ab98960c3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyDepartment/MSFT_SCFilePlanPropertyDepartment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyDepartment/MSFT_SCFilePlanPropertyDepartment.psm1 @@ -35,7 +35,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCFilePlanPropertyDepartment for $Name" @@ -88,6 +92,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -142,7 +147,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCFilePlanPropertyDepartment for $Name" @@ -178,6 +187,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-FilePlanPropertyDepartment @CreationParams } @@ -245,7 +255,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -266,16 +280,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -314,7 +318,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyDepartment/MSFT_SCFilePlanPropertyDepartment.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyDepartment/MSFT_SCFilePlanPropertyDepartment.schema.mof index 1612620c43..7e696bb12d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyDepartment/MSFT_SCFilePlanPropertyDepartment.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyDepartment/MSFT_SCFilePlanPropertyDepartment.schema.mof @@ -9,4 +9,5 @@ class MSFT_SCFilePlanPropertyDepartment : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyReferenceId/MSFT_SCFilePlanPropertyReferenceId.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyReferenceId/MSFT_SCFilePlanPropertyReferenceId.psm1 index bcde33b0ff..69ce25befd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyReferenceId/MSFT_SCFilePlanPropertyReferenceId.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyReferenceId/MSFT_SCFilePlanPropertyReferenceId.psm1 @@ -35,7 +35,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCFilePlanPropertyReferenceId for $Name" @@ -88,6 +92,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -142,7 +147,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCFilePlanPropertyReferenceId for $Name" @@ -178,6 +187,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-FilePlanPropertyReferenceId @CreationParams } @@ -245,7 +255,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -266,16 +280,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -314,7 +318,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyReferenceId/MSFT_SCFilePlanPropertyReferenceId.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyReferenceId/MSFT_SCFilePlanPropertyReferenceId.schema.mof index 875e61ee2b..0c3e53fc80 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyReferenceId/MSFT_SCFilePlanPropertyReferenceId.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertyReferenceId/MSFT_SCFilePlanPropertyReferenceId.schema.mof @@ -9,4 +9,5 @@ class MSFT_SCFilePlanPropertyReferenceId : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertySubCategory/MSFT_SCFilePlanPropertySubCategory.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertySubCategory/MSFT_SCFilePlanPropertySubCategory.psm1 index 651e16b9ab..716cb49d57 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertySubCategory/MSFT_SCFilePlanPropertySubCategory.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertySubCategory/MSFT_SCFilePlanPropertySubCategory.psm1 @@ -39,7 +39,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCFilePlanPropertySubCategory for $Name" @@ -103,6 +107,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -161,7 +166,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SCFilePlanPropertySubCategory for $Name" @@ -199,6 +208,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-FilePlanPropertySubCategory @CreationParams } @@ -271,7 +281,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. @@ -293,16 +307,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -341,7 +345,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertySubCategory/MSFT_SCFilePlanPropertySubCategory.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertySubCategory/MSFT_SCFilePlanPropertySubCategory.schema.mof index 3b78b1d9c3..e3dcf83a84 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertySubCategory/MSFT_SCFilePlanPropertySubCategory.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCFilePlanPropertySubCategory/MSFT_SCFilePlanPropertySubCategory.schema.mof @@ -10,4 +10,5 @@ class MSFT_SCFilePlanPropertySubCategory : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCLabelPolicy/MSFT_SCLabelPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCLabelPolicy/MSFT_SCLabelPolicy.psm1 index e773c24d7b..e83356729a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCLabelPolicy/MSFT_SCLabelPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCLabelPolicy/MSFT_SCLabelPolicy.psm1 @@ -103,7 +103,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of Sensitivity Label Policy for $Name" @@ -190,6 +194,7 @@ function Get-TargetResource ExchangeLocationException = Convert-ArrayList -CurrentProperty $policy.ExchangeLocationException ModernGroupLocation = Convert-ArrayList -CurrentProperty $policy.ModernGroupLocation ModernGroupLocationException = Convert-ArrayList -CurrentProperty $policy.ModernGroupLocationException + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -312,7 +317,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of Sensitivity label policy for $Name" @@ -389,6 +398,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null try { @@ -432,6 +442,7 @@ function Set-TargetResource $SetParams.Remove('CertificateThumbprint') | Out-Null $SetParams.Remove('ManagedIdentity') | Out-Null $SetParams.Remove('ApplicationSecret') | Out-Null + $SetParams.Remove('AccessTokens') | Out-Null Set-LabelPolicy @SetParams -Identity $Name } @@ -503,6 +514,7 @@ function Set-TargetResource $SetParams.Remove('CertificateThumbprint') | Out-Null $SetParams.Remove('ManagedIdentity') | Out-Null $SetParams.Remove('ApplicationSecret') | Out-Null + $SetParams.Remove('AccessTokens') | Out-Null try { @@ -634,7 +646,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -663,16 +679,6 @@ function Test-TargetResource $ValuesToCheck.Remove('RemoveModernGroupLocation') | Out-Null $ValuesToCheck.Remove('RemoveModernGroupLocationException') | Out-Null - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - if ($null -ne $AdvancedSettings) { $TestAdvancedSettings = Test-AdvancedSettings -DesiredProperty $AdvancedSettings -CurrentProperty $CurrentValues.AdvancedSettings @@ -803,7 +809,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCLabelPolicy/MSFT_SCLabelPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCLabelPolicy/MSFT_SCLabelPolicy.schema.mof index f89e820d1c..364f5c6bd8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCLabelPolicy/MSFT_SCLabelPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCLabelPolicy/MSFT_SCLabelPolicy.schema.mof @@ -33,4 +33,5 @@ class MSFT_SCLabelPolicy : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.psm1 index c2728a4451..9eb104a4a2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.psm1 @@ -132,7 +132,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SCProtectionAlert for $Name" @@ -207,6 +211,7 @@ function Get-TargetResource Threshold = $AlertObject.Threshold TimeWindow = $AlertObject.TimeWindow VolumeThreshold = $AlertObject.VolumeThreshold + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" return $result @@ -358,7 +363,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) @@ -393,6 +402,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null if (('Present' -eq $Ensure) -and ('Absent' -eq $CurrentAlert.Ensure)) { @@ -552,7 +562,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -573,16 +587,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -621,7 +625,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.schema.mof index 8552ed7615..78ff9974fc 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.schema.mof @@ -32,5 +32,5 @@ class MSFT_SCProtectionAlert : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; - diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.psm1 index 0a4922a2ac..f0ffb4061e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.psm1 @@ -111,7 +111,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of RetentionCompliancePolicy for $Name" @@ -172,6 +176,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } if ($PolicyObject.TeamsChannelLocation.Count -gt 0) @@ -217,6 +222,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } if ($PolicyObject.DynamicScopeLocation.Count -gt 0) @@ -398,7 +404,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) if ($null -eq $SharePointLocation -and $null -eq $ExchangeLocation -and $null -eq $OneDriveLocation -and ` @@ -454,6 +464,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null if ($CurrentPolicy.Ensure -eq 'Present') { @@ -971,7 +982,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -994,16 +1009,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -1042,7 +1047,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.schema.mof index ff8fec0e18..20c44c2678 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionCompliancePolicy/MSFT_SCRetentionCompliancePolicy.schema.mof @@ -28,4 +28,5 @@ class MSFT_SCRetentionCompliancePolicy : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionComplianceRule/MSFT_SCRetentionComplianceRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionComplianceRule/MSFT_SCRetentionComplianceRule.psm1 index f04c0d9b71..9952853061 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionComplianceRule/MSFT_SCRetentionComplianceRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionComplianceRule/MSFT_SCRetentionComplianceRule.psm1 @@ -70,7 +70,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of RetentionComplianceRule for $Name" @@ -135,6 +139,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } if (-not $associatedPolicy.TeamsPolicy) { @@ -230,7 +235,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of RetentionComplianceRule for $Name" @@ -266,6 +275,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null Write-Verbose -Message 'Checking to see if the policy is a Teams based one.' $RuleObject = Get-RetentionComplianceRule -Identity $Name ` @@ -325,6 +335,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null Write-Verbose -Message 'Checking to see if the policy is a Teams based one.' $RuleObject = Get-RetentionComplianceRule -Identity $Name ` @@ -470,7 +481,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -491,16 +506,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -539,7 +544,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionComplianceRule/MSFT_SCRetentionComplianceRule.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionComplianceRule/MSFT_SCRetentionComplianceRule.schema.mof index 00128c7e27..6fb89c9722 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionComplianceRule/MSFT_SCRetentionComplianceRule.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionComplianceRule/MSFT_SCRetentionComplianceRule.schema.mof @@ -17,4 +17,5 @@ class MSFT_SCRetentionComplianceRule : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionEventType/MSFT_SCRetentionEventType.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionEventType/MSFT_SCRetentionEventType.psm1 index a567470820..4cc0b7c53f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionEventType/MSFT_SCRetentionEventType.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionEventType/MSFT_SCRetentionEventType.psm1 @@ -39,7 +39,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of Retention Event Type for $Name" @@ -93,6 +97,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword Ensure = 'Present' + AccessTokens = $AccessTokens } Write-Verbose -Message "Found RetentionComplianceEventType $($Name)" @@ -152,7 +157,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of RetentionComplianceEventType for $Name" @@ -188,6 +197,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-ComplianceRetentionEventType @CreationParams } @@ -207,6 +217,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null Set-ComplianceRetentionEventType @CreationParams } @@ -259,7 +270,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -280,16 +295,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -328,7 +333,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionEventType/MSFT_SCRetentionEventType.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionEventType/MSFT_SCRetentionEventType.schema.mof index b710420a62..662bbee635 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionEventType/MSFT_SCRetentionEventType.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRetentionEventType/MSFT_SCRetentionEventType.schema.mof @@ -10,4 +10,5 @@ class MSFT_SCRetentionEventType : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.psm1 index 284d26b1ae..a3c39864b1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.psm1 @@ -48,7 +48,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting Role Group configuration for $Name" @@ -101,6 +105,7 @@ function Get-TargetResource CertificatePassword = $CertificatePassword Managedidentity = $ManagedIdentity.IsPresent TenantId = $TenantId + AccessTokens = $AccessTokens } Write-Verbose -Message "Found Role Group $($Name)" @@ -168,7 +173,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting Role Group configuration for $Name" @@ -270,7 +279,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -292,13 +305,6 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -342,7 +348,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters @@ -389,6 +399,7 @@ function Export-TargetResource CertificatePassword = $CertificatePassword Managedidentity = $ManagedIdentity.IsPresent CertificatePath = $CertificatePath + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.schema.mof index 77527cbec7..9348360605 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroup/MSFT_SCRoleGroup.schema.mof @@ -12,4 +12,5 @@ class MSFT_SCRoleGroup : OMI_BaseResource [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.psm1 index 7ac0804e19..b66ec192fb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.psm1 @@ -44,7 +44,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting Role Group configuration for $Name" @@ -108,6 +112,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword TenantId = $TenantId + AccessTokens = $AccessTokens } Write-Verbose -Message "Found Role Group $($Name)" @@ -171,7 +176,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting Role Group configuration for $Name" @@ -269,7 +278,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -291,12 +304,6 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -336,7 +343,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` @@ -385,6 +396,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePassword = $CertificatePassword CertificatePath = $CertificatePath + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.schema.mof index 8c149af37c..b1e0ea0a39 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCRoleGroupMember/MSFT_SCRoleGroupMember.schema.mof @@ -11,4 +11,5 @@ class MSFT_SCRoleGroupMember : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.psm1 index 1e87cf5340..6a2447f0fd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.psm1 @@ -71,7 +71,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of Security Filter for $FilterName" @@ -121,7 +125,7 @@ function Get-TargetResource else { Write-Verbose "Found existing Security Filter $($FilterName)" - $result = MapSecurityFilter $secFilter $Credential $ApplicationId $TenantId $CertificateThumbprint $CertificatePath $CertificatePassword + $result = Get-M365DSCSCMapSecurityFilter $secFilter $Credential $ApplicationId $TenantId $CertificateThumbprint $CertificatePath $CertificatePassword Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" return $result @@ -139,7 +143,7 @@ function Get-TargetResource } } -function MapSecurityFilter +function Get-M365DSCSCMapSecurityFilter { param( [Parameter(Mandatory = $true)] @@ -261,7 +265,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of Security Filter for $FilterName" @@ -301,6 +309,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null try { @@ -329,6 +338,7 @@ function Set-TargetResource $SetParams.Remove('CertificateThumbprint') | Out-Null $SetParams.Remove('ManagedIdentity') | Out-Null $SetParams.Remove('ApplicationSecret') | Out-Null + $SetParams.Remove('AccessTokens') | Out-Null try { @@ -428,7 +438,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -447,16 +461,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" @@ -497,7 +501,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` @@ -536,7 +544,7 @@ function Export-TargetResource # $GetParams = ([Hashtable]$PSBoundParameters).Clone() # $GetParams.Add("FilterName", $filter.FilterName) # $Results = Get-TargetResource @GetParams - $Results = MapSecurityFilter -Filter $filter -Credential $Credential -ApplicationId $ApplicationId ` + $Results = Get-M365DSCSCMapSecurityFilter -Filter $filter -Credential $Credential -ApplicationId $ApplicationId ` -TenantId $TenantId -CertificateThumbprint $CertificateThumbprint -CertificatePath $CertificatePath -CertificatePassword $CertificatePassword $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.schema.mof index 00455b3a46..a019a9a992 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSecurityFilter/MSFT_SCSecurityFilter.schema.mof @@ -14,4 +14,5 @@ class MSFT_SCSecurityFilter : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Specify if this label policy should exist or not."