Merge branch 'KelvinTegelaar:master' into master

AntoJUICT · Dec 13, 2023 · 7732b42 · 7732b42
2 parents e8d0f31 + 5aeb974
commit 7732b42
Show file tree

Hide file tree

Showing 8 changed files with 40 additions and 197 deletions.
diff --git a/Cache_SAMSetup/SAMManifestNoPartner.json b/Cache_SAMSetup/SAMManifestNoPartner.json
diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-AddStandardsDeploy.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-AddStandardsDeploy.ps1
@@ -34,11 +34,12 @@ Function Invoke-AddStandardsDeploy {
                 RowKey       = "$Tenant"
                 PartitionKey = 'standards'
             }
+            Write-LogMessage -user $request.headers.'x-ms-client-principal' -tenant $tenant -API 'Standards' -message 'Successfully added standards deployment' -Sev 'Info'
         }
-        Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Successfully added standards deployment' -Sev 'Info'
         $body = [pscustomobject]@{'Results' = 'Successfully added standards deployment' }
-    } catch {
-        Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Standards API failed. Error:$($_.Exception.Message)" -Sev 'Error'
+    }
+    catch {
+        Write-LogMessage -user $request.headers.'x-ms-client-principal' -API 'Standards' -message "Standards API failed. Error:$($_.Exception.Message)" -Sev 'Error'
         $body = [pscustomobject]@{'Results' = "Failed to add standard: $($_.Exception.Message)" }
     }
 

diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1
@@ -13,9 +13,11 @@ function Invoke-CIPPStandardNudgeMFA {
         } elseif ($Settings.enable) { 'enabled' } else { 'disabled' }
         Write-Output $status
         try {
-            $body = '{"registrationEnforcement":{"authenticationMethodsRegistrationCampaign":{"snoozeDurationInDays":0,"state":"' + $status + '","excludeTargets":[],"includeTargets":[{"id":"all_users","targetType":"group","targetedAuthenticationMethod":"microsoftAuthenticator","displayName":"All users"}]}}}'
-            New-GraphPostRequest -tenantid $tenant -Uri 'https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy' -Type patch -Body $body -ContentType 'application/json'
-            Write-LogMessage -API 'Standards' -tenant $tenant -message "$status Authenticator App Nudge" -sev Info
+            $Body = $CurrentInfo
+            $body.registrationEnforcement.authenticationMethodsRegistrationCampaign.state = $status
+            $body = ConvertTo-Json -Depth 10 -InputObject ($body | Select-Object registrationEnforcement)
+            New-GraphPostRequest -tenantid $tenant -Uri "https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy" -Type patch -Body $body -ContentType "application/json"
+            Write-LogMessage -API "Standards" -tenant $tenant -message  "$status Authenticator App Nudge" -sev Info
         } catch {
             Write-LogMessage -API 'Standards' -tenant $tenant -message "Failed to $status Authenticator App Nudge: $($_.exception.message)" -sev Error
         }

diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTAP.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTAP.ps1
@@ -7,28 +7,17 @@ function Invoke-CIPPStandardTAP {
     $CurrentInfo = (New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authenticationmethodspolicy/authenticationMethodConfigurations/TemporaryAccessPass' -tenantid $Tenant)
 
     If ($Settings.remediate) {
-
-        $TAPConfig = $Settings.Config
-        if (!$TAPConfig) { $TAPConfig = 'true' }
         try {
-            $MinimumLifetime = '60' #Minutes
-            $MaximumLifetime = '480' #minutes
-            $DefaultLifeTime = '60' #minutes
-            $DefaultLength = '8'
-            $body = @"
-  {"@odata.type":"#microsoft.graph.temporaryAccessPassAuthenticationMethodConfiguration",
-  "id":"TemporaryAccessPass",
-  "includeTargets":[{"id":"all_users",
-  "isRegistrationRequired":false,
-  "targetType":"group","displayName":"All users"}],
-  "defaultLength":$DefaultLength,
-  "defaultLifetimeInMinutes":$DefaultLifeTime,
-  "isUsableOnce": $TAPConfig,
-  "maximumLifetimeInMinutes":$MaximumLifetime,
-  "minimumLifetimeInMinutes":$MinimumLifetime,
-  "state":"enabled"}
-"@
-    (New-GraphPostRequest -tenantid $tenant -Uri 'https://graph.microsoft.com/beta/policies/authenticationmethodspolicy/authenticationMethodConfigurations/TemporaryAccessPass' -Type patch -asApp $true -Body $body -ContentType 'application/json') 
+
+            $CurrentInfo.state = 'enabled'
+            $CurrentInfo.isUsableOnce = $Settings.config
+            $CurrentInfo.minimumLifetimeInMinutes = '60'
+            $CurrentInfo.maximumLifetimeInMinutes = '480'
+            $CurrentInfo.defaultLifetimeInMinutes = '60'
+            $CurrentInfo.defaultLength = '8'
+            $body = ConvertTo-Json -Depth 10 -InputObject $CurrentInfo
+            Write-Host "Sending body $body"
+            New-GraphPostRequest -tenantid $tenant -Uri 'https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/TemporaryAccessPass' -Type patch -asApp $true -Body $body -ContentType 'application/json'
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Enabled Temporary Access Passwords.' -sev Info
         } catch {
             Write-LogMessage -API 'Standards' -tenant $tenant -message "Failed to enable TAP. Error: $($_.exception.message)" -sev Error

diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1
@@ -5,18 +5,18 @@ function Invoke-CIPPStandardcalDefault {
     #>
     param($Tenant, $Settings)
     If ($Settings.remediate) {
-        $Mailboxes = New-ExoRequest -tenantid $Tenant -cmdlet 'get-mailbox'
+        $Mailboxes = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-Mailbox'
         foreach ($Mailbox in $Mailboxes) {
             try {
                 New-ExoRequest -tenantid $Tenant -cmdlet 'Get-MailboxFolderStatistics' -cmdParams @{identity = $Mailbox.UserPrincipalName; FolderScope = 'Calendar' } -Anchor $Mailbox.UserPrincipalName | Where-Object { $_.FolderType -eq 'Calendar' } | ForEach-Object {
-                    New-ExoRequest -tenantid $Tenant -cmdlet 'Set-MailboxFolderPermission' -cmdparams @{Identity = "$($Mailbox.UserPrincipalName):$($_.FolderId)"; User = 'Default'; AccessRights = $setting.permissionlevel } -Anchor $Mailbox.UserPrincipalName 
-                    Write-LogMessage -API 'Standards' -tenant $tenant -message "Set default folder permission for $($Mailbox.UserPrincipalName):\$($_.Name) to $($setting.permissionlevel)" -sev Error
+                    New-ExoRequest -tenantid $Tenant -cmdlet 'Set-MailboxFolderPermission' -cmdparams @{Identity = "$($Mailbox.UserPrincipalName):$($_.FolderId)"; User = 'Default'; AccessRights = $Settings.permissionlevel } -Anchor $Mailbox.UserPrincipalName 
+                    Write-LogMessage -API 'Standards' -tenant $tenant -message "Set default folder permission for $($Mailbox.UserPrincipalName):\$($_.Name) to $($Settings.permissionlevel)" -sev Info
                 }
             }
             catch {
                 Write-LogMessage -API 'Standards' -tenant $tenant -message "Could not set default calendar permissions for $($Mailbox.UserPrincipalName). Error: $($_.exception.message)" -sev Error
             }
-
+            
         }
         Write-LogMessage -API 'Standards' -tenant $tenant -message 'Done setting default calendar permissions.' -sev Info
 

diff --git a/Modules/CippExtensions/NinjaOne/Invoke-NinjaOneDocumentTemplate.ps1 b/Modules/CippExtensions/NinjaOne/Invoke-NinjaOneDocumentTemplate.ps1
@@ -15,24 +15,22 @@ function Invoke-NinjaOneDocumentTemplate {
     if (!$ID) {
         $DocumentTemplates = (Invoke-WebRequest -Uri "https://$($Configuration.Instance)/api/v2/document-templates/" -Method GET -Headers @{Authorization = "Bearer $($token.access_token)" } -ContentType 'application/json').content | ConvertFrom-Json -Depth 100
         $DocumentTemplate = $DocumentTemplates | Where-Object { $_.name -eq $Template.name }
-    }
-    else {
+    } else {
         $DocumentTemplate = (Invoke-WebRequest -Uri "https://$($Configuration.Instance)/api/v2/document-templates/$($ID)" -Method GET -Headers @{Authorization = "Bearer $($token.access_token)" } -ContentType 'application/json').content | ConvertFrom-Json -Depth 100
     }
 
     $MatchedCount = ($DocumentTemplate | Measure-Object).count
     if ($MatchedCount -eq 1) {
         # Matched a single document template
         $NinjaDocumentTemplate = $DocumentTemplate
-    }
-    elseif ($MatchedCount -eq 0) {
+    } elseif ($MatchedCount -eq 0) {
         # Create a new Document Template
         $Body = $Template | ConvertTo-Json -Depth 100
-        $NinjaDocumentTemplate = (Invoke-WebRequest -Uri "https://$($Configuration.Instance)/api/v2/document-templates/" -Method POST -Headers @{Authorization = "Bearer $($token.access_token)" } -ContentType 'application/json'  -Body $Body).content | ConvertFrom-Json -Depth 100
-    }
-    else {
+        Write-Host "Ninja Body: $body"
+        $NinjaDocumentTemplate = (Invoke-WebRequest -Uri "https://$($Configuration.Instance)/api/v2/document-templates/" -Method POST -Headers @{Authorization = "Bearer $($token.access_token)" } -ContentType 'application/json' -Body $Body).content | ConvertFrom-Json -Depth 100
+    } else {
         # Matched multiple templates. Should be impossible but lets check anyway :D
-        Throw "Multiple Documents Matched the Provided Criteria"
+        Throw 'Multiple Documents Matched the Provided Criteria'
     }
 
     return $NinjaDocumentTemplate