From c9a28d18457d727a25ca02233c59f4d05129bc51 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 24 Sep 2024 12:09:37 -0400 Subject: [PATCH 1/3] cleanup --- Z_CIPPHttpTrigger/function.json | 6 ------ 1 file changed, 6 deletions(-) diff --git a/Z_CIPPHttpTrigger/function.json b/Z_CIPPHttpTrigger/function.json index bf248646d302..5aa5c500a642 100644 --- a/Z_CIPPHttpTrigger/function.json +++ b/Z_CIPPHttpTrigger/function.json @@ -39,12 +39,6 @@ "name": "alertqueue", "queueName": "alertqueue" }, - { - "type": "queue", - "direction": "out", - "name": "gdapqueue", - "queueName": "gdapqueue" - }, { "type": "queue", "direction": "out", From 554dee459ee88659b26528aa8a10a54d1f2aafc5 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Tue, 24 Sep 2024 12:09:46 -0400 Subject: [PATCH 2/3] typo --- .../Public/NinjaOne/Get-NinjaOneFieldMapping.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneFieldMapping.ps1 b/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneFieldMapping.ps1 index e88f53ceba9c..8a430f372b0e 100644 --- a/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneFieldMapping.ps1 +++ b/Modules/CippExtensions/Public/NinjaOne/Get-NinjaOneFieldMapping.ps1 @@ -102,7 +102,7 @@ function Get-NinjaOneFieldMapping { } catch { [System.Collections.Generic.List[object]]$NinjaCustomFieldsNode = @() - [System.Collections.Generic.List[objecgt]]$NinjaCustomFieldsOrg = @() + [System.Collections.Generic.List[object]]$NinjaCustomFieldsOrg = @() } $MappingObj = [PSCustomObject]@{ @@ -114,4 +114,4 @@ function Get-NinjaOneFieldMapping { return $MappingObj -} \ No newline at end of file +} From d096b5902153bb0ac42b21375f916a7bdaf1762e Mon Sep 17 00:00:00 2001 From: John Duprey Date: Thu, 26 Sep 2024 10:30:34 -0400 Subject: [PATCH 3/3] Cleanup and bugfixes --- ExecAlertsListAllTenants/function.json | 10 ---- ExecIncidentsListAllTenants/function.json | 10 ---- ExecOffboard_Mailboxpermissions/function.json | 10 ---- ExecOffboard_Mailboxpermissions/run.ps1 | 8 --- ExecSchedulerBillingRun/function.json | 10 ---- ExecSchedulerBillingRun/run.ps1 | 21 -------- .../Applications/Push-UploadApplication.ps1 | 2 +- .../Push-ExecAlertsListAllTenants.ps1 | 19 +++---- .../Push-ExecIncidentsListAllTenants.ps1 | 20 ++++---- ...Push-ExecOffboardingMailboxPermissions.ps1 | 13 +++++ .../Push-ListBasicAuthAllTenants.ps1 | 37 ++++++++++++++ .../Extensions/Invoke-ExecExtensionSync.ps1 | 11 ++++- .../Administration/Users/Invoke-ListUsers.ps1 | 5 +- .../Identity/Reports/Invoke-ListBasicAuth.ps1 | 17 ++++++- .../Invoke-ListBasicAuthAllTenants.ps1 | 49 ------------------- .../Security/Invoke-ExecAlertsList.ps1 | 17 ++++++- .../Security/Invoke-ExecIncidentsList.ps1 | 16 +++++- .../Entrypoints/Invoke-ListLicenses.ps1 | 1 - .../Entrypoints/Invoke-ListMFAUsers.ps1 | 1 - .../Public/Entrypoints/Invoke-TestResults.ps1 | 16 ------ .../Public/GraphHelper/Get-GraphToken.ps1 | 6 +-- .../GraphHelper/New-GraphBulkRequest.ps1 | 10 ++-- .../GraphHelper/New-GraphGetRequest.ps1 | 8 ++- .../GraphRequests/Get-GraphRequestList.ps1 | 3 -- .../Public/Invoke-CIPPOffboardingJob.ps1 | 17 +++++-- .../Public/Set-CIPPAssignedApplication.ps1 | 1 + .../Gradient/New-GradientServiceSyncRun.ps1 | 6 +-- 27 files changed, 157 insertions(+), 187 deletions(-) delete mode 100644 ExecAlertsListAllTenants/function.json delete mode 100644 ExecIncidentsListAllTenants/function.json delete mode 100644 ExecOffboard_Mailboxpermissions/function.json delete mode 100644 ExecOffboard_Mailboxpermissions/run.ps1 delete mode 100644 ExecSchedulerBillingRun/function.json delete mode 100644 ExecSchedulerBillingRun/run.ps1 rename ExecAlertsListAllTenants/run.ps1 => Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecAlertsListAllTenants.ps1 (81%) rename ExecIncidentsListAllTenants/run.ps1 => Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecIncidentsListAllTenants.ps1 (81%) create mode 100644 Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOffboardingMailboxPermissions.ps1 create mode 100644 Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ListBasicAuthAllTenants.ps1 delete mode 100644 Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListBasicAuthAllTenants.ps1 delete mode 100644 Modules/CIPPCore/Public/Entrypoints/Invoke-TestResults.ps1 diff --git a/ExecAlertsListAllTenants/function.json b/ExecAlertsListAllTenants/function.json deleted file mode 100644 index d4169b47b86d..000000000000 --- a/ExecAlertsListAllTenants/function.