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.psm1 index 92f4d76bc8..345f154e52 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.psm1 @@ -209,7 +209,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of Sensitivity Label for $Name" @@ -495,6 +499,7 @@ function Get-TargetResource SiteAndGroupProtectionBlockAccess = $siteAndGroupBlockAccess SiteAndGroupProtectionEnabled = $siteAndGroupEnabledValue SiteAndGroupExternalSharingControlType = ($protectsite | Where-Object { $_.Key -eq 'externalsharingcontroltype' }).Value + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -723,7 +728,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of Sensitivity label for $Name" @@ -796,6 +805,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null try { @@ -851,6 +861,7 @@ function Set-TargetResource $SetParams.Remove('CertificateThumbprint') | Out-Null $SetParams.Remove('ManagedIdentity') | Out-Null $SetParams.Remove('ApplicationSecret') | Out-Null + $SetParams.Remove('AccessTokens') | Out-Null try { @@ -1089,7 +1100,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -1113,15 +1128,6 @@ function Test-TargetResource $ValuesToCheck.Remove('AdvancedSettings') | Out-Null $ValuesToCheck.Remove('LocaleSettings') | Out-Null - # Remove authentication parameters - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - if ($null -ne $AdvancedSettings -and $null -ne $CurrentValues.AdvancedSettings) { Write-Verbose -Message 'Testing AdvancedSettings' @@ -1179,7 +1185,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.schema.mof index 9d63a91d33..1cedd8011b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSensitivityLabel/MSFT_SCSensitivityLabel.schema.mof @@ -63,4 +63,5 @@ class MSFT_SCSensitivityLabel : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewPolicy/MSFT_SCSupervisoryReviewPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewPolicy/MSFT_SCSupervisoryReviewPolicy.psm1 index de353a4ff4..43d369684d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewPolicy/MSFT_SCSupervisoryReviewPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewPolicy/MSFT_SCSupervisoryReviewPolicy.psm1 @@ -44,7 +44,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SupervisoryReviewPolicy for $Name" @@ -97,6 +101,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } Write-Verbose -Message "Found SupervisoryReviewPolicy $($Name)" @@ -161,7 +166,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SupervisoryReviewPolicy for $Name" @@ -197,6 +206,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-SupervisoryReviewPolicyV2 @CreationParams } @@ -216,6 +226,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null # Reviewers $currentReviewers = $CurrentPolicy.Reviewers @@ -302,7 +313,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -323,16 +338,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -371,7 +376,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewPolicy/MSFT_SCSupervisoryReviewPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewPolicy/MSFT_SCSupervisoryReviewPolicy.schema.mof index 6e6fbfd839..97e7c6279c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewPolicy/MSFT_SCSupervisoryReviewPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewPolicy/MSFT_SCSupervisoryReviewPolicy.schema.mof @@ -11,4 +11,5 @@ class MSFT_SCSupervisoryReviewPolicy : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewRule/MSFT_SCSupervisoryReviewRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewRule/MSFT_SCSupervisoryReviewRule.psm1 index 83159458b3..b2b15fad84 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewRule/MSFT_SCSupervisoryReviewRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewRule/MSFT_SCSupervisoryReviewRule.psm1 @@ -49,7 +49,11 @@ function Get-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SupervisoryReviewRule for $Name" @@ -105,6 +109,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } Write-Verbose -Message "Found SupervisoryReviewRule $($Name)" @@ -174,7 +179,11 @@ function Set-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SupervisoryReviewRule for $Name" @@ -210,6 +219,7 @@ function Set-TargetResource $CreationParams.Remove('CertificateThumbprint') | Out-Null $CreationParams.Remove('ManagedIdentity') | Out-Null $CreationParams.Remove('ApplicationSecret') | Out-Null + $CreationParams.Remove('AccessTokens') | Out-Null New-SupervisoryReviewRule @CreationParams } @@ -277,7 +287,11 @@ function Test-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -298,16 +312,6 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters - # Remove authentication parameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -346,7 +350,11 @@ function Export-TargetResource [Parameter()] [System.Management.Automation.PSCredential] - $CertificatePassword + $CertificatePassword, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'SecurityComplianceCenter' ` -InboundParameters $PSBoundParameters ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewRule/MSFT_SCSupervisoryReviewRule.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewRule/MSFT_SCSupervisoryReviewRule.schema.mof index 37d048e587..43908dd4e1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewRule/MSFT_SCSupervisoryReviewRule.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCSupervisoryReviewRule/MSFT_SCSupervisoryReviewRule.schema.mof @@ -12,4 +12,5 @@ class MSFT_SCSupervisoryReviewRule : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Username can be made up to anything but password will be used for CertificatePassword"), EmbeddedInstance("MSFT_Credential")] String CertificatePassword; [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 index 202a98956e..5a04937b91 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 @@ -85,7 +85,11 @@ function Get-TargetResource [Parameter()] [ValidateSet('AllowFullAccess', 'AllowLimitedAccess', 'BlockAccess', 'ProtectionLevel')] [System.String] - $ConditionalAccessPolicy + $ConditionalAccessPolicy, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message 'Getting configuration of SharePoint Online Access Control Settings' @@ -133,6 +137,7 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent Ensure = 'Present' ConditionalAccessPolicy = $SPOAccessControlSettings.ConditionalAccessPolicy + AccessTokens = $AccessTokens } } catch @@ -238,7 +243,11 @@ function Set-TargetResource [Parameter()] [ValidateSet('AllowFullAccess', 'AllowLimitedAccess', 'BlockAccess', 'ProtectionLevel')] [System.String] - $ConditionalAccessPolicy + $ConditionalAccessPolicy, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message 'Setting configuration of SharePoint Online Access Control Settings' @@ -258,7 +267,6 @@ function Set-TargetResource $ConnectionMode = New-M365DSCConnection -Workload 'PnP' ` -InboundParameters $PSBoundParameters - $CurrentParameters = $PSBoundParameters $CurrentParameters.Remove('Ensure') | Out-Null $CurrentParameters.Remove('Credential') | Out-Null @@ -270,6 +278,7 @@ function Set-TargetResource $CurrentParameters.Remove('CertificateThumbprint') | Out-Null $CurrentParameters.Remove('ManagedIdentity') | Out-Null $CurrentParameters.Remove('ApplicationSecret') | Out-Null + $CurrentParameters.Remove('AccessTokens') | Out-Null if ($IPAddressAllowList -eq '') { @@ -367,7 +376,11 @@ function Test-TargetResource [Parameter()] [ValidateSet('AllowFullAccess', 'AllowLimitedAccess', 'BlockAccess', 'ProtectionLevel')] [System.String] - $ConditionalAccessPolicy + $ConditionalAccessPolicy, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -392,7 +405,6 @@ function Test-TargetResource -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` -ValuesToCheck @('IsSingleInstance', ` - 'Credential', ` 'DisplayStartASiteOption', ` 'StartASiteFormUrl', ` 'IPAddressEnforcement', ` @@ -445,7 +457,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -475,6 +491,7 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential ApplicationSecret = $ApplicationSecret + AccessTokens = $AccessTokens } $dscContent = '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.schema.mof index 0362970f0d..c3ca2476c9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.schema.mof @@ -21,4 +21,5 @@ class MSFT_SPOAccessControlSettings : OMI_BaseResource [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; [Write, Description("Blocks or limits access to SharePoint and OneDrive content from un-managed devices."), ValueMap{"AllowFullAccess","AllowLimitedAccess","BlockAccess","ProtectionLevel"}, Values{"AllowFullAccess","AllowLimitedAccess","BlockAccess","ProtectionLevel"}] string ConditionalAccessPolicy; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOApp/MSFT_SPOApp.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOApp/MSFT_SPOApp.psm1 index fc0191e75b..a964fc495c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOApp/MSFT_SPOApp.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOApp/MSFT_SPOApp.psm1 @@ -55,7 +55,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration for app $Identity" @@ -100,6 +104,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } } catch @@ -172,7 +177,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration for app $Identity" @@ -267,7 +276,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -335,7 +348,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -413,6 +430,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOApp/MSFT_SPOApp.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOApp/MSFT_SPOApp.schema.mof index 7e54b61c9c..bf83c609b7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOApp/MSFT_SPOApp.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOApp/MSFT_SPOApp.schema.mof @@ -14,5 +14,5 @@ class MSFT_SPOApp : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; - diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOBrowserIdleSignout/MSFT_SPOBrowserIdleSignout.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOBrowserIdleSignout/MSFT_SPOBrowserIdleSignout.psm1 index 67a98a11ac..b2403a4a3a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOBrowserIdleSignout/MSFT_SPOBrowserIdleSignout.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOBrowserIdleSignout/MSFT_SPOBrowserIdleSignout.psm1 @@ -53,7 +53,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message 'Getting configuration for SPO Browser Idle Signout settings' @@ -93,6 +97,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } } catch @@ -166,7 +171,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message 'Setting configuration for SPO Browser Idle Signout settings' @@ -197,6 +206,7 @@ function Set-TargetResource $CurrentParameters.Remove('CertificateThumbprint') | Out-Null $CurrentParameters.Remove('ManagedIdentity') | Out-Null $CurrentParameters.Remove('ApplicationSecret') | Out-Null + $CurrentParameters.Remove('AccessTokens') | Out-Null Set-PnPBrowserIdleSignout @CurrentParameters | Out-Null } @@ -255,7 +265,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. @@ -326,7 +340,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -357,6 +375,7 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential ApplicationSecret = $ApplicationSecret + AccessTokens = $AccessTokens } $dscContent = '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOBrowserIdleSignout/MSFT_SPOBrowserIdleSignout.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOBrowserIdleSignout/MSFT_SPOBrowserIdleSignout.schema.mof index 0a5f193f66..6228b0ace7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOBrowserIdleSignout/MSFT_SPOBrowserIdleSignout.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOBrowserIdleSignout/MSFT_SPOBrowserIdleSignout.schema.mof @@ -13,4 +13,5 @@ class MSFT_SPOBrowserIdleSignout : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHomeSite/MSFT_SPOHomeSite.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHomeSite/MSFT_SPOHomeSite.psm1 index ff0a2a3058..1b1feee0aa 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHomeSite/MSFT_SPOHomeSite.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHomeSite/MSFT_SPOHomeSite.psm1 @@ -48,7 +48,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration for hub site collection $Url" @@ -93,6 +97,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return $result } @@ -158,7 +163,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. @@ -256,7 +265,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -329,7 +342,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -359,6 +376,7 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential ApplicationSecret = $ApplicationSecret + AccessTokens = $AccessTokens } $dscContent = '' $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHomeSite/MSFT_SPOHomeSite.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHomeSite/MSFT_SPOHomeSite.schema.mof index 78971afea3..5d97e0b6de 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHomeSite/MSFT_SPOHomeSite.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHomeSite/MSFT_SPOHomeSite.schema.mof @@ -12,5 +12,5 @@ class MSFT_SPOHomeSite : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; - diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHubSite/MSFT_SPOHubSite.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHubSite/MSFT_SPOHubSite.psm1 index 4ed0e7c9f1..f6ee6e089a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHubSite/MSFT_SPOHubSite.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHubSite/MSFT_SPOHubSite.psm1 @@ -67,7 +67,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration for hub site collection $Url" @@ -159,6 +163,7 @@ function Get-TargetResource ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return $result } @@ -243,7 +248,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration for hub site collection $Url" @@ -516,7 +525,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -590,7 +603,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -653,6 +670,7 @@ function Export-TargetResource CertificatePassword = $CertificatePassword CertificatePath = $CertificatePath ApplicationSecret = $ApplicationSecret + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHubSite/MSFT_SPOHubSite.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHubSite/MSFT_SPOHubSite.schema.mof index 5186fced42..4e444f5d70 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHubSite/MSFT_SPOHubSite.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHubSite/MSFT_SPOHubSite.schema.mof @@ -17,5 +17,5 @@ class MSFT_SPOHubSite : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; - diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOOrgAssetsLibrary/MSFT_SPOOrgAssetsLibrary.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOOrgAssetsLibrary/MSFT_SPOOrgAssetsLibrary.psm1 index eca36b378e..d0fe9461a0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOOrgAssetsLibrary/MSFT_SPOOrgAssetsLibrary.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOOrgAssetsLibrary/MSFT_SPOOrgAssetsLibrary.psm1 @@ -52,7 +52,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message 'Getting configuration of SPO Org Assets Library' @@ -146,6 +150,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" return $result @@ -221,7 +226,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message 'Setting configuration of SharePoint Org Site Assets' @@ -249,6 +258,7 @@ function Set-TargetResource $CurrentParameters.Remove('CertificateThumbprint') | Out-Null $CurrentParameters.Remove('ManagedIdentity') | Out-Null $CurrentParameters.Remove('ApplicationSecret') | Out-Null + $currentParameters.Remove('AccessTokens') | Out-Null $cdn = $null if ($CdnType -eq 'Public') @@ -361,7 +371,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -382,14 +396,6 @@ function Test-TargetResource Write-Verbose -Message "Target Values: `n $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -437,7 +443,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -484,6 +494,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent ApplicationSecret = $ApplicationSecret + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOOrgAssetsLibrary/MSFT_SPOOrgAssetsLibrary.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOOrgAssetsLibrary/MSFT_SPOOrgAssetsLibrary.schema.mof index 91dbed700c..75e2045352 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOOrgAssetsLibrary/MSFT_SPOOrgAssetsLibrary.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOOrgAssetsLibrary/MSFT_SPOOrgAssetsLibrary.schema.mof @@ -13,4 +13,5 @@ class MSFT_SPOOrgAssetsLibrary : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOPropertyBag/MSFT_SPOPropertyBag.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOPropertyBag/MSFT_SPOPropertyBag.psm1 index e43620e5fb..8f34692080 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOPropertyBag/MSFT_SPOPropertyBag.