Skip to content

Commit

Permalink
Merge pull request #19 from KelvinTegelaar/master
Browse files Browse the repository at this point in the history 
[pull] master from KelvinTegelaar:master
  • Loading branch information
@pull
pull[bot] authored Jan 3, 2024
2 parents 32f48b2 + eef8ed8 commit 2139cf3
Show file tree
Hide file tree
Showing 10 changed files with 50 additions and 26 deletions.
3 changes: 2 additions & 1 deletion Modules/CIPPCore/Public/Entrypoints/Push-CIPPAlertApnCertExpiry.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ function Push-CIPPAlertApnCertExpiry {
$QueueItem,
$TriggerMetadata
)
$LastRunTable = $QueueItem.LastRunTable
$LastRunTable = Get-CIPPTable -Table AlertLastRun

try {
$Filter = "RowKey eq 'ApnCertExpiry' and PartitionKey eq '{0}'" -f $QueueItem.tenantid
$LastRun = Get-CIPPAzDataTableEntity @LastRunTable -Filter $Filter
Expand Down
6 changes: 3 additions & 3 deletions Modules/CIPPCore/Public/Entrypoints/Push-CIPPAlertAppSecretExpiry.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ function Push-CIPPAlertAppSecretExpiry {
$QueueItem,
$TriggerMetadata
)
$LastRunTable = $QueueItem.LastRunTable
$LastRunTable = Get-CIPPTable -Table AlertLastRun


try {
Expand All @@ -18,7 +18,7 @@ function Push-CIPPAlertAppSecretExpiry {
if ($App.passwordCredentials) {
foreach ($Credential in $App.passwordCredentials) {
if ($Credential.endDateTime -lt (Get-Date).AddDays(30) -and $Credential.endDateTime -gt (Get-Date).AddDays(-7)) {
Write-AlertMessage -tenant $($QueueItem.tenant) -message ("Application '{0}' has secrets expiring on {1}" -f $App.displayName, $Credential.endDateTime)
("Application '{0}' has secrets expiring on {1}" -f $App.displayName, $Credential.endDateTime)
}
}
}
Expand All @@ -31,7 +31,7 @@ function Push-CIPPAlertAppSecretExpiry {
Add-CIPPAzDataTableEntity @LastRunTable -Entity $LastRun -Force
}
} catch {
# Error handling
throw $_
}
}

3 changes: 2 additions & 1 deletion Modules/CIPPCore/Public/Entrypoints/Push-CIPPAlertDepTokenExpiry.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ function Push-CIPPAlertDepTokenExpiry {
$QueueItem,
$TriggerMetadata
)
$LastRunTable = $QueueItem.LastRunTable
$LastRunTable = Get-CIPPTable -Table AlertLastRun



try {
Expand Down
2 changes: 1 addition & 1 deletion Modules/CIPPCore/Public/Entrypoints/Push-CIPPAlertNewRole.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ function Push-CIPPAlertNewRole {
$QueueItem,
$TriggerMetadata
)
$Deltatable = $QueueItem.DeltaTable
$Deltatable = Get-CIPPTable -Table DeltaCompare
try {
$Filter = "PartitionKey eq 'AdminDelta' and RowKey eq '{0}'" -f $QueueItem.tenantid
$AdminDelta = (Get-CIPPAzDataTableEntity @Deltatable -Filter $Filter).delta | ConvertFrom-Json -ErrorAction SilentlyContinue
Expand Down
3 changes: 2 additions & 1 deletion Modules/CIPPCore/Public/Entrypoints/Push-CIPPAlertSecDefaultsUpsell.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ function Push-CIPPAlertSecDefaultsUpsell {
$QueueItem,
$TriggerMetadata
)
$LastRunTable = $QueueItem.LastRunTable
$LastRunTable = Get-CIPPTable -Table AlertLastRun


try {
$Filter = "RowKey eq 'SecDefaultsUpsell' and PartitionKey eq '{0}'" -f $QueueItem.tenantid
Expand Down
3 changes: 2 additions & 1 deletion Modules/CIPPCore/Public/Entrypoints/Push-CIPPAlertVppTokenExpiry.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ function Push-CIPPAlertVppTokenExpiry {
$QueueItem,
$TriggerMetadata
)
$LastRunTable = $QueueItem.LastRunTable
$LastRunTable = Get-CIPPTable -Table AlertLastRun


try {
$Filter = "RowKey eq 'VppTokenExpiry' and PartitionKey eq '{0}'" -f $QueueItem.tenantid
Expand Down
35 changes: 27 additions & 8 deletions Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableBasicAuthSMTP.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,23 +5,42 @@ function Invoke-CIPPStandardDisableBasicAuthSMTP {
#>
param($Tenant, $Settings)
If ($Settings.remediate) {

# Disable SMTP Basic Authentication for the tenant
try {
$Request = New-ExoRequest -tenantid $Tenant -cmdlet 'Set-TransportConfig' -cmdParams @{ SmtpClientAuthenticationDisabled = $true }
Write-LogMessage -API 'Standards' -tenant $tenant -message 'Disabled SMTP Basic Authentication' -sev Info
} catch {
Write-LogMessage -API 'Standards' -tenant $tenant -message "Failed to disable SMTP Basic Authentication: $($_.exception.message)" -sev Error
}