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "bindings": [ - { - "name": "QueueItem", - "type": "queueTrigger", - "direction": "in", - "queueName": "alertqueue" - } - ] -} diff --git a/ExecIncidentsListAllTenants/function.json b/ExecIncidentsListAllTenants/function.json deleted file mode 100644 index 05f90b816f08..000000000000 --- a/ExecIncidentsListAllTenants/function.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "bindings": [ - { - "name": "QueueItem", - "type": "queueTrigger", - "direction": "in", - "queueName": "incidentqueue" - } - ] -} diff --git a/ExecOffboard_Mailboxpermissions/function.json b/ExecOffboard_Mailboxpermissions/function.json deleted file mode 100644 index bc64eceb6904..000000000000 --- a/ExecOffboard_Mailboxpermissions/function.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "bindings": [ - { - "name": "QueueItem", - "type": "queueTrigger", - "direction": "in", - "queueName": "offboardingmailbox" - } - ] -} diff --git a/ExecOffboard_Mailboxpermissions/run.ps1 b/ExecOffboard_Mailboxpermissions/run.ps1 deleted file mode 100644 index 755133d6586e..000000000000 --- a/ExecOffboard_Mailboxpermissions/run.ps1 +++ /dev/null @@ -1,8 +0,0 @@ -# Input bindings are passed in via param block. -param( $QueueItem, $TriggerMetadata) -$APIName = $TriggerMetadata.FunctionName - -$Mailboxes = New-ExoRequest -tenantid $QueueItem.TenantFilter -cmdlet "get-mailbox" -foreach ($Mailbox in $Mailboxes) { - Remove-CIPPMailboxPermissions -PermissionsLevel @("FullAccess", "SendAs", "SendOnBehalf") -userid $Mailbox.UserPrincipalName -AccessUser $QueueItem.User -TenantFilter $QueueItem.TenantFilter -APIName $APINAME -ExecutingUser $QueueItem.ExecutingUser -} \ No newline at end of file diff --git a/ExecSchedulerBillingRun/function.json b/ExecSchedulerBillingRun/function.json deleted file mode 100644 index 987ff96a991d..000000000000 --- a/ExecSchedulerBillingRun/function.json +++ /dev/null @@ -1,10 +0,0 @@ -{ - "bindings": [ - { - "name": "QueueItem", - "type": "queueTrigger", - "direction": "in", - "queueName": "billqueue" - } - ] -} diff --git a/ExecSchedulerBillingRun/run.ps1 b/ExecSchedulerBillingRun/run.ps1 deleted file mode 100644 index 3ea7e6621fac..000000000000 --- a/ExecSchedulerBillingRun/run.ps1 +++ /dev/null @@ -1,21 +0,0 @@ -# Input bindings are passed in via param block. -param($QueueItem) - -# Get the current universal time in the default string format. -try { - Write-LogMessage -API 'Scheduler_Billing' -tenant 'none' -message 'Starting billing processing.' -sev Info - - $Table = Get-CIPPTable -TableName Extensionsconfig - $Configuration = (Get-CIPPAzDataTableEntity @Table).config | ConvertFrom-Json -Depth 10 - foreach ($ConfigItem in $Configuration.psobject.properties.name) { - switch ($ConfigItem) { - 'Gradient' { - If ($Configuration.Gradient.enabled -and $Configuration.Gradient.BillingEnabled) { - New-GradientServiceSyncRun - } - } - } - } -} catch { - Write-LogMessage -API 'Scheduler_Billing' -tenant 'none' -message 'Could not start billing processing' -sev Error -LogData (Get-CippException -Exception $_) -} \ No newline at end of file diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Applications/Push-UploadApplication.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Applications/Push-UploadApplication.ps1 index f33ef37a8e84..f718564301fc 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Applications/Push-UploadApplication.