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOPropertyBag/MSFT_SPOPropertyBag.psm1 @@ -51,7 +51,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration of SPOPropertyBag for $Key" @@ -133,6 +137,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -203,7 +208,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration of SPOPropertyBag property for $Key at {$Url}" @@ -293,7 +302,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -360,7 +373,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -435,6 +452,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOPropertyBag/MSFT_SPOPropertyBag.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOPropertyBag/MSFT_SPOPropertyBag.schema.mof index facf5b247e..f8cfed524f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOPropertyBag/MSFT_SPOPropertyBag.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOPropertyBag/MSFT_SPOPropertyBag.schema.mof @@ -13,4 +13,5 @@ class MSFT_SPOPropertyBag : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchManagedProperty/MSFT_SPOSearchManagedProperty.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchManagedProperty/MSFT_SPOSearchManagedProperty.psm1 index e5ca05b501..b2de504e87 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchManagedProperty/MSFT_SPOSearchManagedProperty.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchManagedProperty/MSFT_SPOSearchManagedProperty.psm1 @@ -118,7 +118,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration for Managed Property instance $Name" @@ -224,6 +228,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Ensure = 'Present' + AccessTokens = $AccessTokens } } catch @@ -357,7 +362,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. @@ -821,7 +830,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -842,14 +855,7 @@ function Test-TargetResource Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -896,7 +902,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -944,6 +954,7 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchManagedProperty/MSFT_SPOSearchManagedProperty.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchManagedProperty/MSFT_SPOSearchManagedProperty.schema.mof index b3803bf400..beae68d52e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchManagedProperty/MSFT_SPOSearchManagedProperty.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchManagedProperty/MSFT_SPOSearchManagedProperty.schema.mof @@ -29,4 +29,5 @@ class MSFT_SPOSearchManagedProperty : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchResultSource/MSFT_SPOSearchResultSource.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchResultSource/MSFT_SPOSearchResultSource.psm1 index e41404458a..ed86dc5028 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchResultSource/MSFT_SPOSearchResultSource.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchResultSource/MSFT_SPOSearchResultSource.psm1 @@ -106,7 +106,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration for Result Source instance $Name" @@ -175,6 +179,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Ensure = 'Present' + AccessTokens = $AccessTokens } if ($null -ne $allowPartial) @@ -270,7 +275,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration for Result Source instance $Name" @@ -509,7 +518,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -575,7 +588,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -626,6 +643,7 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent CertificatePath = $CertificatePath CertificatePassword = $CertificatePassword + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchResultSource/MSFT_SPOSearchResultSource.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchResultSource/MSFT_SPOSearchResultSource.schema.mof index 0c0b4cfdf7..c718a9a8af 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchResultSource/MSFT_SPOSearchResultSource.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSearchResultSource/MSFT_SPOSearchResultSource.schema.mof @@ -18,4 +18,5 @@ class MSFT_SPOSearchResultSource : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.psm1 index b8c873870f..02b200bc3d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.psm1 @@ -143,7 +143,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message 'Getting configuration for SPO Sharing settings' @@ -168,7 +172,7 @@ function Get-TargetResource try { $SPOSharingSettings = Get-PnPTenant -ErrorAction Stop - $MySite = Get-PnPTenantSite | Where-Object { $_.Url -match '-my.sharepoint.com/' -and $_.Template -notmatch '^RedirectSite#' } + $MySite = Get-PnPTenantSite | Where-Object { $_.Url -match '-my.sharepoint.' -and $_.Template -notmatch '^RedirectSite#' } if ($null -ne $MySite) { @@ -226,6 +230,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Ensure = 'Present' + AccessTokens = $AccessTokens } if (-not [System.String]::IsNullOrEmpty($MySiteSharingCapability)) @@ -395,7 +400,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message 'Setting configuration for SPO Sharing settings' @@ -427,6 +436,8 @@ function Set-TargetResource $CurrentParameters.Remove('CertificateThumbprint') | Out-Null $CurrentParameters.Remove('ManagedIdentity') | Out-Null $CurrentParameters.Remove('ApplicationSecret') | Out-Null + $CurrentParameters.Remove('AccessTokens') | Out-Null + [bool]$SetMySharingCapability = $false if ($null -ne $CurrentParameters['MySiteSharingCapability']) { @@ -669,7 +680,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. @@ -700,6 +715,7 @@ function Test-TargetResource $ValuesToCheck.Remove('CertificatePassword') | Out-Null $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null $ValuesToCheck.Remove('ManagedIdentity') | Out-Null + $ValuesToCheck.Remove('AccessTokens') | Out-Null if ($DefaultLinkPermission -eq 'None') { @@ -707,6 +723,59 @@ function Test-TargetResource $ValuesToCheck['DefaultLinkPermission'] = 'Edit' } + if ($null -eq $SharingAllowedDomainList -and $null -eq $SharingBlockedDomainList -and + ($null -ne $RequireAcceptingAccountMatchInvitedAccount -and $RequireAcceptingAccountMatchInvitedAccount -eq $false)) + { + Write-Warning -Message 'If SharingAllowedDomainList / SharingBlockedDomainList are set to null RequireAcceptingAccountMatchInvitedAccount must be set to True ' + $ValuesToCheck.Remove('RequireAcceptingAccountMatchInvitedAccount') | Out-Null + } + + if ($null -eq $SignInAccelerationDomain) + { + $ValuesToCheck.Remove('SignInAccelerationDomain') | Out-Null + $ValuesToCheck.Remove('EnableGuestSignInAcceleration') | Out-Null #removing EnableGuestSignInAcceleration since it can only be configured with a configured SignINAccerlation domain + } + if ($SharingCapability -ne 'ExternalUserAndGuestSharing') + { + Write-Warning -Message 'The sharing capabilities for the tenant are not configured to be ExternalUserAndGuestSharing for that the RequireAnonymousLinksExpireInDays property cannot be configured' + $ValuesToCheck.Remove('RequireAnonymousLinksExpireInDays') | Out-Null + } + if ($ExternalUserExpireInDays -and $ExternalUserExpirationRequired -eq $false) + { + Write-Warning -Message 'ExternalUserExpirationRequired is set to be false. For that the ExternalUserExpireInDays property cannot be configured' + $ValuesToCheck.Remove('ExternalUserExpireInDays') | Out-Null + } + if ($RequireAcceptingAccountMatchInvitedAccount -eq $false) + { + Write-Warning -Message 'RequireAcceptingAccountMatchInvitedAccount is set to be false. For that SharingAllowedDomainList / SharingBlockedDomainList cannot be configured' + $ValuesToCheck.Remove('SharingAllowedDomainList') | Out-Null + $ValuesToCheck.Remove('SharingBlockedDomainList') | Out-Null + } + + if ($SharingCapability -ne 'ExternalUserAndGuestSharing' -and ($null -ne $FileAnonymousLinkType -or $null -ne $FolderAnonymousLinkType)) + { + Write-Warning -Message 'If anonymous file or folder links are set, SharingCapability must be set to ExternalUserAndGuestSharing ' + $ValuesToCheck.Remove('FolderAnonymousLinkType') | Out-Null + $ValuesToCheck.Remove('FileAnonymousLinkType') | Out-Null + } + + if ($SharingDomainRestrictionMode -eq 'None') + { + Write-Warning -Message 'SharingDomainRestrictionMode is set to None. For that SharingAllowedDomainList / SharingBlockedDomainList cannot be configured' + $ValuesToCheck.Remove('SharingAllowedDomainList') | Out-Null + $ValuesToCheck.Remove('SharingBlockedDomainList') | Out-Null + } + elseif ($SharingDomainRestrictionMode -eq 'AllowList') + { + Write-Verbose -Message 'SharingDomainRestrictionMode is set to AllowList. For that SharingBlockedDomainList cannot be configured' + $ValuesToCheck.Remove('SharingBlockedDomainList') | Out-Null + } + elseif ($SharingDomainRestrictionMode -eq 'BlockList') + { + Write-Warning -Message 'SharingDomainRestrictionMode is set to BlockList. For that SharingAllowedDomainList cannot be configured' + $ValuesToCheck.Remove('SharingAllowedDomainList') | Out-Null + } + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` @@ -753,7 +822,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -783,6 +856,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.schema.mof index e463b0b177..add4742012 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSharingSettings/MSFT_SPOSharingSettings.schema.mof @@ -34,4 +34,5 @@ class MSFT_SPOSharingSettings : OMI_BaseResource [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; [Write, Description("Enable Guest access to a site or Onedrive to expire after")] boolean ExternalUserExpirationRequired; [Write, Description("Specifies Number of days for Guest Access links to expire.")] uint32 ExternalUserExpireInDays; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSite/MSFT_SPOSite.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSite/MSFT_SPOSite.psm1 index f1a44d4b0e..a4275aaeb0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSite/MSFT_SPOSite.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSite/MSFT_SPOSite.psm1 @@ -150,7 +150,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'PnP' ` -InboundParameters $PSBoundParameters @@ -259,6 +263,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } } catch @@ -424,7 +429,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration for site collection $Url" @@ -812,7 +821,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -830,14 +843,6 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = $PSBoundParameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -888,7 +893,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -952,6 +961,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } try diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSite/MSFT_SPOSite.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSite/MSFT_SPOSite.schema.mof index 05c276931f..d2955b9b57 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSite/MSFT_SPOSite.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSite/MSFT_SPOSite.schema.mof @@ -36,4 +36,5 @@ class MSFT_SPOSite : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteAuditSettings/MSFT_SPOSiteAuditSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteAuditSettings/MSFT_SPOSiteAuditSettings.psm1 index f62df060d8..0a331f4f69 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteAuditSettings/MSFT_SPOSiteAuditSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteAuditSettings/MSFT_SPOSiteAuditSettings.psm1 @@ -42,7 +42,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting SPOSiteAuditSettings for {$Url}" @@ -85,6 +89,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } } catch @@ -147,7 +152,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting Audit settings for {$Url}" @@ -223,7 +232,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -289,7 +302,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -348,6 +365,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteAuditSettings/MSFT_SPOSiteAuditSettings.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteAuditSettings/MSFT_SPOSiteAuditSettings.schema.mof index d5e0a98bb3..2b6e4a206e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteAuditSettings/MSFT_SPOSiteAuditSettings.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteAuditSettings/MSFT_SPOSiteAuditSettings.schema.mof @@ -11,4 +11,5 @@ class MSFT_SPOSiteAuditSettings : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesign/MSFT_SPOSiteDesign.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesign/MSFT_SPOSiteDesign.psm1 index 82c64b5ca1..b3a5b989d7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesign/MSFT_SPOSiteDesign.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesign/MSFT_SPOSiteDesign.psm1 @@ -72,7 +72,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration for SPO SiteDesign for $Title" @@ -148,6 +152,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } } catch @@ -235,7 +240,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration for SPO SiteDesign for $Title" @@ -276,6 +285,7 @@ function Set-TargetResource $CurrentParameters.Remove('CertificateThumbprint') | Out-Null $CurrentParameters.Remove('ManagedIdentity') | Out-Null $CurrentParameters.Remove('ApplicationSecret') | Out-Null + $CurrentParameters.Remove('AccessTokens') | Out-Null $CurrentParameters.Add('SiteScriptIds', $scriptIds) if ($curSiteDesign.Ensure -eq 'Absent' -and 'Present' -eq $Ensure ) @@ -378,7 +388,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -399,14 +413,6 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -454,7 +460,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -501,6 +511,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesign/MSFT_SPOSiteDesign.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesign/MSFT_SPOSiteDesign.schema.mof index c3af27fb98..1d29225804 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesign/MSFT_SPOSiteDesign.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesign/MSFT_SPOSiteDesign.schema.mof @@ -18,5 +18,5 @@ class MSFT_SPOSiteDesign : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; - diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesignRights/MSFT_SPOSiteDesignRights.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesignRights/MSFT_SPOSiteDesignRights.psm1 index 1827611002..8ca9e99049 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesignRights/MSFT_SPOSiteDesignRights.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesignRights/MSFT_SPOSiteDesignRights.psm1 @@ -52,7 +52,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration for SPO SiteDesignRights for $SiteDesignTitle" @@ -116,6 +120,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } } catch @@ -183,7 +188,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. @@ -311,7 +320,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -380,7 +393,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -427,6 +444,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params if ($Results.Ensure -eq 'Present') @@ -454,6 +472,8 @@ function Export-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Credential = $Credential + ManagedIdentity = $ManagedIdentity + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params if ($Results.Ensure -eq 'Present') diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesignRights/MSFT_SPOSiteDesignRights.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesignRights/MSFT_SPOSiteDesignRights.schema.mof index 2c6981d890..e97593e531 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesignRights/MSFT_SPOSiteDesignRights.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteDesignRights/MSFT_SPOSiteDesignRights.schema.mof @@ -13,4 +13,5 @@ class MSFT_SPOSiteDesignRights : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteGroup/MSFT_SPOSiteGroup.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteGroup/MSFT_SPOSiteGroup.psm1 index 200c2d67c6..99f462d824 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteGroup/MSFT_SPOSiteGroup.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteGroup/MSFT_SPOSiteGroup.psm1 @@ -54,7 +54,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting SPOSiteGroups for {$Url}" @@ -145,6 +149,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } } catch @@ -214,7 +219,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting SPOSiteGroups for {$Url}" @@ -389,7 +398,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -410,14 +423,6 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters - $ValuesToCheck.Remove('Credential') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -465,7 +470,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -550,6 +559,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } try { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteGroup/MSFT_SPOSiteGroup.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteGroup/MSFT_SPOSiteGroup.schema.mof index 3843319d7d..319411b258 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteGroup/MSFT_SPOSiteGroup.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteGroup/MSFT_SPOSiteGroup.schema.mof @@ -14,5 +14,5 @@ class MSFT_SPOSiteGroup : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; - diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteScript/MSFT_SPOSiteScript.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteScript/MSFT_SPOSiteScript.psm1 index b4c814480d..63e1b90f2f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteScript/MSFT_SPOSiteScript.