# Disable SMTP Basic Authentication for all users
$SMTPusers = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-CASMailbox' -cmdParams @{ ResultSize = 'Unlimited' } | Where-Object { ($null -ne $_.SmtpClientAuthenticationDisabled) }
$SMTPusers | ForEach-Object {
try {
New-ExoRequest -tenantid $Tenant -cmdlet 'Set-CASMailbox' -cmdParams @{ Identity = $_.Identity; SmtpClientAuthenticationDisabled = $null } -UseSystemMailbox $true
Write-LogMessage -API 'Standards' -tenant $tenant -message "Disabled SMTP Basic Authentication for $($_.DisplayName), $($_.PrimarySmtpAddress)" -sev Info
} catch {
Write-LogMessage -API 'Standards' -tenant $tenant -message "Failed to disable SMTP Basic Authentication for $($_.DisplayName), $($_.PrimarySmtpAddress). Error: $($_.exception.message)" -sev Error

}
}
}
if ($Settings.alert) {


# This is ugly but done to avoid a second call to the Graph API
if ($Settings.alert -or $Settings.report) {
$CurrentInfo = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-TransportConfig'
if ($CurrentInfo.SmtpClientAuthenticationDisabled) {
Write-LogMessage -API 'Standards' -tenant $tenant -message 'SMTP Basic Authentication is disabled' -sev Info
} else {
Write-LogMessage -API 'Standards' -tenant $tenant -message 'SMTP Basic Authentication is not disabled' -sev Alert

if ($Settings.alert) {
if ($CurrentInfo.SmtpClientAuthenticationDisabled) {
Write-LogMessage -API 'Standards' -tenant $tenant -message 'SMTP Basic Authentication is disabled' -sev Info
} else {
Write-LogMessage -API 'Standards' -tenant $tenant -message 'SMTP Basic Authentication is not disabled' -sev Alert
}
}
if ($Settings.report) {
Add-CIPPBPAField -FieldName 'DisableBasicAuthSMTP' -FieldValue [bool]$CurrentInfo.SmtpClientAuthenticationDisabled -StoreAs bool -Tenant $tenant
}
}
if ($Settings.report) {
Add-CIPPBPAField -FieldName 'DisableBasicAuthSMTP' -FieldValue [bool]$CurrentInfo.SmtpClientAuthenticationDisabled -StoreAs bool -Tenant $tenant
}
}
15 changes: 10 additions & 5 deletions Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,27 +25,32 @@ function Invoke-CIPPStandardcalDefault {
do {
# Get all calendars for the mailbox, retry if it fails
try {
New-ExoRequest -tenantid $Tenant -cmdlet 'Get-MailboxFolderStatistics' -cmdParams @{identity = $Mailbox.UserPrincipalName; FolderScope = 'Calendar' } -Anchor $Mailbox.UserPrincipalName |
New-ExoRequest -tenantid $Tenant -cmdlet 'Get-MailboxFolderStatistics' -cmdParams @{identity = $Mailbox.UserPrincipalName; FolderScope = 'Calendar' } -Anchor $Mailbox.UserPrincipalName | Where-Object { $_.FolderType -eq 'Calendar' } |
# Set permissions for each calendar found
Where-Object { $_.FolderType -eq 'Calendar' } | ForEach-Object {
ForEach-Object {
$SetRetryCount = 0
do {
try {
New-ExoRequest -tenantid $Tenant -cmdlet 'Set-MailboxFolderPermission' -cmdparams @{Identity = "$($Mailbox.UserPrincipalName):$($_.FolderId)"; User = 'Default'; AccessRights = $Settings.permissionlevel } -Anchor $Mailbox.UserPrincipalName
Write-LogMessage -API 'Standards' -tenant $Tenant -message "Set default folder permission for $($Mailbox.UserPrincipalName):\$($_.Name) to $($Settings.permissionlevel)" -sev Debug
$Success = $true
$UserSuccesses.Counter++
} catch {
# Retry Set-MailboxFolderStatistics
Start-Sleep -Milliseconds 250
Start-Sleep -Milliseconds (Get-Random -Minimum 200 -Maximum 300)
$SetRetryCount++

# Log error if it fails 3 times
if ($SetRetryCount -ge 3) {
Write-LogMessage -API 'Standards' -tenant $Tenant -message "Could not set default calendar permissions for $($Mailbox.UserPrincipalName). Error: $($_.exception.message)" -sev Error
}
}
} Until ($SetRetryCount -ge 3 -or $Success -eq $true)
}
$Success = $true
$UserSuccesses.Counter++
} catch {
# Retry Get-MailboxFolderStatistics
Start-Sleep -Milliseconds 250
Start-Sleep -Milliseconds (Get-Random -Minimum 250 -Maximum 500)
$GetRetryCount++
}

Expand Down
4 changes: 0 additions & 4 deletions Scheduler_Alert/run.ps1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,16 +11,12 @@ try {
$Alerts = Get-CIPPAzDataTableEntity @Table -Filter $Filter


$DeltaTable = Get-CIPPTable -Table DeltaCompare
$LastRunTable = Get-CIPPTable -Table AlertLastRun
$IgnoreList = @('Etag', 'PartitionKey', 'Timestamp', 'RowKey', 'tenantid', 'tenant', 'type')
$alertList = $Alerts | Select-Object * -ExcludeProperty $IgnoreList
foreach ($task in ($AlertList.psobject.members | Where-Object { $_.MemberType -EQ 'NoteProperty' -and $_.value -eq $True }).name) {
$QueueItem = [pscustomobject]@{
tenant = $tenant.tenant
tenantid = $tenant.tenantid
DeltaTable = $DeltaTable
LastRunTable = $LastRunTable
FunctionName = "CIPPAlert$($Task)"
}
Push-OutputBinding -Name QueueItem -Value $QueueItem
Expand Down
2 changes: 1 addition & 1 deletion version_latest.txt
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
4.9.0
4.9.1

0 comments on commit 2139cf3

Please sign in to comment.