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Applications/Push-UploadApplication.ps1 @@ -100,7 +100,7 @@ function Push-UploadApplication { #For anyone that reads this, The maximum chunk size is 100MB for blob storage, so we can upload it as one part and just give it the single ID. Easy :) $Upload = Invoke-RestMethod -Uri "$($AzFileUri.azureStorageUri)&comp=block&blockid=$id" -Method Put -Headers @{'x-ms-blob-type' = 'BlockBlob' } -InFile $inFile -ContentType 'application/octet-stream' Write-Host "Upload data: $($Upload | ConvertTo-Json -Depth 10)" - $ConfirmUpload = Invoke-RestMethod -Uri "$($AzFileUri.azureStorageUri)&comp=blocklist" -Method Put -Body "$id" + $ConfirmUpload = Invoke-RestMethod -Uri "$($AzFileUri.azureStorageUri)&comp=blocklist" -Method Put -Body "$id" -ContentType 'application/xml' Write-Host "Confirm Upload data: $($ConfirmUpload | ConvertTo-Json -Depth 10)" $CommitReq = New-graphPostRequest -Uri "$($BaseURI)/$($NewApp.id)/microsoft.graph.win32lobapp/contentVersions/1/files/$($ContentReq.id)/commit" -Body $EncBody -Type POST -tenantid $tenant Write-Host "Commit Request: $($CommitReq | ConvertTo-Json -Depth 10)" diff --git a/ExecAlertsListAllTenants/run.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecAlertsListAllTenants.ps1 similarity index 81% rename from ExecAlertsListAllTenants/run.ps1 rename to Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecAlertsListAllTenants.ps1 index 7a885d814dd2..7972f1f98274 100644 --- a/ExecAlertsListAllTenants/run.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecAlertsListAllTenants.ps1 @@ -1,12 +1,12 @@ -# Input bindings are passed in via param block. -param( $QueueItem, $TriggerMetadata) +function Push-ExecAlertsListAllTenants { + <# + .FUNCTIONALITY + Entrypoint + #> + [CmdletBinding()] + param($Item) -# Write out the queue message and metadata to the information log. -Write-Host "PowerShell queue trigger function processed work item: $QueueItem" - -Get-Tenants | ForEach-Object -Parallel { - $domainName = $_.defaultDomainName - Import-Module CIPPCore + $domainName = $Item.defaultDomainName $Table = Get-CIPPTable -TableName 'cachealertsandincidents' try { @@ -21,7 +21,6 @@ Get-Tenants | ForEach-Object -Parallel { PartitionKey = 'alert' } Add-CIPPAzDataTableEntity @Table -Entity $GraphRequest -Force | Out-Null - } } catch { @@ -46,7 +45,5 @@ Get-Tenants | ForEach-Object -Parallel { Tenant = $domainName } Add-CIPPAzDataTableEntity @Table -Entity $GraphRequest -Force | Out-Null - - } } diff --git a/ExecIncidentsListAllTenants/run.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecIncidentsListAllTenants.ps1 similarity index 81% rename from ExecIncidentsListAllTenants/run.ps1 rename to Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecIncidentsListAllTenants.ps1 index f5cfb8a3a9d3..0fd1f1ae07a5 100644 --- a/ExecIncidentsListAllTenants/run.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecIncidentsListAllTenants.ps1 @@ -1,12 +1,13 @@ -# Input bindings are passed in via param block. -param( $QueueItem, $TriggerMetadata) +function Push-ExecIncidentsListAllTenants { + <# + .FUNCTIONALITY + Entrypoint + #> + param( + $Item + ) -# Write out the queue message and metadata to the information log. -Write-Host "PowerShell queue trigger function processed work item: $QueueItem" - -Get-Tenants | ForEach-Object -Parallel { - $domainName = $_.defaultDomainName - Import-Module CIPPCore + $domainName = $Item.defaultDomainName $Table = Get-CIPPTable -TableName 'cachealertsandincidents' try { @@ -43,7 +44,6 @@ Get-Tenants | ForEach-Object -Parallel { Tenant = [string]$domainName } Add-CIPPAzDataTableEntity @Table -Entity $GraphRequest -Force | Out-Null - - } } + diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOffboardingMailboxPermissions.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOffboardingMailboxPermissions.ps1 new file mode 100644 index 000000000000..91660576876c --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ExecOffboardingMailboxPermissions.ps1 @@ -0,0 +1,13 @@ +function Push-ExecOffboardingMailboxPermissions { + <# + .FUNCTIONALITY + Entrypoint + #> + param( + $Item + ) + $Mailboxes = New-ExoRequest -tenantid $Item.TenantFilter -cmdlet 'get-mailbox' -Select UserPrincipalName + foreach ($Mailbox in $Mailboxes) { + Remove-CIPPMailboxPermissions -PermissionsLevel @('FullAccess', 'SendAs', 'SendOnBehalf') -userid $Mailbox.UserPrincipalName -AccessUser $Item.User -TenantFilter $Item.TenantFilter -APIName $APINAME -ExecutingUser $Item.executingUser + } +} diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ListBasicAuthAllTenants.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ListBasicAuthAllTenants.ps1 new file mode 100644 index 000000000000..621bd16ef4ec --- /dev/null +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-ListBasicAuthAllTenants.ps1 @@ -0,0 +1,37 @@ +Function Push-ListBasicAuthAllTenants { + <# + .FUNCTIONALITY + Entrypoint + #> + [CmdletBinding()] + param($Item) + + $domainName = $Item.defaultDomainName + + $currentTime = Get-Date -Format 'yyyy-MM-ddTHH:MM:ss' + $ts = (Get-Date).AddDays(-30) + $endTime = $ts.ToString('yyyy-MM-ddTHH:MM:ss') + $filters = "createdDateTime ge $($endTime)Z and createdDateTime lt $($currentTime)Z and (clientAppUsed eq 'AutoDiscover' or clientAppUsed eq 'Exchange ActiveSync' or clientAppUsed eq 'Exchange Online PowerShell' or clientAppUsed eq 'Exchange Web Services' or clientAppUsed eq 'IMAP4' or clientAppUsed eq 'MAPI Over HTTP' or clientAppUsed eq 'Offline Address Book' or clientAppUsed eq 'Outlook Anywhere (RPC over HTTP)' or clientAppUsed eq 'Other clients' or clientAppUsed eq 'POP3' or clientAppUsed eq 'Reporting Web Services' or clientAppUsed eq 'Authenticated SMTP' or clientAppUsed eq 'Outlook Service')" + try { + $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/auditLogs/signIns?api-version=beta&filter=$($filters)" -tenantid $domainName -ErrorAction stop | Sort-Object -Unique -Property clientAppUsed | ForEach-Object { + @{ + Tenant = $domainName + clientAppUsed = $_.clientAppUsed + userPrincipalName = $_.UserPrincipalName + RowKey = "$($_.UserPrincipalName)-$($_.clientAppUsed)" + PartitionKey = 'basicauth' + } + } + } catch { + $GraphRequest = @{ + Tenant = $domainName + clientAppUsed = "Could not connect to Tenant: $($_.Exception.message)" + userPrincipalName = $domainName + RowKey = $domainName + PartitionKey = 'basicauth' + } + } + $Table = Get-CIPPTable -TableName cachebasicauth + Add-CIPPAzDataTableEntity @Table -Entity $GraphRequest -Force | Out-Null + +} diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionSync.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionSync.ps1 index 911ce71d7e14..136009bd740b 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionSync.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Extensions/Invoke-ExecExtensionSync.ps1 @@ -19,12 +19,19 @@ Function Invoke-ExecExtensionSync { Write-LogMessage -API 'Scheduler_Billing' -tenant 'none' -message 'Starting billing processing.' -sev Info $Table = Get-CIPPTable -TableName Extensionsconfig $Configuration = (Get-CIPPAzDataTableEntity @Table).config | ConvertFrom-Json -Depth 10 + foreach ($ConfigItem in $Configuration.psobject.properties.name) { switch ($ConfigItem) { 'Gradient' { If ($Configuration.Gradient.enabled -and $Configuration.Gradient.BillingEnabled) { - Push-OutputBinding -Name gradientqueue -Value 'LetsGo' - $Results = [pscustomobject]@{'Results' = 'Successfully started Gradient Sync' } + $ProcessorQueue = Get-CIPPTable -TableName 'ProcessorQueue' + $ProcessorFunction = [PSCustomObject]@{ + PartitionKey = 'Function' + RowKey = 'New-GradientServiceSyncRun' + FunctionName = 'New-GradientServiceSyncRun' + } + Add-AzDataTableEntity @ProcessorQueue -Entity $ProcessorFunction -Force + $Results = [pscustomobject]@{'Results' = 'Successfully queued Gradient Sync' } } } } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 index f61ff5a28283..ef2870bc0649 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUsers.ps1 @@ -35,11 +35,8 @@ Function Invoke-ListUsers { $Table = Get-CIPPTable -TableName 'cacheusers' $Rows = Get-CIPPAzDataTableEntity @Table | Where-Object -Property Timestamp -GT (Get-Date).AddHours(-1) if (!