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteScript/MSFT_SPOSiteScript.psm1 @@ -55,7 +55,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) $ConnectionMode = New-M365DSCConnection -Workload 'PnP' ` -InboundParameters $PSBoundParameters @@ -118,6 +122,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } } catch @@ -188,7 +193,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting Site Script: $Title" @@ -369,7 +378,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -437,7 +450,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -484,6 +501,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteScript/MSFT_SPOSiteScript.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteScript/MSFT_SPOSiteScript.schema.mof index 4d97b021d3..2717f4b6a5 100644 Binary files a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteScript/MSFT_SPOSiteScript.schema.mof and b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOSiteScript/MSFT_SPOSiteScript.schema.mof differ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOStorageEntity/MSFT_SPOStorageEntity.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOStorageEntity/MSFT_SPOStorageEntity.psm1 index 9b96047666..deb27c2ff1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOStorageEntity/MSFT_SPOStorageEntity.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOStorageEntity/MSFT_SPOStorageEntity.psm1 @@ -64,14 +64,17 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration for SPO Storage Entity for $Key" $ConnectionMode = New-M365DSCConnection -Workload 'PNP' -InboundParameters $PSBoundParameters ` -Url $SiteUrl - #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -125,6 +128,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } } catch @@ -204,7 +208,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration for SPO Storage Entity for $Key" @@ -238,6 +246,7 @@ function Set-TargetResource $CurrentParameters.Remove('CertificateThumbprint') | Out-Null $CurrentParameters.Remove('ManagedIdentity') | Out-Null $CurrentParameters.Remove('ApplicationSecret') | Out-Null + $CurrentParameters.Remove('AccessTokens') | Out-Null $CurrentParameters.Add('Scope', $EntityScope) if (($Ensure -eq 'Absent' -and $curStorageEntry.Ensure -eq 'Present')) @@ -329,7 +338,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -402,7 +415,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -466,6 +483,7 @@ function Export-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } Write-Host " |---[$i/$($storageEntities.Length)] $($storageEntity.Key)" -NoNewline $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOStorageEntity/MSFT_SPOStorageEntity.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOStorageEntity/MSFT_SPOStorageEntity.schema.mof index 3a8dbf5520..27c2a6fcd1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOStorageEntity/MSFT_SPOStorageEntity.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOStorageEntity/MSFT_SPOStorageEntity.schema.mof @@ -16,4 +16,5 @@ class MSFT_SPOStorageEntity : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnEnabled/MSFT_SPOTenantCdnEnabled.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnEnabled/MSFT_SPOTenantCdnEnabled.psm1 index c6160b7a06..b42dde81ec 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnEnabled/MSFT_SPOTenantCdnEnabled.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnEnabled/MSFT_SPOTenantCdnEnabled.psm1 @@ -48,7 +48,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -87,6 +91,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } return $result } @@ -157,7 +162,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message 'Setting configuration of SPO Cdn enabled' @@ -185,6 +194,7 @@ function Set-TargetResource $CurrentParameters.Remove('CertificateThumbprint') | Out-Null $CurrentParameters.Remove('ManagedIdentity') | Out-Null $CurrentParameters.Remove('ApplicationSecret') | Out-Null + $CurrentParameters.Remove('AccessTokens') | Out-Null #No add only a set Set-PnPTenantCdnEnabled @currentParameters @@ -240,7 +250,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -310,7 +324,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -348,6 +366,7 @@ function Export-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnEnabled/MSFT_SPOTenantCdnEnabled.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnEnabled/MSFT_SPOTenantCdnEnabled.schema.mof index 80be95f4dc..a8af2e38e3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnEnabled/MSFT_SPOTenantCdnEnabled.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnEnabled/MSFT_SPOTenantCdnEnabled.schema.mof @@ -12,5 +12,5 @@ class MSFT_SPOTenantCdnEnabled : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; - diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnPolicy/MSFT_SPOTenantCdnPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnPolicy/MSFT_SPOTenantCdnPolicy.psm1 index 0c112334ac..759fc9b663 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnPolicy/MSFT_SPOTenantCdnPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnPolicy/MSFT_SPOTenantCdnPolicy.psm1 @@ -47,7 +47,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration for SPOTenantCdnPolicy {$CDNType}" @@ -104,6 +108,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } } catch @@ -166,7 +171,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration for SPOTenantCDNPolicy {$CDNType}" @@ -262,7 +271,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -331,7 +344,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -361,6 +378,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } $dscContent = '' diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnPolicy/MSFT_SPOTenantCdnPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnPolicy/MSFT_SPOTenantCdnPolicy.schema.mof index 37677cafa4..657665a430 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnPolicy/MSFT_SPOTenantCdnPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantCdnPolicy/MSFT_SPOTenantCdnPolicy.schema.mof @@ -12,4 +12,5 @@ class MSFT_SPOTenantCDNPolicy : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 index 10eac93fd8..41d497ec48 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 @@ -141,7 +141,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message 'Getting configuration for SPO Tenant' @@ -210,6 +214,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Ensure = 'Present' + AccessTokens = $AccessTokens } } catch @@ -367,7 +372,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message 'Setting configuration for SPO Tenant' @@ -389,7 +398,7 @@ function Set-TargetResource { $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' -InboundParameters $PSBoundParameters } - + $CurrentParameters = $PSBoundParameters $CurrentParameters.Remove('Credential') | Out-Null $CurrentParameters.Remove('IsSingleInstance') | Out-Null @@ -401,6 +410,7 @@ function Set-TargetResource $CurrentParameters.Remove('CertificateThumbprint') | Out-Null $CurrentParameters.Remove('ManagedIdentity') | Out-Null $CurrentParameters.Remove('ApplicationSecret') | Out-Null + $CurrentParameters.Remove('AccessTokens') | Out-Null $CurrentParameters.Remove('TenantDefaultTimezone') | Out-Null # this one is updated separately using Graph @@ -556,7 +566,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -644,7 +658,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -676,6 +694,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof index fd7d305c24..45d9efdd69 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof @@ -34,4 +34,5 @@ class MSFT_SPOTenantSettings : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.psm1 index 079466f201..e0166e00ee 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.psm1 @@ -51,7 +51,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting configuration for SPO Theme $Name" @@ -96,6 +100,7 @@ function Get-TargetResource CertificatePath = $CertificatePath CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens } } catch @@ -162,7 +167,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting configuration for SPO Theme $Name" @@ -283,7 +292,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -304,15 +317,7 @@ function Test-TargetResource Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters - $ValuesToCheck.Remove('Credential') | Out-Null $ValuesToCheck.Remove('Palette') | Out-Null - $ValuesToCheck.Remove('ApplicationId') | Out-Null - $ValuesToCheck.Remove('TenantId') | Out-Null - $ValuesToCheck.Remove('CertificatePath') | Out-Null - $ValuesToCheck.Remove('CertificatePassword') | Out-Null - $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null - $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -365,7 +370,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -410,6 +419,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.schema.mof index e93badc7b0..925d068b2c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.schema.mof @@ -20,4 +20,5 @@ class MSFT_SPOTheme : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.psm1 index 4874ead6f7..2cb165f758 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.psm1 @@ -38,7 +38,11 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Getting SPO Profile Properties for user {$UserName}" @@ -89,6 +93,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Ensure = 'Present' + AccessTokens = $AccessTokens } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" @@ -145,7 +150,11 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) Write-Verbose -Message "Setting Profile Properties for user {$UserName}" @@ -223,7 +232,11 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -284,7 +297,11 @@ function Export-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [System.String[]] + $AccessTokens ) try @@ -320,6 +337,7 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Credential = $Credential + AccessTokens = $AccessTokens } $Results = Get-TargetResource @Params diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.schema.mof index eee5aa8cb4..ae3e2121e7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.schema.mof @@ -16,4 +16,5 @@ class MSFT_SPOUserProfileProperty : OMI_BaseResource [Write, Description("Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com")] String TenantId; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 index 2b44923618..daad71b876 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 @@ -13,7 +13,7 @@ function Get-TargetResource $GroupId, [Parameter(Mandatory = $true)] - [ValidateSet('ApplicationAccessPolicy','CallingLineIdentity','OnlineAudioConferencingRoutingPolicy','OnlineVoicemailPolicy','OnlineVoiceRoutingPolicy','TeamsAudioConferencingPolicy','TeamsCallHoldPolicy','TeamsCallParkPolicy','TeamsChannelsPolicy','TeamsComplianceRecordingPolicy','TeamsCortanaPolicy','TeamsEmergencyCallingPolicy','TeamsEnhancedEncryptionPolicy','TeamsFeedbackPolicy','TeamsFilesPolicy','TeamsIPPhonePolicy','TeamsMediaLoggingPolicy','TeamsMeetingBroadcastPolicy','TeamsMeetingPolicy','TeamsMessagingPolicy','TeamsMobilityPolicy','TeamsRoomVideoTeleConferencingPolicy','TeamsShiftsPolicy','TeamsUpdateManagementPolicy','TeamsVdiPolicy','TeamsVideoInteropServicePolicy','TenantDialPlan','ExternalAccessPolicy','TeamsAppSetupPolicy','TeamsCallingPolicy','TeamsEventsPolicy','TeamsMeetingBrandingPolicy','TeamsMeetingTemplatePermissionPolicy')] + [ValidateSet('ApplicationAccessPolicy','CallingLineIdentity','OnlineAudioConferencingRoutingPolicy','OnlineVoicemailPolicy','OnlineVoiceRoutingPolicy','TeamsAudioConferencingPolicy','TeamsCallHoldPolicy','TeamsCallParkPolicy','TeamsChannelsPolicy','TeamsComplianceRecordingPolicy','TeamsCortanaPolicy','TeamsEmergencyCallingPolicy','TeamsEnhancedEncryptionPolicy','TeamsFeedbackPolicy','TeamsFilesPolicy','TeamsIPPhonePolicy','TeamsMediaLoggingPolicy','TeamsMeetingBroadcastPolicy','TeamsMeetingPolicy','TeamsMessagingPolicy','TeamsMobilityPolicy','TeamsRoomVideoTeleConferencingPolicy','TeamsShiftsPolicy','TeamsUpdateManagementPolicy','TeamsVdiPolicy','TeamsVideoInteropServicePolicy','TenantDialPlan','ExternalAccessPolicy','TeamsAppSetupPolicy','TeamsCallingPolicy','TeamsEventsPolicy','TeamsMeetingBrandingPolicy','TeamsMeetingTemplatePermissionPolicy','TeamsVerticalPackagePolicy')] [System.String] $PolicyType, @@ -153,7 +153,7 @@ function Set-TargetResource $GroupId, [Parameter(Mandatory = $true)] - [ValidateSet('ApplicationAccessPolicy','CallingLineIdentity','OnlineAudioConferencingRoutingPolicy','OnlineVoicemailPolicy','OnlineVoiceRoutingPolicy','TeamsAudioConferencingPolicy','TeamsCallHoldPolicy','TeamsCallParkPolicy','TeamsChannelsPolicy','TeamsComplianceRecordingPolicy','TeamsCortanaPolicy','TeamsEmergencyCallingPolicy','TeamsEnhancedEncryptionPolicy','TeamsFeedbackPolicy','TeamsFilesPolicy','TeamsIPPhonePolicy','TeamsMediaLoggingPolicy','TeamsMeetingBroadcastPolicy','TeamsMeetingPolicy','TeamsMessagingPolicy','TeamsMobilityPolicy','TeamsRoomVideoTeleConferencingPolicy','TeamsShiftsPolicy','TeamsUpdateManagementPolicy','TeamsVdiPolicy','TeamsVideoInteropServicePolicy','TenantDialPlan','ExternalAccessPolicy','TeamsAppSetupPolicy','TeamsCallingPolicy','TeamsEventsPolicy','TeamsMeetingBrandingPolicy','TeamsMeetingTemplatePermissionPolicy')] + [ValidateSet('ApplicationAccessPolicy','CallingLineIdentity','OnlineAudioConferencingRoutingPolicy','OnlineVoicemailPolicy','OnlineVoiceRoutingPolicy','TeamsAudioConferencingPolicy','TeamsCallHoldPolicy','TeamsCallParkPolicy','TeamsChannelsPolicy','TeamsComplianceRecordingPolicy','TeamsCortanaPolicy','TeamsEmergencyCallingPolicy','TeamsEnhancedEncryptionPolicy','TeamsFeedbackPolicy','TeamsFilesPolicy','TeamsIPPhonePolicy','TeamsMediaLoggingPolicy','TeamsMeetingBroadcastPolicy','TeamsMeetingPolicy','TeamsMessagingPolicy','TeamsMobilityPolicy','TeamsRoomVideoTeleConferencingPolicy','TeamsShiftsPolicy','TeamsUpdateManagementPolicy','TeamsVdiPolicy','TeamsVideoInteropServicePolicy','TenantDialPlan','ExternalAccessPolicy','TeamsAppSetupPolicy','TeamsCallingPolicy','TeamsEventsPolicy','TeamsMeetingBrandingPolicy','TeamsMeetingTemplatePermissionPolicy','TeamsVerticalPackagePolicy')] [System.String] $PolicyType, @@ -273,7 +273,7 @@ function Test-TargetResource $GroupId, [Parameter(Mandatory = $true)] - [ValidateSet('ApplicationAccessPolicy','CallingLineIdentity','OnlineAudioConferencingRoutingPolicy','OnlineVoicemailPolicy','OnlineVoiceRoutingPolicy','TeamsAudioConferencingPolicy','TeamsCallHoldPolicy','TeamsCallParkPolicy','TeamsChannelsPolicy','TeamsComplianceRecordingPolicy','TeamsCortanaPolicy','TeamsEmergencyCallingPolicy','TeamsEnhancedEncryptionPolicy','TeamsFeedbackPolicy','TeamsFilesPolicy','TeamsIPPhonePolicy','TeamsMediaLoggingPolicy','TeamsMeetingBroadcastPolicy','TeamsMeetingPolicy','TeamsMessagingPolicy','TeamsMobilityPolicy','TeamsRoomVideoTeleConferencingPolicy','TeamsShiftsPolicy','TeamsUpdateManagementPolicy','TeamsVdiPolicy','TeamsVideoInteropServicePolicy','TenantDialPlan','ExternalAccessPolicy','TeamsAppSetupPolicy','TeamsCallingPolicy','TeamsEventsPolicy','TeamsMeetingBrandingPolicy','TeamsMeetingTemplatePermissionPolicy')] + [ValidateSet('ApplicationAccessPolicy','CallingLineIdentity','OnlineAudioConferencingRoutingPolicy','OnlineVoicemailPolicy','OnlineVoiceRoutingPolicy','TeamsAudioConferencingPolicy','TeamsCallHoldPolicy','TeamsCallParkPolicy','TeamsChannelsPolicy','TeamsComplianceRecordingPolicy','TeamsCortanaPolicy','TeamsEmergencyCallingPolicy','TeamsEnhancedEncryptionPolicy','TeamsFeedbackPolicy','TeamsFilesPolicy','TeamsIPPhonePolicy','TeamsMediaLoggingPolicy','TeamsMeetingBroadcastPolicy','TeamsMeetingPolicy','TeamsMessagingPolicy','TeamsMobilityPolicy','TeamsRoomVideoTeleConferencingPolicy','TeamsShiftsPolicy','TeamsUpdateManagementPolicy','TeamsVdiPolicy','TeamsVideoInteropServicePolicy','TenantDialPlan','ExternalAccessPolicy','TeamsAppSetupPolicy','TeamsCallingPolicy','TeamsEventsPolicy','TeamsMeetingBrandingPolicy','TeamsMeetingTemplatePermissionPolicy','TeamsVerticalPackagePolicy')] [System.String] $PolicyType, diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.schema.mof index fc3441d1de..2cc4a5f0af 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.schema.mof @@ -3,7 +3,7 @@ class MSFT_TeamsGroupPolicyAssignment : OMI_BaseResource { [Key, Description("Group Displayname of the group the policys are assigned to")] string GroupDisplayName; [Write, Description("GroupId, alternatively to Group Displayname")] String GroupId; - [Key, Description("Teams PolicyType. The type of the policy to be assigned. Possible values:"), ValueMap{"ApplicationAccessPolicy","CallingLineIdentity","OnlineAudioConferencingRoutingPolicy","OnlineVoicemailPolicy","OnlineVoiceRoutingPolicy","TeamsAudioConferencingPolicy","TeamsCallHoldPolicy","TeamsCallParkPolicy","TeamsChannelsPolicy","TeamsComplianceRecordingPolicy","TeamsCortanaPolicy","TeamsEmergencyCallingPolicy","TeamsEnhancedEncryptionPolicy","TeamsFeedbackPolicy","TeamsFilesPolicy","TeamsIPPhonePolicy","TeamsMediaLoggingPolicy","TeamsMeetingBroadcastPolicy","TeamsMeetingPolicy","TeamsMessagingPolicy","TeamsMobilityPolicy","TeamsRoomVideoTeleConferencingPolicy","TeamsShiftsPolicy","TeamsUpdateManagementPolicy","TeamsVdiPolicy","TeamsVideoInteropServicePolicy","TenantDialPlan","ExternalAccessPolicy","TeamsAppSetupPolicy","TeamsCallingPolicy","TeamsEventsPolicy","TeamsMeetingBrandingPolicy","TeamsMeetingTemplatePermissionPolicy"}, Values{"ApplicationAccessPolicy","CallingLineIdentity","OnlineAudioConferencingRoutingPolicy","OnlineVoicemailPolicy","OnlineVoiceRoutingPolicy","TeamsAudioConferencingPolicy","TeamsCallHoldPolicy","TeamsCallParkPolicy","TeamsChannelsPolicy","TeamsComplianceRecordingPolicy","TeamsCortanaPolicy","TeamsEmergencyCallingPolicy","TeamsEnhancedEncryptionPolicy","TeamsFeedbackPolicy","TeamsFilesPolicy","TeamsIPPhonePolicy","TeamsMediaLoggingPolicy","TeamsMeetingBroadcastPolicy","TeamsMeetingPolicy","TeamsMessagingPolicy","TeamsMobilityPolicy","TeamsRoomVideoTeleConferencingPolicy","TeamsShiftsPolicy","TeamsUpdateManagementPolicy","TeamsVdiPolicy","TeamsVideoInteropServicePolicy","TenantDialPlan","ExternalAccessPolicy","TeamsAppSetupPolicy","TeamsCallingPolicy","TeamsEventsPolicy","TeamsMeetingBrandingPolicy","TeamsMeetingTemplatePermissionPolicy"}] String PolicyType; + [Key, Description("Teams PolicyType. The type of the policy to be assigned. Possible values:"), ValueMap{"ApplicationAccessPolicy","CallingLineIdentity","OnlineAudioConferencingRoutingPolicy","OnlineVoicemailPolicy","OnlineVoiceRoutingPolicy","TeamsAudioConferencingPolicy","TeamsCallHoldPolicy","TeamsCallParkPolicy","TeamsChannelsPolicy","TeamsComplianceRecordingPolicy","TeamsCortanaPolicy","TeamsEmergencyCallingPolicy","TeamsEnhancedEncryptionPolicy","TeamsFeedbackPolicy","TeamsFilesPolicy","TeamsIPPhonePolicy","TeamsMediaLoggingPolicy","TeamsMeetingBroadcastPolicy","TeamsMeetingPolicy","TeamsMessagingPolicy","TeamsMobilityPolicy","TeamsRoomVideoTeleConferencingPolicy","TeamsShiftsPolicy","TeamsUpdateManagementPolicy","TeamsVdiPolicy","TeamsVideoInteropServicePolicy","TenantDialPlan","ExternalAccessPolicy","TeamsAppSetupPolicy","TeamsCallingPolicy","TeamsEventsPolicy","TeamsMeetingBrandingPolicy","TeamsMeetingTemplatePermissionPolicy","TeamsVerticalPackagePolicy"}, Values{"ApplicationAccessPolicy","CallingLineIdentity","OnlineAudioConferencingRoutingPolicy","OnlineVoicemailPolicy","OnlineVoiceRoutingPolicy","TeamsAudioConferencingPolicy","TeamsCallHoldPolicy","TeamsCallParkPolicy","TeamsChannelsPolicy","TeamsComplianceRecordingPolicy","TeamsCortanaPolicy","TeamsEmergencyCallingPolicy","TeamsEnhancedEncryptionPolicy","TeamsFeedbackPolicy","TeamsFilesPolicy","TeamsIPPhonePolicy","TeamsMediaLoggingPolicy","TeamsMeetingBroadcastPolicy","TeamsMeetingPolicy","TeamsMessagingPolicy","TeamsMobilityPolicy","TeamsRoomVideoTeleConferencingPolicy","TeamsShiftsPolicy","TeamsUpdateManagementPolicy","TeamsVdiPolicy","TeamsVideoInteropServicePolicy","TenantDialPlan","ExternalAccessPolicy","TeamsAppSetupPolicy","TeamsCallingPolicy","TeamsEventsPolicy","TeamsMeetingBrandingPolicy","TeamsMeetingTemplatePermissionPolicy","TeamsVerticalPackagePolicy"}] String PolicyType; [Write, Description("Teams PolicyName. The name of the policy to be assigned.")] string PolicyName; [Write, Description("Teams Priority. The rank of the policy assignment, relative to other group policy assignments for the same policy type")] string Priority; [Write, Description("Present ensures the group policy assignment exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.psm1 index 18083f32cd..5acac79304 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/MSFT_TeamsUpdateManagementPolicy.psm1 @@ -230,34 +230,19 @@ function Set-TargetResource -InboundParameters $PSBoundParameters $CurrentValues = Get-TargetResource @PSBoundParameters + $PSBoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters if ($CurrentValues.Ensure -eq 'Absent' -and $Ensure -eq 'Present') { Write-Verbose "Creating new Teams Update Management Policy {$Identity}" - $newParams = $PSBoundParameters - $newParams.Remove('Ensure') | Out-Null - $newParams.Remove('Credential') | Out-Null - $newParams.Remove('ApplicationId') | Out-Null - $newParams.Remove('TenantId') | Out-Null - $newParams.Remove('CertificateThumbprint') | Out-Null - $newParams.Remove('ManagedIdentity') | Out-Null - $newParams.Remove('AccessTokens') | Out-Null - - New-CsTeamsUpdateManagementPolicy @newParams | Out-Null + + New-CsTeamsUpdateManagementPolicy @PSBoundParameters | Out-Null } elseif ($CurrentValues.Ensure -eq 'Present' -and $Ensure -eq 'Present') { Write-Verbose "Updating existing Teams Update Management Policy {$Identity}" - $setParams = $PSBoundParameters - $setParams.Remove('Ensure') | Out-Null - $setParams.Remove('Credential') | Out-Null - $setParams.Remove('ApplicationId') | Out-Null - $setParams.Remove('TenantId') | Out-Null - $setParams.Remove('CertificateThumbprint') | Out-Null - $setParams.Remove('ManagedIdentity') | Out-Null - $setParams.Remove('AccessTokens') | Out-Null - - Set-CsTeamsUpdateManagementPolicy @setParams | Out-Null + + Set-CsTeamsUpdateManagementPolicy @PSBoundParameters | Out-Null } elseif ($CurrentValues.Ensure -eq 'Present' -and $Ensure -eq 'Absent') { @@ -355,16 +340,27 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Team Update Management Policy {$Identity}" $CurrentValues = Get-TargetResource @PSBoundParameters + $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() + + if ($CurrentValues.Ensure -ne $Ensure) + { + Write-Verbose -Message "Test-TargetResource returned $false" + return $false + } + $testResult = $true + + $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" - $ValuesToCheck = $PSBoundParameters - - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys + if ($testResult) + { + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys + } Write-Verbose -Message "Test-TargetResource returned $TestResult" diff --git a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 index bcfa507938..6da587efdd 100644 --- a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 +++ b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 @@ -2,7 +2,7 @@ Dependencies = @( @{ ModuleName = 'DSCParser' - RequiredVersion = '2.0.0.3' + RequiredVersion = '2.0.0.4' }, @{ ModuleName = 'ExchangeOnlineManagement' @@ -10,79 +10,79 @@ }, @{ ModuleName = 'Microsoft.Graph.Applications' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Authentication' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Devices.CorporateManagement' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement.Administration' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement.Enrollment' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.DirectoryManagement' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.Governance' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.SignIns' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Reports' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Teams' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.DeviceManagement.Administration' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DirectoryObjects' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Groups' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Planner' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Sites' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Users' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.Graph.Users.Actions' - RequiredVersion = '2.18.0' + RequiredVersion = '2.19.0' }, @{ ModuleName = 'Microsoft.PowerApps.Administration.PowerShell' - RequiredVersion = '2.0.182' + RequiredVersion = '2.0.187' }, @{ ModuleName = 'MicrosoftTeams' diff --git a/Modules/Microsoft365DSC/Examples/Resources/EXOManagementRoleEntry/2-Update.ps1 b/Modules/Microsoft365DSC/Examples/Resources/EXOManagementRoleEntry/2-Update.ps1 new file mode 100644 index 0000000000..35001eaa4d --- /dev/null +++ b/Modules/Microsoft365DSC/Examples/Resources/EXOManagementRoleEntry/2-Update.ps1 @@ -0,0 +1,24 @@ +<# +This example is used to test new resources and showcase the usage of new resources being worked on. +It is not meant to use as a production baseline. +#> + +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $Credscredential + ) + Import-DscResource -ModuleName Microsoft365DSC + + node localhost + { + EXOManagementRoleEntry "UpdateRoleEntry" + { + Credential = $Credscredential; + Identity = "Information Rights Management\Get-BookingMailbox" + Parameters = @("ANR","RecipientTypeDetails", "ResultSize") + } + } +} diff --git a/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 index bd1c2161a6..4e8f051a5a 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 @@ -15,15 +15,25 @@ function Get-M365DSCApplicationInsightsTelemetryClient $AI = "$PSScriptRoot/../Dependencies/Microsoft.ApplicationInsights.dll" [Reflection.Assembly]::LoadFile($AI) | Out-Null - $InstrumentationKey = [System.Environment]::GetEnvironmentVariable('M365DSCTelemetryInstrumentationKey', ` - [System.EnvironmentVariableTarget]::Machine) + $TelClient = [Microsoft.ApplicationInsights.TelemetryClient]::new() - if ($null -eq $InstrumentationKey) + $connectionString = [System.Environment]::GetEnvironmentVariable('M365DSCTelemetryConnectionString', ` + [System.EnvironmentVariableTarget]::Machine) + if (-not [System.String]::IsNullOrEmpty($connectionString)) { - $InstrumentationKey = 'e670af5d-fd30-4407-a796-8ad30491ea7a' + $TelClient.TelemetryConfiguration.ConnectionString = $connectionString + } + else + { + $InstrumentationKey = [System.Environment]::GetEnvironmentVariable('M365DSCTelemetryInstrumentationKey', ` + [System.EnvironmentVariableTarget]::Machine) + + if ($null -eq $InstrumentationKey) + { + $InstrumentationKey = 'e670af5d-fd30-4407-a796-8ad30491ea7a' + } + $TelClient.InstrumentationKey = $InstrumentationKey } - $TelClient = [Microsoft.ApplicationInsights.TelemetryClient]::new() - $TelClient.InstrumentationKey = $InstrumentationKey $Global:M365DSCTelemetryEngine = $TelClient } @@ -330,7 +340,11 @@ function Set-M365DSCTelemetryOption [Parameter()] [System.String] - $ProjectName + $ProjectName, + + [Parameter()] + [System.String] + $ConnectionString ) if ($null -ne $Enabled) @@ -350,6 +364,12 @@ function Set-M365DSCTelemetryOption [System.Environment]::SetEnvironmentVariable('M365DSCTelemetryProjectName', $ProjectName, ` [System.EnvironmentVariableTarget]::Machine) } + + if ($null -ne $ConnectionString) + { + [System.Environment]::SetEnvironmentVariable('M365DSCTelemetryConnectionString', $ConnectionString, ` + [System.EnvironmentVariableTarget]::Machine) + } } <# diff --git a/Modules/Microsoft365DSC/SchemaDefinition.json b/Modules/Microsoft365DSC/SchemaDefinition.json index f1e63389a1..992dc11ab0 100644 --- a/Modules/Microsoft365DSC/SchemaDefinition.json +++ b/Modules/Microsoft365DSC/SchemaDefinition.json @@ -10059,6 +10059,66 @@ } ] }, + { + "ClassName": "MSFT_EXOManagementRoleEntry", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "Parameters", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Type", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" + } + ] + }, { "ClassName": "MSFT_EXOMessageClassification", "Parameters": [ @@ -15582,6 +15642,16 @@ "Name": "avgcpuloadfactor", "Option": "Write" }, + { + "CIMType": "sInt32", + "Name": "archivemaxdepth", + "Option": "Write" + }, + { + "CIMType": "sInt32", + "Name": "archivemaxsize", + "Option": "Write" + }, { "CIMType": "String", "Name": "checkforsignaturesbeforerunningscan", @@ -15657,6 +15727,11 @@ "Name": "engineupdateschannel", "Option": "Write" }, + { + "CIMType": "String", + "Name": "meteredconnectionupdates", + "Option": "Write" + }, { "CIMType": "String", "Name": "platformupdateschannel", @@ -15692,6 +15767,21 @@ "Name": "schedulescantime", "Option": "Write" }, + { + "CIMType": "String", + "Name": "disabletlsparsing", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "randomizescheduletasktimes", + "Option": "Write" + }, + { + "CIMType": "sInt32", + "Name": "schedulerrandomizationtime", + "Option": "Write" + }, { "CIMType": "String[]", "Name": "signatureupdatefallbackorder", @@ -15786,11 +15876,6 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" - }, - { - "CIMType": "String[]", - "Name": "AccessTokens", - "Option": "Write" } ] }, @@ -31561,6 +31646,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -31616,6 +31706,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -31681,6 +31776,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -31726,6 +31826,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -31901,6 +32006,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -31936,6 +32046,11 @@ "CIMType": "MSFT_Credential", "Name": "Credential", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -32051,6 +32166,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -32576,6 +32696,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -32736,6 +32861,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -33111,6 +33241,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -33186,6 +33321,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -33251,6 +33391,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -33306,6 +33451,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -33411,6 +33561,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -33496,6 +33651,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -33626,6 +33786,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -33681,6 +33846,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -33736,6 +33906,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -33881,6 +34056,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -34256,6 +34436,11 @@ "CIMType": "String[]", "Name": "ExceptIfContentExtensionMatchesWords", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -34301,6 +34486,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -34346,6 +34536,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -34401,6 +34596,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -34446,6 +34646,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -34491,6 +34696,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -34541,6 +34751,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -34686,6 +34901,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -34846,6 +35066,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -34986,6 +35211,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35071,6 +35301,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35121,6 +35356,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35181,6 +35421,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35236,6 +35481,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35306,6 +35556,11 @@ "CIMType": "String", "Name": "Ensure", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35576,6 +35831,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35631,6 +35891,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35691,6 +35956,11 @@ "CIMType": "String", "Name": "CertificatePath", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35796,6 +36066,11 @@ "CIMType": "string", "Name": "ConditionalAccessPolicy", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35866,6 +36141,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35931,6 +36211,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -35991,6 +36276,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -36076,6 +36366,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -36141,6 +36436,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -36206,6 +36506,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -36351,6 +36656,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -36441,6 +36751,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -36611,6 +36926,11 @@ "CIMType": "uint32", "Name": "ExternalUserExpireInDays", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -36791,6 +37111,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -36846,6 +37171,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -36936,6 +37266,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -37001,6 +37336,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -37071,6 +37411,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -37141,6 +37486,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -37221,6 +37571,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -37281,6 +37636,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -37341,6 +37701,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -37511,6 +37876,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -37591,6 +37961,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, @@ -37656,6 +38031,11 @@ "CIMType": "Boolean", "Name": "ManagedIdentity", "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessTokens", + "Option": "Write" } ] }, diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADAuthenticationMethodPolicyAuthenticator.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADAuthenticationMethodPolicyAuthenticator.Tests.ps1 index f153640e41..70e5786306 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADAuthenticationMethodPolicyAuthenticator.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADAuthenticationMethodPolicyAuthenticator.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADGroup.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADGroup.Tests.ps1 index 94b1ee1944..720574a2ae 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADGroup.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADGroup.Tests.ps1 @@ -75,7 +75,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName Remove-MgGroupMemberDirectoryObjectByRef -MockWith { } - Mock -CommandName Remove-MgBetaDirectoryRoleMemberByRef -MockWith { + Mock -CommandName Remove-MgBetaDirectoryRoleMemberDirectoryObjectByRef -MockWith { } # Mock Write-Host to hide output during the tests @@ -470,6 +470,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { GroupTypes = @() MailNickname = 'M365DSC' IsAssignableToRole = $true + AssignedToRole = @() Ensure = 'Present' } } @@ -563,7 +564,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Set-TargetResource @testParams Should -Invoke -CommandName 'Get-MgGroup' -Exactly 1 Should -Invoke -CommandName 'Get-MgBetaDirectoryRole' -Exactly 1 - Should -Invoke -CommandName 'Remove-MgBetaDirectoryRoleMemberByRef' -Exactly 1 + Should -Invoke -CommandName 'Remove-MgBetaDirectoryRoleMemberDirectoryObjectByRef' -Exactly 1 } } diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOManagementRoleEntry.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOManagementRoleEntry.Tests.ps1 new file mode 100644 index 0000000000..5185a109eb --- /dev/null +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOManagementRoleEntry.Tests.ps1 @@ -0,0 +1,129 @@ +[CmdletBinding()] +param( +) +$M365DSCTestFolder = Join-Path -Path $PSScriptRoot ` + -ChildPath '..\..\Unit' ` + -Resolve +$CmdletModule = (Join-Path -Path $M365DSCTestFolder ` + -ChildPath '\Stubs\Microsoft365.psm1' ` + -Resolve) +$GenericStubPath = (Join-Path -Path $M365DSCTestFolder ` + -ChildPath '\Stubs\Generic.psm1' ` + -Resolve) +Import-Module -Name (Join-Path -Path $M365DSCTestFolder ` + -ChildPath '\UnitTestHelper.psm1' ` + -Resolve) + +$Global:DscHelper = New-M365DscUnitTestHelper -StubModule $CmdletModule ` + -DscResource 'EXOManagementRoleEntry' -GenericStubModule $GenericStubPath +Describe -Name $Global:DscHelper.DescribeHeader -Fixture { + InModuleScope -ModuleName $Global:DscHelper.ModuleName -ScriptBlock { + Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope + + BeforeAll { + $secpasswd = ConvertTo-SecureString (New-Guid | Out-String) -AsPlainText -Force + $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) + + $Global:PartialExportFileName = 'c:\TestPath' + + Mock -CommandName Save-M365DSCPartialExport -MockWith { + } + + Mock -CommandName New-M365DSCConnection -MockWith { + return 'Credentials' + } + + Mock -CommandName Get-PSSession -MockWith { + } + + Mock -CommandName Remove-PSSession -MockWith { + } + + # Mock Write-Host to hide output during the tests + Mock -CommandName Write-Host -MockWith { + } + + Mock -CommandName Set-ManagementRoleEntry -MockWith { + } + + $Script:exportedInstances =$null + $Script:ExportMode = $false + } + + Context -Name 'Management Role Entry is already in the desired state.' -Fixture { + BeforeAll { + $testParams = @{ + Identity = "Information Rights Management\Get-BookingMailbox" + Parameters = @("ANR","RecipientTypeDetails", "ResultSize") + Credential = $Credential + } + + Mock -CommandName Get-ManagementRoleEntry -MockWith { + return @{ + Identity = 'Information Rights Management' + Name = "Get-BookingMailbox" + Type = "Cmdlet" + Parameters = @("ANR", "RecipientTypeDetails", "ResultSize") + } + } + } + + It 'Should return true from the Test method' { + Test-TargetResource @testParams | Should -Be $true + } + } + + Context -Name 'Management Role Entry is NOT in the desired state.' -Fixture { + BeforeAll { + $testParams = @{ + Identity = "Information Rights Management\Get-BookingMailbox" + Parameters = @("ANR","RecipientTypeDetails", "ResultSize") + Credential = $Credential + } + + Mock -CommandName Get-ManagementRoleEntry -MockWith { + return @{ + Identity = 'Information Rights Management' + Name = "Get-BookingMailbox" + Type = "Cmdlet" + Parameters = @("RecipientTypeDetails", "ResultSize") # Drift + } + } + } + + It 'Should return false from the Test method' { + Test-TargetResource @testParams | Should -Be $false + } + + It 'Should call the Set method' { + Set-TargetResource @testParams | Should -Invoke 'Set-ManagementRoleEntry' -Exactly 1 + } + } + + Context -Name 'ReverseDSC Tests' -Fixture { + BeforeAll { + $Global:CurrentModeIsExport = $true + $Global:PartialExportFileName = "$(New-Guid).partial.ps1" + $testParams = @{ + Credential = $Credential + } + + Mock -CommandName Get-ManagementRoleEntry -MockWith { + return @{ + Identity = 'Information Rights Management' + Name = "Get-BookingMailbox" + Type = "Cmdlet" + Parameters = @("ANR", "RecipientTypeDetails", "ResultSize") + } + } + } + + It 'Should Reverse Engineer resource from the Export method when single' { + $result = Export-TargetResource @testParams + $result | Should -Not -BeNullOrEmpty + } + } + } +} + +Invoke-Command -ScriptBlock $Global:DscHelper.CleanupScript -NoNewScope diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.Tests.ps1 index e4f2e04d72..1bdab9fafa 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.Tests.ps1 index ac12ba8c5d..0cf4e215fd 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.Tests.ps1 index 1cf766ede2..4e08ca61ba 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.Tests.ps1 index d8dbde3f73..f0f904a249 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.Tests.ps1 index ebbe87ad2b..10ad27cdb5 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationPolicyWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationPolicyWindows10.Tests.ps1 index 8706092fcf..64ade1f246 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationPolicyWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationPolicyWindows10.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationWiredNetworkPolicyWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationWiredNetworkPolicyWindows10.Tests.ps1 index 552988d1d8..f93421bccd 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationWiredNetworkPolicyWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationWiredNetworkPolicyWindows10.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { @@ -384,7 +384,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { DisplayName = 'ClientCertificate' } } -ParameterFilter { $CertificateName -eq 'secondaryIdentityCertificateForClientAuthentication' } - + Mock -CommandName Get-IntuneDeviceConfigurationCertificateId -MockWith { return 'a485d322-13cd-43ef-beda-733f656f48ea' } -ParameterFilter { $DisplayName -eq 'RootCertificate' } diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceEnrollmentStatusPageWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceEnrollmentStatusPageWindows10.Tests.ps1 index 0609bdfd7c..4aa84407d2 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceEnrollmentStatusPageWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceEnrollmentStatusPageWindows10.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith {} diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneSettingCatalogCustomPolicyWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneSettingCatalogCustomPolicyWindows10.Tests.ps1 index 8fadb45a9f..9468a1b899 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneSettingCatalogCustomPolicyWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneSettingCatalogCustomPolicyWindows10.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.Tests.ps1 index 6c27287d6d..7eae4ddc58 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsAutopilotDeploymentProfileAzureADJoined.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsAutopilotDeploymentProfileAzureADJoined.Tests.ps1 index e1ebec15da..19d9375c6c 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsAutopilotDeploymentProfileAzureADJoined.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsAutopilotDeploymentProfileAzureADJoined.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.Tests.ps1 index 407a5148e7..c64f45305f 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.Tests.ps1 index 17a011eb66..490fca3de0 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.Tests.ps1 index 24a490b496..819b32dd83 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAppPermissionPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAppPermissionPolicy.Tests.ps1 index 0216eb6a1e..f7f8a996b8 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAppPermissionPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAppPermissionPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAppSetupPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAppSetupPolicy.Tests.ps1 index f6377790c2..54b1abd499 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAppSetupPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAppSetupPolicy.Tests.ps1 @@ -20,7 +20,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { InModuleScope -ModuleName $Global:DscHelper.ModuleName -ScriptBlock { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAudioConferencingPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAudioConferencingPolicy.Tests.ps1 index 12d03bdb55..a41fdb458e 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAudioConferencingPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsAudioConferencingPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallHoldPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallHoldPolicy.Tests.ps1 index 140e83663a..5815330be5 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallHoldPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallHoldPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallParkPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallParkPolicy.Tests.ps1 index 3eba207020..3227c8610a 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallParkPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallParkPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallQueue.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallQueue.Tests.ps1 index c6b3ebe411..16de9d9730 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallQueue.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCallQueue.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsComplianceRecordingPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsComplianceRecordingPolicy.Tests.ps1 index 61777b81ef..01c660ea09 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsComplianceRecordingPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsComplianceRecordingPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCortanaPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCortanaPolicy.Tests.ps1 index b0362bbb86..e5af170ded 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCortanaPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsCortanaPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsEnhancedEncryptionPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsEnhancedEncryptionPolicy.Tests.ps1 index d52bc8f527..8151469678 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsEnhancedEncryptionPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsEnhancedEncryptionPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFeedbackPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFeedbackPolicy.Tests.ps1 index 67dee31f76..c0a7b199b7 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFeedbackPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFeedbackPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFilesPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFilesPolicy.Tests.ps1 index abf2832706..a4bfbd1437 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFilesPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFilesPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsIPPhonePolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsIPPhonePolicy.Tests.ps1 index e77e50acf6..1750ed1d19 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsIPPhonePolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsIPPhonePolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsMobilityPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsMobilityPolicy.Tests.ps1 index dbb7170b37..5b23d4a05c 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsMobilityPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsMobilityPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { InModuleScope -ModuleName $Global:DscHelper.ModuleName -ScriptBlock { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsNetworkRoamingPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsNetworkRoamingPolicy.Tests.ps1 index 5d55a466b7..0ec126975a 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsNetworkRoamingPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsNetworkRoamingPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsShiftsPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsShiftsPolicy.Tests.ps1 index a8b9e96ee8..76b2c1cc6f 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsShiftsPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsShiftsPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkRegion.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkRegion.Tests.ps1 index 6a0cd5f9af..0e48e69e96 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkRegion.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkRegion.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkSite.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkSite.Tests.ps1 index 9ce681dc30..763627cbb1 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkSite.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkSite.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkSubnet.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkSubnet.Tests.ps1 index 8c56801e54..5cafc2294a 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkSubnet.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantNetworkSubnet.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantTrustedIPAddress.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantTrustedIPAddress.Tests.ps1 index ff9a83bb49..82c5a471f1 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantTrustedIPAddress.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTenantTrustedIPAddress.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTranslationRule.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTranslationRule.Tests.ps1 index 9c659ae17b..89bec43c1d 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTranslationRule.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsTranslationRule.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsUnassignedNumberTreatment.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsUnassignedNumberTreatment.Tests.ps1 index 8c1db705be..0d011c3a91 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsUnassignedNumberTreatment.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsUnassignedNumberTreatment.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsVdiPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsVdiPolicy.Tests.ps1 index 02e8a35d6f..a4eb9cf963 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsVdiPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsVdiPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsWorkloadPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsWorkloadPolicy.Tests.ps1 index defc86958a..ae6d3ef040 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsWorkloadPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsWorkloadPolicy.Tests.ps1 @@ -21,7 +21,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Invoke-Command -ScriptBlock $Global:DscHelper.InitializeScript -NoNewScope BeforeAll { - $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force + $secpasswd = ConvertTo-SecureString (New-GUID).ToString() -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) Mock -CommandName Confirm-M365DSCDependencies -MockWith { diff --git a/Tests/Unit/Stubs/Microsoft365.psm1 b/Tests/Unit/Stubs/Microsoft365.psm1 index 6068acbb24..44ee940de9 100644 --- a/Tests/Unit/Stubs/Microsoft365.psm1 +++ b/Tests/Unit/Stubs/Microsoft365.psm1 @@ -1156,6 +1156,43 @@ function Get-MalwareFilterRule $State ) } + +function Get-ManagementRoleEntry +{ + [CmdletBinding()] + param( + [Parameter()] + [System.String] + $Identity, + + [Parameter()] + [System.String] + $ResultSize + ) +} + +function Set-ManagementRoleEntry +{ + [CmdletBinding()] + param( + [Parameter()] + [System.String] + $Identity, + + [Parameter()] + [System.String[]] + $Parameters, + + [Parameter()] + [Switch] + $AddParameter, + + [Parameter()] + [Switch] + $RemoveParameter + ) +} + function Get-ManagementRole { [CmdletBinding()] @@ -81493,3 +81530,41 @@ function Update-MgBetaDeviceAppManagementMobileApp } #endregion +function Remove-MgBetaDirectoryRoleMemberDirectoryObjectByRef +{ + [CmdletBinding()] + param + ( + [Parameter(Mandatory = $true)] + [string] + $DirectoryObjectId, + + [Parameter(Mandatory = $true)] + [string] + $DirectoryRoleId, + + [Parameter()] + [string] + $IfMatch, + + [Parameter()] + [string] + $ResponseHeadersVariable, + + [Parameter()] + [System.Collections.IDictionary] + $Headers, + + [Parameter()] + [switch] + $PassThru, + + [Parameter()] + [switch] + $WhatIf, + + [Parameter()] + [switch] + $Confirm + ) +} diff --git a/docs/docs/resources/exchange/EXOManagementRoleEntry.md b/docs/docs/resources/exchange/EXOManagementRoleEntry.md new file mode 100644 index 0000000000..07fb721e79 --- /dev/null +++ b/docs/docs/resources/exchange/EXOManagementRoleEntry.md @@ -0,0 +1,65 @@ +# EXOManagementRoleEntry + +## Parameters + +| Parameter | Attribute | DataType | Description | Allowed Values | +| --- | --- | --- | --- | --- | +| **Identity** | Key | String | The Identity parameter specifies the role entry that you want to modify. | | +| **Parameters** | Write | StringArray[] | The Parameters parameter specifies the parameters to be added to or removed from the role entry. | | +| **Type** | Write | String | The Type parameter specifies the type of role entry to return. | `Cmdlet`, `Script`, `ApplicationPermission` | +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin | | +| **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. | | +| **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. | | +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | +| **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | +| **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | + +## Description + +This resource configures RBAC Management Roles Entries in Exchange Online. + +## Permissions + +### Exchange + +To authenticate with Microsoft Exchange, this resource required the following permissions: + +#### Roles + +- Role Management, View-Only Configuration + +#### Role Groups + +- Organization Management + +## Examples + +### Example 1 + +This example is used to test new resources and showcase the usage of new resources being worked on. +It is not meant to use as a production baseline. + +```powershell +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $Credscredential + ) + Import-DscResource -ModuleName Microsoft365DSC + + node localhost + { + EXOManagementRoleEntry "UpdateRoleEntry" + { + Credential = $Credscredential; + Identity = "Information Rights Management\Get-BookingMailbox" + Parameters = @("ANR","RecipientTypeDetails", "ResultSize") + } + } +} +``` + diff --git a/docs/docs/resources/intune/IntuneAntivirusPolicyWindows10SettingCatalog.md b/docs/docs/resources/intune/IntuneAntivirusPolicyWindows10SettingCatalog.md index 86457f08c9..f06177ddeb 100644 --- a/docs/docs/resources/intune/IntuneAntivirusPolicyWindows10SettingCatalog.md +++ b/docs/docs/resources/intune/IntuneAntivirusPolicyWindows10SettingCatalog.md @@ -41,6 +41,8 @@ | **allowscriptscanning** | Write | String | Allows or disallows Windows Defender Script Scanning functionality. (0: disable feature. 