$Rows) { - $Queue = New-CippQueueEntry -Name 'Users' -Link '/identity/administration/users?customerId=AllTenants' - Push-OutputBinding -Name listusers -Value "users/$($userid)?`$top=999&`$select=$($selectlist -join ',')&`$filter=$GraphFilter&`$count=true" [PSCustomObject]@{ - Tenant = 'Loading data for all tenants. Please check back after the job completes' - QueueId = $Queue.RowKey + Message = 'This function has been deprecated for all users, please use ListGraphRequest instead' } } else { $Rows.Data | ConvertFrom-Json | Select-Object $selectlist | ForEach-Object { diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListBasicAuth.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListBasicAuth.ps1 index 9cdbce1b86c8..aacc1676381a 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListBasicAuth.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListBasicAuth.ps1 @@ -45,7 +45,22 @@ Function Invoke-ListBasicAuth { $Table = Get-CIPPTable -TableName cachebasicauth $Rows = Get-CIPPAzDataTableEntity @Table | Where-Object -Property Timestamp -GT (Get-Date).AddHours(-1) if (!$Rows) { - Push-OutputBinding -Name Msg -Value (Get-Date).ToString() + $TenantList = Get-Tenants -IncludeErrors + $Queue = New-CippQueueEntry -Name 'Basic Auth - All Tenants' -TotalTasks ($TenantList | Measure-Object).Count + $InputObject = [PSCustomObject]@{ + OrchestratorName = 'BasicAuthOrchestrator' + QueueFunction = @{ + FunctionName = 'GetTenants' + TenantParams = @{ + IncludeErrors = $true + } + QueueId = $Queue.RowKey + DurableFunction = 'ListBasicAuthAllTenants' + } + SkipLog = $true + } + Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Depth 5 -Compress) + $GraphRequest = [PSCustomObject]@{ Tenant = 'Loading data for all tenants. Please check back in 10 minutes' } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListBasicAuthAllTenants.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListBasicAuthAllTenants.ps1 deleted file mode 100644 index 26d93e02b387..000000000000 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Reports/Invoke-ListBasicAuthAllTenants.ps1 +++ /dev/null @@ -1,49 +0,0 @@ -using namespace System.Net - -Function Invoke-ListBasicAuthAllTenants { - <# - .FUNCTIONALITY - Entrypoint - .ROLE - Identity.AuditLog.Read - #> - [CmdletBinding()] - param($Request, $TriggerMetadata) - - - Get-Tenants | ForEach-Object -Parallel { - $domainName = $_.defaultDomainName - Import-Module '.\Modules\AzBobbyTables' - Import-Module '.\Modules\CIPPCore' - - $currentTime = Get-Date -Format 'yyyy-MM-ddTHH:MM:ss' - $ts = (Get-Date).AddDays(-30) - $endTime = $ts.ToString('yyyy-MM-ddTHH:MM:ss') - $filters = "createdDateTime ge $($endTime)Z and createdDateTime lt $($currentTime)Z and (clientAppUsed eq 'AutoDiscover' or clientAppUsed eq 'Exchange ActiveSync' or clientAppUsed eq 'Exchange Online PowerShell' or clientAppUsed eq 'Exchange Web Services' or clientAppUsed eq 'IMAP4' or clientAppUsed eq 'MAPI Over HTTP' or clientAppUsed eq 'Offline Address Book' or clientAppUsed eq 'Outlook Anywhere (RPC over HTTP)' or clientAppUsed eq 'Other clients' or clientAppUsed eq 'POP3' or clientAppUsed eq 'Reporting Web Services' or clientAppUsed eq 'Authenticated SMTP' or clientAppUsed eq 'Outlook Service')" - try { - $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/auditLogs/signIns?api-version=beta&filter=$($filters)" -tenantid $domainName -ErrorAction stop | Sort-Object -Unique -Property clientAppUsed | ForEach-Object { - @{ - Tenant = $domainName - clientAppUsed = $_.clientAppUsed - userPrincipalName = $_.UserPrincipalName - RowKey = "$($_.UserPrincipalName)-$($_.clientAppUsed)" - PartitionKey = 'basicauth' - } - } - } catch { - $GraphRequest = @{ - Tenant = $domainName - clientAppUsed = "Could not connect to Tenant: $($_.Exception.message)" - userPrincipalName = $domainName - RowKey = $domainName - PartitionKey = 'basicauth' - } - } - $Table = Get-CIPPTable -TableName cachebasicauth - Add-CIPPAzDataTableEntity @Table -Entity $GraphRequest -Force | Out-Null - - } - - - -} diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Security/Invoke-ExecAlertsList.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Security/Invoke-ExecAlertsList.ps1 index f3580ec3fc19..912b0815a81d 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Security/Invoke-ExecAlertsList.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Security/Invoke-ExecAlertsList.ps1 @@ -60,7 +60,22 @@ Function Invoke-ExecAlertsList { $Filter = "PartitionKey eq 'alert'" $Rows = Get-CIPPAzDataTableEntity @Table -filter $Filter | Where-Object -Property Timestamp -GT (Get-Date).AddMinutes(-10) if (!$Rows) { - Push-OutputBinding -Name alertqueue -Value (Get-Date).ToString() + $TenantList = Get-Tenants -IncludeErrors + $Queue = New-CippQueueEntry -Name 'Alerts List' -TotalTasks ($TenantList | Measure-Object).Count + $InputObject = [PSCustomObject]@{ + OrchestratorName = 'AlertsList' + QueueFunction = [PSCustomObject]@{ + FunctionName = 'GetTenants' + QueueId = $Queue.RowKey + TenantParams = @{ + IncludeErrors = $true + } + DurableName = 'ExecAlertsAllTenants' + } + SkipLog = $true + } | ConvertTo-Json -Depth 10 + Start-NewOrchestration -FunctionName CIPPOrchestrator -InputObject $InputObject + [PSCustomObject]@{ Waiting = $true } diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Security/Invoke-ExecIncidentsList.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Security/Invoke-ExecIncidentsList.ps1 index 184f629f2b2c..dd3370eedef5 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Security/Invoke-ExecIncidentsList.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Security/Invoke-ExecIncidentsList.ps1 @@ -41,7 +41,21 @@ Function Invoke-ExecIncidentsList { $Filter = "PartitionKey eq 'Incident'" $Rows = Get-CIPPAzDataTableEntity @Table -filter $Filter | Where-Object -Property Timestamp -GT (Get-Date).AddMinutes(-10) if (!$Rows) { - Push-OutputBinding -Name incidentqueue -Value (Get-Date).ToString() + $TenantList = Get-Tenants -IncludeErrors + $Queue = New-CippQueueEntry -Name 'Incidents - All Tenants' -Link '/security/reports/incident-report?customerId=AllTenants' -TotalTasks ($TenantList | Measure-Object).Count + $InputObject = [PSCustomObject]@{ + OrchestratorName = 'IncidentOrchestrator' + QueueFunction = @{ + FunctionName = 'GetTenants' + TenantParams = @{ + IncludeErrors = $true + } + QueueId = $Queue.RowKey + DurableFunction = 'ExecIncidentListAllTenants' + } + SkipLog = $true + } + Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Depth 5 -Compress) [PSCustomObject]@{ Waiting = $true } diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListLicenses.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListLicenses.ps1 index 82bb1e4aab1f..d6580cab36d2 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListLicenses.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListLicenses.ps1 @@ -29,7 +29,6 @@ Function Invoke-ListLicenses { $Table = Get-CIPPTable -TableName cachelicenses $Rows = Get-CIPPAzDataTableEntity @Table | Where-Object -Property Timestamp -GT (Get-Date).AddHours(-1) if (!$Rows) { - #Push-OutputBinding -Name LicenseQueue -Value (Get-Date).ToString() $GraphRequest = [PSCustomObject]@{ Tenant = 'Loading data for all tenants. Please check back in 1 minute' License = 'Loading data for all tenants. Please check back in 1 minute' diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMFAUsers.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMFAUsers.ps1 index 643900b2ccd8..0cdf963febe6 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMFAUsers.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Invoke-ListMFAUsers.ps1 @@ -27,7 +27,6 @@ Function Invoke-ListMFAUsers { $TenantList = Get-Tenants -IncludeErrors $Queue = New-CippQueueEntry -Name 'MFA Users - All Tenants' -Link '/identity/reports/mfa-report?customerId=AllTenants' -TotalTasks ($TenantList | Measure-Object).Count Write-Information ($Queue | ConvertTo-Json) - #Push-OutputBinding -Name mfaqueue -Value $Queue.RowKey $GraphRequest = [PSCustomObject]@{ UPN = 'Loading data for all tenants. Please check back in a few minutes' } diff --git a/Modules/CIPPCore/Public/Entrypoints/Invoke-TestResults.ps1 b/Modules/CIPPCore/Public/Entrypoints/Invoke-TestResults.ps1 deleted file mode 100644 index b8718793f559..000000000000 --- a/Modules/CIPPCore/Public/Entrypoints/Invoke-TestResults.ps1 +++ /dev/null @@ -1,16 +0,0 @@ -function Invoke-TestResults { - - Push-OutputBinding -Name QueueItem -Value ([pscustomobject]@{ - FunctionName = 'TestResults' - Body = @{ - Permissions = $true - Tenants = $true - GDAP = $true - } - }) - Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{ - StatusCode = [HttpStatusCode]::OK - Body = "yes" - }) - -} \ No newline at end of file diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-GraphToken.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-GraphToken.ps1 index 6883f9b5cce0..626dc7ba842a 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-GraphToken.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-GraphToken.ps1 @@ -66,9 +66,9 @@ function Get-GraphToken($tenantid, $scope, $AsApp, $AppID, $AppSecret, $refreshT if (!$Tenant.RowKey) { $donotset = $true $Tenant = [pscustomobject]@{ - GraphErrorCount = $null - LastGraphTokenError = $null - LastGraphError = $null + GraphErrorCount = 0 + LastGraphTokenError = '' + LastGraphError = '' PartitionKey = 'TenantFailed' RowKey = 'Failed' } diff --git a/Modules/CIPPCore/Public/GraphHelper/New-GraphBulkRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-GraphBulkRequest.ps1 index ae2777fa2ac7..533876a87a5f 100644 --- a/Modules/CIPPCore/Public/GraphHelper/New-GraphBulkRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/New-GraphBulkRequest.ps1 @@ -23,7 +23,7 @@ function New-GraphBulkRequest { if (!$Tenant) { $Tenant = @{ GraphErrorCount = 0 - LastGraphError = $null + LastGraphError = '' PartitionKey = 'TenantFailed' RowKey = 'Failed' } @@ -54,14 +54,18 @@ function New-GraphBulkRequest { $Message = ($_.ErrorDetails.Message | ConvertFrom-Json -ErrorAction SilentlyContinue).error.message if ($null -eq $Message) { $Message = $($_.Exception.Message) } if ($Message -ne 'Request not applicable to target tenant.') { - $Tenant.LastGraphError = $Message + $Tenant.LastGraphError = $Message ?? '' $Tenant.GraphErrorCount++ Update-AzDataTableEntity @TenantsTable -Entity $Tenant } throw $Message } - $Tenant.LastGraphError = '' + if ($Tenant.PSObject.Properties.Name -notcontains 'LastGraphErrror') { + $Tenant | Add-Member -MemberType NoteProperty -Name 'LastGraphError' -Value '' + } else { + $Tenant.LastGraphError = '' + } Update-AzDataTableEntity @TenantsTable -Entity $Tenant return $ReturnedData.responses diff --git a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 index b4e8b7d728ca..416456be3700 100644 --- a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 @@ -37,7 +37,7 @@ function New-GraphGetRequest { if (!