1: enable feature) | `0`, `1` | | **allowuseruiaccess** | Write | String | Allows or disallows user access to the Windows Defender UI. I disallowed, all Windows Defender notifications will also be suppressed. (0: Prevents users from accessing UI. 1: Lets users access UI) | `0`, `1` | | **avgcpuloadfactor** | Write | SInt32 | Represents the average CPU load factor for the Windows Defender scan (in percent). | | +| **archivemaxdepth** | Write | SInt32 | Specify the maximum folder depth to extract from archive files for scanning. | | +| **archivemaxsize** | Write | SInt32 | Specify the maximum size, in KB, of archive files to be extracted and scanned. | | | **checkforsignaturesbeforerunningscan** | Write | String | This policy setting allows you to manage whether a check for new virus and spyware definitions will occur before running a scan. (0: disable feature. 1: enable feature) | `0`, `1` | | **cloudblocklevel** | Write | String | This policy setting determines how aggressive Microsoft Defender Antivirus will be in blocking and scanning suspicious files. Value type is integer.(0: Default windows defender blocking level, 2: High blocking level, 4:High+ blocking level, 6:Zero tolerance blocking level) | `0`, `2`, `4`, `6` | | **cloudextendedtimeout** | Write | SInt32 | This feature allows Microsoft Defender Antivirus to block a suspicious file for up to 60 seconds, and scan it in the cloud to make sure it's safe. Value type is integer, range is 0 - 50. | | @@ -56,6 +58,7 @@ | **excludedprocesses** | Write | StringArray[] | Allows an administrator to specify a list of files opened by processes to ignore during a scan. | | | **puaprotection** | Write | String | Specifies the level of detection for potentially unwanted applications (PUAs). (0: disabled, 1: block mode, 2: audit mode) | `0`, `1`, `2` | | **engineupdateschannel** | Write | String | Enable this policy to specify when devices receive Microsoft Defender engine updates during the monthly gradual rollout. (0: Not configured, 2: Beta Channel, 3: Current Channel (Preview), 4: Current Channel (Staged), 5: Current Channel (Broad), 6: Critical) | `0`, `2`, `3`, `4`, `5`, `6` | +| **meteredconnectionupdates** | Write | String | Allow managed devices to update through metered connections. (0: disabled, 1: enabled) | | | **platformupdateschannel** | Write | String | Enable this policy to specify when devices receive Microsoft Defender platform updates during the monthly gradual rollout. (0: Not configured, 2: Beta Channel, 3: Current Channel (Preview), 4: Current Channel (Staged), 5: Current Channel (Broad), 6: Critical) | `0`, `2`, `3`, `4`, `5`, `6` | | **securityintelligenceupdateschannel** | Write | String | Enable this policy to specify when devices receive Microsoft Defender security intelligence updates during the daily gradual rollout. (0: Not configured, 4: Current Channel (Staged), 5: Current Channel (Broad)) | `0`, `4`, `5` | | **realtimescandirection** | Write | String | Controls which sets of files should be monitored. (0: Monitor all files (bi-directional), 1: Monitor incoming files, 2: Monitor outgoing files) | `0`, `1`, `2` | @@ -63,6 +66,9 @@ | **schedulequickscantime** | Write | SInt32 | Selects the time of day that the Windows Defender quick scan should run. | | | **schedulescanday** | Write | String | Selects the day that the Windows Defender scan should run. (0: Every day, 1: Sunday, 2: Monday, 3: Tuesday, 4: Wednesday, 5: Thursday, 6: Friday, 7: Saturday, 8: No scheduled scan) | `0`, `1`, `2`, `3`, `4`, `5`, `6`, `7`, `8` | | **schedulescantime** | Write | SInt32 | Selects the time of day that the Windows Defender scan should run. | | +| **disabletlsparsing** | Write | String | This setting disables TLS Parsing for Network Protection. (0: enabled, 1: disabled) | `0`, `1` | +| **randomizescheduletasktimes** | Write | String | Specifies if the start time of the scan is randomized. (0: no randomization, 1: randomized) | `0`, `1` | +| **schedulerrandomizationtime** | Write | SInt32 | This setting allows you to configure the scheduler randomization in hours. The randomization interval is [1 - 23] hours. | | | **signatureupdatefallbackorder** | Write | StringArray[] | This policy setting allows you to define the order in which different definition update sources should be contacted. | | | **signatureupdatefilesharessources** | Write | StringArray[] | This policy setting allows you to configure UNC file share sources for downloading definition updates. | | | **signatureupdateinterval** | Write | SInt32 | Specifies the interval (in hours) that will be used to check for signatures, so instead of using the ScheduleDay and ScheduleTime the check for new signatures will be set according to the interval. | | @@ -82,7 +88,6 @@ | **ApplicationSecret** | Write | PSCredential | Secret of the Azure Active Directory tenant used for authentication. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | -| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ### MSFT_DeviceManagementConfigurationPolicyAssignments diff --git a/docs/docs/resources/intune/M365DSCRuleEvaluation.md b/docs/docs/resources/intune/M365DSCRuleEvaluation.md index 16d1597653..84e4143b74 100644 --- a/docs/docs/resources/intune/M365DSCRuleEvaluation.md +++ b/docs/docs/resources/intune/M365DSCRuleEvaluation.md @@ -13,6 +13,7 @@ | **ApplicationSecret** | Write | PSCredential | Secret of the Azure Active Directory application to authenticate with. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | # AAD Tenant Details diff --git a/docs/docs/resources/office365/O365AdminAuditLogConfig.md b/docs/docs/resources/office365/O365AdminAuditLogConfig.md index cac59d71ef..b663440bb4 100644 --- a/docs/docs/resources/office365/O365AdminAuditLogConfig.md +++ b/docs/docs/resources/office365/O365AdminAuditLogConfig.md @@ -14,6 +14,7 @@ | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/office365/O365Group.md b/docs/docs/resources/office365/O365Group.md index 91915dbb46..5eef1fac5d 100644 --- a/docs/docs/resources/office365/O365Group.md +++ b/docs/docs/resources/office365/O365Group.md @@ -16,6 +16,7 @@ | **ApplicationSecret** | Write | PSCredential | Secret of the Azure Active Directory application used for authentication. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/office365/O365OrgCustomizationSetting.md b/docs/docs/resources/office365/O365OrgCustomizationSetting.md index 2db392e80c..a03d738ccc 100644 --- a/docs/docs/resources/office365/O365OrgCustomizationSetting.md +++ b/docs/docs/resources/office365/O365OrgCustomizationSetting.md @@ -12,6 +12,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/office365/O365OrgSettings.md b/docs/docs/resources/office365/O365OrgSettings.md index c279b168ee..a7c8b31216 100644 --- a/docs/docs/resources/office365/O365OrgSettings.md +++ b/docs/docs/resources/office365/O365OrgSettings.md @@ -38,6 +38,7 @@ | **ApplicationSecret** | Write | PSCredential | Secret of the Azure Active Directory tenant used for authentication. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/office365/O365SearchAndIntelligenceConfigurations.md b/docs/docs/resources/office365/O365SearchAndIntelligenceConfigurations.md index 33e58bd2c5..01870413d7 100644 --- a/docs/docs/resources/office365/O365SearchAndIntelligenceConfigurations.md +++ b/docs/docs/resources/office365/O365SearchAndIntelligenceConfigurations.md @@ -10,6 +10,7 @@ | **PersonInsightsIsEnabledInOrganization** | Write | Boolean | Specifies whether or not Person Insights should be available for the organization. | | | **PersonInsightsDisabledForGroup** | Write | String | Specifies a single Azure AD Group for which Person Insights needs to be disabled. | | | **Credential** | Write | PSCredential | Credentials of the Global Admin | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/onedrive/ODSettings.md b/docs/docs/resources/onedrive/ODSettings.md index cbd32d920b..9297f4f4f0 100644 --- a/docs/docs/resources/onedrive/ODSettings.md +++ b/docs/docs/resources/onedrive/ODSettings.md @@ -26,6 +26,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCAuditConfigurationPolicy.md b/docs/docs/resources/security-compliance/SCAuditConfigurationPolicy.md index 4951cec9f5..6a3dcf760d 100644 --- a/docs/docs/resources/security-compliance/SCAuditConfigurationPolicy.md +++ b/docs/docs/resources/security-compliance/SCAuditConfigurationPolicy.md @@ -12,6 +12,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCAutoSensitivityLabelPolicy.md b/docs/docs/resources/security-compliance/SCAutoSensitivityLabelPolicy.md index 7f000aaa59..0fb7b93b5d 100644 --- a/docs/docs/resources/security-compliance/SCAutoSensitivityLabelPolicy.md +++ b/docs/docs/resources/security-compliance/SCAutoSensitivityLabelPolicy.md @@ -35,6 +35,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCAutoSensitivityLabelRule.md b/docs/docs/resources/security-compliance/SCAutoSensitivityLabelRule.md index db63058dcd..31bd5f8d14 100644 --- a/docs/docs/resources/security-compliance/SCAutoSensitivityLabelRule.md +++ b/docs/docs/resources/security-compliance/SCAutoSensitivityLabelRule.md @@ -54,6 +54,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ### MSFT_SCHeaderPattern diff --git a/docs/docs/resources/security-compliance/SCCaseHoldPolicy.md b/docs/docs/resources/security-compliance/SCCaseHoldPolicy.md index 52359422d6..affeef4c86 100644 --- a/docs/docs/resources/security-compliance/SCCaseHoldPolicy.md +++ b/docs/docs/resources/security-compliance/SCCaseHoldPolicy.md @@ -18,6 +18,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCCaseHoldRule.md b/docs/docs/resources/security-compliance/SCCaseHoldRule.md index 945918bd4e..0d970b2829 100644 --- a/docs/docs/resources/security-compliance/SCCaseHoldRule.md +++ b/docs/docs/resources/security-compliance/SCCaseHoldRule.md @@ -16,6 +16,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCComplianceCase.md b/docs/docs/resources/security-compliance/SCComplianceCase.md index 052184fa5c..b60240a0cb 100644 --- a/docs/docs/resources/security-compliance/SCComplianceCase.md +++ b/docs/docs/resources/security-compliance/SCComplianceCase.md @@ -14,6 +14,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCComplianceSearch.md b/docs/docs/resources/security-compliance/SCComplianceSearch.md index 206e271b73..d1ae84835e 100644 --- a/docs/docs/resources/security-compliance/SCComplianceSearch.md +++ b/docs/docs/resources/security-compliance/SCComplianceSearch.md @@ -24,6 +24,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCComplianceSearchAction.md b/docs/docs/resources/security-compliance/SCComplianceSearchAction.md index d5a6e59445..e8a03a31b1 100644 --- a/docs/docs/resources/security-compliance/SCComplianceSearchAction.md +++ b/docs/docs/resources/security-compliance/SCComplianceSearchAction.md @@ -20,6 +20,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCComplianceTag.md b/docs/docs/resources/security-compliance/SCComplianceTag.md index 5a071bd77a..e967514bc9 100644 --- a/docs/docs/resources/security-compliance/SCComplianceTag.md +++ b/docs/docs/resources/security-compliance/SCComplianceTag.md @@ -22,6 +22,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ### MSFT_SCFilePlanProperty diff --git a/docs/docs/resources/security-compliance/SCDLPCompliancePolicy.md b/docs/docs/resources/security-compliance/SCDLPCompliancePolicy.md index b6ac07e2c0..2b14b6e10a 100644 --- a/docs/docs/resources/security-compliance/SCDLPCompliancePolicy.md +++ b/docs/docs/resources/security-compliance/SCDLPCompliancePolicy.md @@ -32,6 +32,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCDLPComplianceRule.md b/docs/docs/resources/security-compliance/SCDLPComplianceRule.md index 6e2890ec62..f47bb12b9b 100644 --- a/docs/docs/resources/security-compliance/SCDLPComplianceRule.md +++ b/docs/docs/resources/security-compliance/SCDLPComplianceRule.md @@ -78,6 +78,7 @@ | **SetHeader** | Write | StringArray[] | The SetHeader The SetHeader parameter specifies an action for the DLP rule that adds or modifies a header field and value in the message header. You can specify multiple header name and value pairs separated by commas | | | **ContentExtensionMatchesWords** | Write | StringArray[] | The ContentExtensionMatchesWords parameter specifies a condition for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas. | | | **ExceptIfContentExtensionMatchesWords** | Write | StringArray[] | The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ### MSFT_SCDLPSensitiveInformation diff --git a/docs/docs/resources/security-compliance/SCDeviceConditionalAccessPolicy.md b/docs/docs/resources/security-compliance/SCDeviceConditionalAccessPolicy.md index 22dbffe5ee..923532674b 100644 --- a/docs/docs/resources/security-compliance/SCDeviceConditionalAccessPolicy.md +++ b/docs/docs/resources/security-compliance/SCDeviceConditionalAccessPolicy.md @@ -14,6 +14,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCDeviceConfigurationPolicy.md b/docs/docs/resources/security-compliance/SCDeviceConfigurationPolicy.md index 6d1be42339..2746333828 100644 --- a/docs/docs/resources/security-compliance/SCDeviceConfigurationPolicy.md +++ b/docs/docs/resources/security-compliance/SCDeviceConfigurationPolicy.md @@ -14,6 +14,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCFilePlanPropertyAuthority.md b/docs/docs/resources/security-compliance/SCFilePlanPropertyAuthority.md index 24bf1f6cf8..9a7e622405 100644 --- a/docs/docs/resources/security-compliance/SCFilePlanPropertyAuthority.md +++ b/docs/docs/resources/security-compliance/SCFilePlanPropertyAuthority.md @@ -12,6 +12,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCFilePlanPropertyCategory.md b/docs/docs/resources/security-compliance/SCFilePlanPropertyCategory.md index e34c3961ae..4df5842fa4 100644 --- a/docs/docs/resources/security-compliance/SCFilePlanPropertyCategory.md +++ b/docs/docs/resources/security-compliance/SCFilePlanPropertyCategory.md @@ -12,6 +12,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCFilePlanPropertyCitation.md b/docs/docs/resources/security-compliance/SCFilePlanPropertyCitation.md index 2f786898c6..3fb465aba6 100644 --- a/docs/docs/resources/security-compliance/SCFilePlanPropertyCitation.md +++ b/docs/docs/resources/security-compliance/SCFilePlanPropertyCitation.md @@ -14,6 +14,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCFilePlanPropertyDepartment.md b/docs/docs/resources/security-compliance/SCFilePlanPropertyDepartment.md index 646caa6b71..35c6575251 100644 --- a/docs/docs/resources/security-compliance/SCFilePlanPropertyDepartment.md +++ b/docs/docs/resources/security-compliance/SCFilePlanPropertyDepartment.md @@ -12,6 +12,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCFilePlanPropertyReferenceId.md b/docs/docs/resources/security-compliance/SCFilePlanPropertyReferenceId.md index dcc06c23bd..a27c864ae6 100644 --- a/docs/docs/resources/security-compliance/SCFilePlanPropertyReferenceId.md +++ b/docs/docs/resources/security-compliance/SCFilePlanPropertyReferenceId.md @@ -12,6 +12,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCFilePlanPropertySubCategory.md b/docs/docs/resources/security-compliance/SCFilePlanPropertySubCategory.md index e08a59824c..d8f49ee39f 100644 --- a/docs/docs/resources/security-compliance/SCFilePlanPropertySubCategory.md +++ b/docs/docs/resources/security-compliance/SCFilePlanPropertySubCategory.md @@ -13,6 +13,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCLabelPolicy.md b/docs/docs/resources/security-compliance/SCLabelPolicy.md index 42f3cc5d72..e01da5aece 100644 --- a/docs/docs/resources/security-compliance/SCLabelPolicy.md +++ b/docs/docs/resources/security-compliance/SCLabelPolicy.md @@ -29,6 +29,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ### MSFT_SCLabelSetting diff --git a/docs/docs/resources/security-compliance/SCProtectionAlert.md b/docs/docs/resources/security-compliance/SCProtectionAlert.md index 9d6d67b29d..9195232488 100644 --- a/docs/docs/resources/security-compliance/SCProtectionAlert.md +++ b/docs/docs/resources/security-compliance/SCProtectionAlert.md @@ -35,6 +35,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCRetentionCompliancePolicy.md b/docs/docs/resources/security-compliance/SCRetentionCompliancePolicy.md index f7f9ea48bd..bbeb8f4038 100644 --- a/docs/docs/resources/security-compliance/SCRetentionCompliancePolicy.md +++ b/docs/docs/resources/security-compliance/SCRetentionCompliancePolicy.md @@ -31,6 +31,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCRetentionComplianceRule.md b/docs/docs/resources/security-compliance/SCRetentionComplianceRule.md index b233501c88..9a73acb055 100644 --- a/docs/docs/resources/security-compliance/SCRetentionComplianceRule.md +++ b/docs/docs/resources/security-compliance/SCRetentionComplianceRule.md @@ -20,6 +20,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCRetentionEventType.md b/docs/docs/resources/security-compliance/SCRetentionEventType.md index 7f3e297081..e292b5d7f7 100644 --- a/docs/docs/resources/security-compliance/SCRetentionEventType.md +++ b/docs/docs/resources/security-compliance/SCRetentionEventType.md @@ -13,6 +13,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCRoleGroup.md b/docs/docs/resources/security-compliance/SCRoleGroup.md index 7b7abdff6f..db061cc3ed 100644 --- a/docs/docs/resources/security-compliance/SCRoleGroup.md +++ b/docs/docs/resources/security-compliance/SCRoleGroup.md @@ -15,6 +15,7 @@ | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCRoleGroupMember.md b/docs/docs/resources/security-compliance/SCRoleGroupMember.md index ac8263830c..3109a216bd 100644 --- a/docs/docs/resources/security-compliance/SCRoleGroupMember.md +++ b/docs/docs/resources/security-compliance/SCRoleGroupMember.md @@ -14,6 +14,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCSecurityFilter.md b/docs/docs/resources/security-compliance/SCSecurityFilter.md index bf0b11e483..cca7291c44 100644 --- a/docs/docs/resources/security-compliance/SCSecurityFilter.md +++ b/docs/docs/resources/security-compliance/SCSecurityFilter.md @@ -17,6 +17,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **Ensure** | Write | String | Specify if this label policy should exist or not. | `Present`, `Absent` | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCSensitivityLabel.md b/docs/docs/resources/security-compliance/SCSensitivityLabel.md index 7f33634cf0..6731ac0fff 100644 --- a/docs/docs/resources/security-compliance/SCSensitivityLabel.md +++ b/docs/docs/resources/security-compliance/SCSensitivityLabel.md @@ -54,6 +54,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ### MSFT_SCLabelSetting diff --git a/docs/docs/resources/security-compliance/SCSupervisoryReviewPolicy.md b/docs/docs/resources/security-compliance/SCSupervisoryReviewPolicy.md index bf6e887629..e67a73a6b4 100644 --- a/docs/docs/resources/security-compliance/SCSupervisoryReviewPolicy.md +++ b/docs/docs/resources/security-compliance/SCSupervisoryReviewPolicy.md @@ -14,6 +14,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/security-compliance/SCSupervisoryReviewRule.md b/docs/docs/resources/security-compliance/SCSupervisoryReviewRule.md index bd7bf93985..f6f2ea2c9e 100644 --- a/docs/docs/resources/security-compliance/SCSupervisoryReviewRule.md +++ b/docs/docs/resources/security-compliance/SCSupervisoryReviewRule.md @@ -15,6 +15,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | | | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOAccessControlSettings.md b/docs/docs/resources/sharepoint/SPOAccessControlSettings.md index 0cb58239af..cc24a9a375 100644 --- a/docs/docs/resources/sharepoint/SPOAccessControlSettings.md +++ b/docs/docs/resources/sharepoint/SPOAccessControlSettings.md @@ -24,6 +24,7 @@ | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | | **ConditionalAccessPolicy** | Write | String | Blocks or limits access to SharePoint and OneDrive content from un-managed devices. | `AllowFullAccess`, `AllowLimitedAccess`, `BlockAccess`, `ProtectionLevel` | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | # SPO Access Control Settings diff --git a/docs/docs/resources/sharepoint/SPOApp.md b/docs/docs/resources/sharepoint/SPOApp.md index f81dcd182f..654e72ec7c 100644 --- a/docs/docs/resources/sharepoint/SPOApp.md +++ b/docs/docs/resources/sharepoint/SPOApp.md @@ -17,6 +17,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOBrowserIdleSignout.md b/docs/docs/resources/sharepoint/SPOBrowserIdleSignout.md index 89c24222d1..4636a493c2 100644 --- a/docs/docs/resources/sharepoint/SPOBrowserIdleSignout.md +++ b/docs/docs/resources/sharepoint/SPOBrowserIdleSignout.md @@ -16,6 +16,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOHomeSite.md b/docs/docs/resources/sharepoint/SPOHomeSite.md index 45ac4d6a5a..09e5f32d67 100644 --- a/docs/docs/resources/sharepoint/SPOHomeSite.md +++ b/docs/docs/resources/sharepoint/SPOHomeSite.md @@ -15,6 +15,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOHubSite.md b/docs/docs/resources/sharepoint/SPOHubSite.md index 8a904ef42b..96ad357b1c 100644 --- a/docs/docs/resources/sharepoint/SPOHubSite.md +++ b/docs/docs/resources/sharepoint/SPOHubSite.md @@ -20,6 +20,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOOrgAssetsLibrary.md b/docs/docs/resources/sharepoint/SPOOrgAssetsLibrary.md index 3d1d871f28..1f92d0b969 100644 --- a/docs/docs/resources/sharepoint/SPOOrgAssetsLibrary.md +++ b/docs/docs/resources/sharepoint/SPOOrgAssetsLibrary.md @@ -16,6 +16,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOPropertyBag.md b/docs/docs/resources/sharepoint/SPOPropertyBag.md index 6de11f7495..d8fe7677a3 100644 --- a/docs/docs/resources/sharepoint/SPOPropertyBag.md +++ b/docs/docs/resources/sharepoint/SPOPropertyBag.md @@ -16,6 +16,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOSearchManagedProperty.md b/docs/docs/resources/sharepoint/SPOSearchManagedProperty.md index b17419f320..3fbe06cd3a 100644 --- a/docs/docs/resources/sharepoint/SPOSearchManagedProperty.md +++ b/docs/docs/resources/sharepoint/SPOSearchManagedProperty.md @@ -32,6 +32,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOSearchResultSource.md b/docs/docs/resources/sharepoint/SPOSearchResultSource.md index b7670b1773..139736cbc1 100644 --- a/docs/docs/resources/sharepoint/SPOSearchResultSource.md +++ b/docs/docs/resources/sharepoint/SPOSearchResultSource.md @@ -21,6 +21,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOSharingSettings.md b/docs/docs/resources/sharepoint/SPOSharingSettings.md index f4705c8d92..1869690d40 100644 --- a/docs/docs/resources/sharepoint/SPOSharingSettings.md +++ b/docs/docs/resources/sharepoint/SPOSharingSettings.md @@ -37,6 +37,7 @@ | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | | **ExternalUserExpirationRequired** | Write | Boolean | Enable Guest access to a site or Onedrive to expire after | | | **ExternalUserExpireInDays** | Write | UInt32 | Specifies Number of days for Guest Access links to expire. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOSite.md b/docs/docs/resources/sharepoint/SPOSite.md index b0725164dc..2a294bd4e2 100644 --- a/docs/docs/resources/sharepoint/SPOSite.md +++ b/docs/docs/resources/sharepoint/SPOSite.md @@ -39,6 +39,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOSiteAuditSettings.md b/docs/docs/resources/sharepoint/SPOSiteAuditSettings.md index af5e86368c..cfdfb17f1d 100644 --- a/docs/docs/resources/sharepoint/SPOSiteAuditSettings.md +++ b/docs/docs/resources/sharepoint/SPOSiteAuditSettings.md @@ -14,6 +14,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOSiteDesign.md b/docs/docs/resources/sharepoint/SPOSiteDesign.md index 703159a128..fd6023d7ea 100644 --- a/docs/docs/resources/sharepoint/SPOSiteDesign.md +++ b/docs/docs/resources/sharepoint/SPOSiteDesign.md @@ -21,6 +21,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOSiteDesignRights.md b/docs/docs/resources/sharepoint/SPOSiteDesignRights.md index 0c00f41046..e42a1d32d8 100644 --- a/docs/docs/resources/sharepoint/SPOSiteDesignRights.md +++ b/docs/docs/resources/sharepoint/SPOSiteDesignRights.md @@ -16,6 +16,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOSiteGroup.md b/docs/docs/resources/sharepoint/SPOSiteGroup.md index ddc34f1022..df508f3e20 100644 --- a/docs/docs/resources/sharepoint/SPOSiteGroup.md +++ b/docs/docs/resources/sharepoint/SPOSiteGroup.md @@ -17,6 +17,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOSiteScript.md b/docs/docs/resources/sharepoint/SPOSiteScript.md index dda398ce51..6cdaf50fc5 100644 --- a/docs/docs/resources/sharepoint/SPOSiteScript.md +++ b/docs/docs/resources/sharepoint/SPOSiteScript.md @@ -17,6 +17,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOStorageEntity.md b/docs/docs/resources/sharepoint/SPOStorageEntity.md index 42fa1e0444..e98936ddca 100644 --- a/docs/docs/resources/sharepoint/SPOStorageEntity.md +++ b/docs/docs/resources/sharepoint/SPOStorageEntity.md @@ -19,6 +19,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOTenantCDNPolicy.md b/docs/docs/resources/sharepoint/SPOTenantCDNPolicy.md index 38c1c94178..8fd21ad935 100644 --- a/docs/docs/resources/sharepoint/SPOTenantCDNPolicy.md +++ b/docs/docs/resources/sharepoint/SPOTenantCDNPolicy.md @@ -15,6 +15,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOTenantCdnEnabled.md b/docs/docs/resources/sharepoint/SPOTenantCdnEnabled.md index c1c7c0f3d3..5026978b56 100644 --- a/docs/docs/resources/sharepoint/SPOTenantCdnEnabled.md +++ b/docs/docs/resources/sharepoint/SPOTenantCdnEnabled.md @@ -15,6 +15,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ## Description diff --git a/docs/docs/resources/sharepoint/SPOTenantSettings.md b/docs/docs/resources/sharepoint/SPOTenantSettings.md index a588190908..a9527057ce 100644 --- a/docs/docs/resources/sharepoint/SPOTenantSettings.md +++ b/docs/docs/resources/sharepoint/SPOTenantSettings.md @@ -37,6 +37,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | # SPO Tenant Settings diff --git a/docs/docs/resources/sharepoint/SPOTheme.md b/docs/docs/resources/sharepoint/SPOTheme.md index 5e1de5d5d1..b26434625a 100644 --- a/docs/docs/resources/sharepoint/SPOTheme.md +++ b/docs/docs/resources/sharepoint/SPOTheme.md @@ -16,6 +16,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ### MSFT_SPOThemePaletteProperty diff --git a/docs/docs/resources/sharepoint/SPOUserProfileProperty.md b/docs/docs/resources/sharepoint/SPOUserProfileProperty.md index 457211f8e7..990ea1f04d 100644 --- a/docs/docs/resources/sharepoint/SPOUserProfileProperty.md +++ b/docs/docs/resources/sharepoint/SPOUserProfileProperty.md @@ -13,6 +13,7 @@ | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **AccessTokens** | Write | StringArray[] | Access token used for authentication. | | ### MSFT_SPOUserProfilePropertyInstance diff --git a/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md b/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md index e9d95d2010..046dab8eee 100644 --- a/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md +++ b/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **GroupDisplayName** | Key | String | Group Displayname of the group the policys are assigned to | | | **GroupId** | Write | String | GroupId, alternatively to Group Displayname | | -| **PolicyType** | Key | String | Teams PolicyType. The type of the policy to be assigned. Possible values: | `ApplicationAccessPolicy`, `CallingLineIdentity`, `OnlineAudioConferencingRoutingPolicy`, `OnlineVoicemailPolicy`, `OnlineVoiceRoutingPolicy`, `TeamsAudioConferencingPolicy`, `TeamsCallHoldPolicy`, `TeamsCallParkPolicy`, `TeamsChannelsPolicy`, `TeamsComplianceRecordingPolicy`, `TeamsCortanaPolicy`, `TeamsEmergencyCallingPolicy`, `TeamsEnhancedEncryptionPolicy`, `TeamsFeedbackPolicy`, `TeamsFilesPolicy`, `TeamsIPPhonePolicy`, `TeamsMediaLoggingPolicy`, `TeamsMeetingBroadcastPolicy`, `TeamsMeetingPolicy`, `TeamsMessagingPolicy`, `TeamsMobilityPolicy`, `TeamsRoomVideoTeleConferencingPolicy`, `TeamsShiftsPolicy`, `TeamsUpdateManagementPolicy`, `TeamsVdiPolicy`, `TeamsVideoInteropServicePolicy`, `TenantDialPlan`, `ExternalAccessPolicy`, `TeamsAppSetupPolicy`, `TeamsCallingPolicy`, `TeamsEventsPolicy`, `TeamsMeetingBrandingPolicy`, `TeamsMeetingTemplatePermissionPolicy` | +| **PolicyType** | Key | String | Teams PolicyType. The type of the policy to be assigned. Possible values: | `ApplicationAccessPolicy`, `CallingLineIdentity`, `OnlineAudioConferencingRoutingPolicy`, `OnlineVoicemailPolicy`, `OnlineVoiceRoutingPolicy`, `TeamsAudioConferencingPolicy`, `TeamsCallHoldPolicy`, `TeamsCallParkPolicy`, `TeamsChannelsPolicy`, `TeamsComplianceRecordingPolicy`, `TeamsCortanaPolicy`, `TeamsEmergencyCallingPolicy`, `TeamsEnhancedEncryptionPolicy`, `TeamsFeedbackPolicy`, `TeamsFilesPolicy`, `TeamsIPPhonePolicy`, `TeamsMediaLoggingPolicy`, `TeamsMeetingBroadcastPolicy`, `TeamsMeetingPolicy`, `TeamsMessagingPolicy`, `TeamsMobilityPolicy`, `TeamsRoomVideoTeleConferencingPolicy`, `TeamsShiftsPolicy`, `TeamsUpdateManagementPolicy`, `TeamsVdiPolicy`, `TeamsVideoInteropServicePolicy`, `TenantDialPlan`, `ExternalAccessPolicy`, `TeamsAppSetupPolicy`, `TeamsCallingPolicy`, `TeamsEventsPolicy`, `TeamsMeetingBrandingPolicy`, `TeamsMeetingTemplatePermissionPolicy`, `TeamsVerticalPackagePolicy` | | **PolicyName** | Write | String | Teams PolicyName. The name of the policy to be assigned. | | | **Priority** | Write | String | Teams Priority. The rank of the policy assignment, relative to other group policy assignments for the same policy type | | | **Ensure** | Write | String | Present ensures the group policy assignment exists, absent ensures it is removed. | `Present`, `Absent` | diff --git a/docs/docs/user-guide/cmdlets/Set-M365DSCTelemetryOption.md b/docs/docs/user-guide/cmdlets/Set-M365DSCTelemetryOption.md index d1d7bec317..812214008e 100644 --- a/docs/docs/user-guide/cmdlets/Set-M365DSCTelemetryOption.md +++ b/docs/docs/user-guide/cmdlets/Set-M365DSCTelemetryOption.md @@ -15,6 +15,7 @@ This function does not generate any output. | Enabled | False | Boolean | | | Enables or disables telemetry collection. | | InstrumentationKey | False | String | | | Specifies the Instrumention Key to be used to send the telemetry to. | | ProjectName | False | String | | | Specifies the name of the project to store the telemetry data under. | +| ConnectionString | False | String | | | | ## Examples diff --git a/docs/docs/user-guide/get-started/authentication-and-permissions.md b/docs/docs/user-guide/get-started/authentication-and-permissions.md index 0027835736..4ac4f19396 100644 --- a/docs/docs/user-guide/get-started/authentication-and-permissions.md +++ b/docs/docs/user-guide/get-started/authentication-and-permissions.md @@ -29,8 +29,8 @@ The following table provides an overview of what authentication methods are supp | *OneDrive* | PnP.PowerShell (Connect-PnPOnline) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) | ![Check](../../Images/check.png) | | *Power Apps* | Microsoft.PowerApps.
Administration.PowerShell | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/cross.png) | | *Planner** | Microsoft.Graph.Authentication
(Connect-MgGraph) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) | ![Cross](../../Images/cross.png) | -| *Security & Compliance Center* | ExchangeOnlineManagement
(Connect-IPPSSession) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/cross.png) | -| *SharePoint Online* | PnP.PowerShell
(Connect-PnPOnline) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) | ![Cross](../../Images/cross.png) | +| *Security & Compliance Center* | ExchangeOnlineManagement
(Connect-IPPSSession) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | +| *SharePoint Online* | PnP.PowerShell
(Connect-PnPOnline) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/check.png) | ![Check](../../Images/check.png) | | *Teams* | MicrosoftTeams
(Connect-MicrosoftTeams) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | ![Cross](../../Images/cross.png) | ![Cross](../../Images/cross.png) | ![Check](../../Images/check.png) | ![Check](../../Images/check.png) | > ![Check](../../Images/check.png) = Supported / ![Cross](../../Images/cross.png) = Not supported