$Tenant) { $Tenant = @{ GraphErrorCount = 0 - LastGraphError = $null + LastGraphError = '' PartitionKey = 'TenantFailed' RowKey = 'Failed' } @@ -91,7 +91,11 @@ function New-GraphGetRequest { throw $Message } } until ([string]::IsNullOrEmpty($NextURL) -or $NextURL -is [object[]] -or ' ' -eq $NextURL) - $Tenant.LastGraphError = '' + if ($Tenant.PSObject.Properties.Name -notcontains 'LastGraphErrror') { + $Tenant | Add-Member -MemberType NoteProperty -Name 'LastGraphError' -Value '' + } else { + $Tenant.LastGraphError = '' + } $Tenant.GraphErrorCount = 0 Update-AzDataTableEntity @TenantsTable -Entity $Tenant return $ReturnedData diff --git a/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 b/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 index 260bee6f3a9b..b8d84bf0052d 100644 --- a/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 +++ b/Modules/CIPPCore/Public/GraphRequests/Get-GraphRequestList.ps1 @@ -223,7 +223,6 @@ function Get-GraphRequestList { ReverseTenantLookup = $ReverseTenantLookup.IsPresent } - #Push-OutputBinding -Name QueueItem -Value $QueueTenant } $InputObject = @{ @@ -274,8 +273,6 @@ function Get-GraphRequestList { } $InstanceId = Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Depth 5 -Compress) - #Push-OutputBinding -Name QueueItem -Value $QueueTenant - [PSCustomObject]@{ QueueMessage = ('Loading {0} rows for {1}. Please check back after the job completes' -f $Count, $TenantFilter) QueueId = $Queue.RowKey diff --git a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 index 25bc5b886fee..52e1a26a5fb3 100644 --- a/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 +++ b/Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1 @@ -81,12 +81,19 @@ function Invoke-CIPPOffboardingJob { Remove-CIPPMailboxPermissions -PermissionsLevel @('FullAccess', 'SendAs', 'SendOnBehalf') -userid 'AllUsers' -AccessUser $UserName -TenantFilter $TenantFilter -APIName $APINAME -ExecutingUser $ExecutingUser } else { - $object = [PSCustomObject]@{ - TenantFilter = $tenantFilter - User = $username - executingUser = $ExecutingUser + $InputObject = [PSCustomObject]@{ + Batch = @( + [PSCustomObject]@{ + 'FunctionName' = 'OffboardingMailboxPermissions' + 'TenantFilter' = $TenantFilter + 'User' = $Username + 'executingUser' = $ExecutingUser + } + ) + OrchestratorName = "OffboardingMailboxPermissions_$Username" + SkipLog = $true } - Push-OutputBinding -Name offboardingmailbox -Value $object + Start-NewOrchestration -FunctionName CIPPOrchestrator -InputObject ($InputObject | ConvertTo-Json -Depth 10) "Removal of permissions queued. This task will run in the background and send it's results to the logbook." } } diff --git a/Modules/CIPPCore/Public/Set-CIPPAssignedApplication.ps1 b/Modules/CIPPCore/Public/Set-CIPPAssignedApplication.ps1 index bdd1ec2da682..d070d7bea3c2 100644 --- a/Modules/CIPPCore/Public/Set-CIPPAssignedApplication.ps1 +++ b/Modules/CIPPCore/Public/Set-CIPPAssignedApplication.ps1 @@ -109,6 +109,7 @@ function Set-CIPPAssignedApplication { ) } if ($PSCmdlet.ShouldProcess($GroupName, "Assigning Application $ApplicationId")) { + Start-Sleep -Seconds 1 $null = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceAppManagement/mobileApps/$($ApplicationId)/assign" -tenantid $TenantFilter -type POST -body ($DefaultAssignmentObject | ConvertTo-Json -Compress -Depth 10) Write-LogMessage -user $ExecutingUser -API $APIName -message "Assigned Application to $($GroupName)" -Sev 'Info' -tenant $TenantFilter } diff --git a/Modules/CippExtensions/Public/Gradient/New-GradientServiceSyncRun.ps1 b/Modules/CippExtensions/Public/Gradient/New-GradientServiceSyncRun.ps1 index 93a421fc3db1..11d039d1ecf5 100644 --- a/Modules/CippExtensions/Public/Gradient/New-GradientServiceSyncRun.ps1 +++ b/Modules/CippExtensions/Public/Gradient/New-GradientServiceSyncRun.ps1 @@ -1,8 +1,6 @@ function New-GradientServiceSyncRun { - [CmdletBinding()] - param ( - - ) + [CmdletBinding(SupportsShouldProcess = $true)] + param () $Table = Get-CIPPTable -TableName Extensionsconfig $Configuration = ((Get-CIPPAzDataTableEntity @Table).config | ConvertFrom-Json).Gradient