-
-
Notifications
You must be signed in to change notification settings - Fork 5.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Disable site creation by standard users - Does not correctly prevent site creation #2916
Comments
Thank you for creating a bug. Please make sure your bug is indeed a unique case by checking current and past issues, and reading the complete documentation at https://docs.cipp.app/ Without confirming, your report will be closed in 24 hours. If you'd like this bug to be assigned to you, please comment "I would like to work on this please!". |
I confirm that I have checked the documentation thoroughly and believe this to be an actual bug. |
That's great! thanks. Let us know if you're on discord and we'll give you a contributor tag! |
I am on discord! - mhollierbpt_51429 Thanks! |
* offboarding tweaks * offboarding tweaks * Update Package.zip * Move group check inside if statement * Ninja: Add try/catch around secure score Addresses issues with $MaxSecureScore being 0 * fix keyvault refs * Change to not show/disable the Out of office hidden rule * Permission tweaks * permission fixes for CPV * New audit log search * New audit logs * audit logs * try / catch * Update Push-AuditLogTenant.ps1 * audit logs * audit log tweaks * Update Push-AuditLogTenant.ps1 * Update Invoke-ExecJITAdmin.ps1 Added tenant to the log entry * Update Push-AuditLogTenant.ps1 * audit logs * Update Push-AuditLogTenant.ps1 * audit logs fixes * Fix api role permissions * Update Start-AuditLogOrchestrator.ps1 * Update Push-AuditLogTenant.ps1 * Update Push-AuditLogTenant.ps1 * Fix issues with graph requests missing data Only use -ComplexFilter when $filter is present * Add sharepoint admin url endpoint * Create Get-CippLastAuditLogSearch.ps1 * Update Start-AuditLogOrchestrator.ps1 * tweak timing * audit logs tweak timing Update Start-AuditLogOrchestrator.ps1 Create Get-CippLastAuditLogSearch.ps1 Add sharepoint admin url endpoint Fix issues with graph requests missing data Only use -ComplexFilter when $filter is present Update Push-AuditLogTenant.ps1 Update Push-AuditLogTenant.ps1 Update Start-AuditLogOrchestrator.ps1 Fix api role permissions audit logs fixes Update Push-AuditLogTenant.ps1 audit logs Update Push-AuditLogTenant.ps1 Update Push-AuditLogTenant.ps1 audit log tweaks audit logs Update Push-AuditLogTenant.ps1 try / catch New audit logs * Update Start-AuditLogOrchestrator.ps1 * Update Start-AuditLogOrchestrator.ps1 * Update Start-AuditLogOrchestrator.ps1 * Update Start-AuditLogOrchestrator.ps1 * Update Start-AuditLogOrchestrator.ps1 * Update Start-AuditLogOrchestrator.ps1 * update timer * Update Get-CIPPAlertQuotaUsed.ps1 * Update Start-AuditLogOrchestrator.ps1 * Update Get-CippAuditLogSearchResults.ps1 * Update Test-CIPPAuditLogRules.ps1 * pushing cippauditlogsearch * Update Start-AuditLogOrchestrator.ps1 * Audit log cleanup * Audit log tweaks * Update Push-AuditLogBundleProcessing.ps1 * Add audit record * Update Get-CIPPTimerFunctions.ps1 * Update Test-CIPPAuditLogRules.ps1 * Update Invoke-ListGraphRequest.ps1 * Copy group membership on add user Improve performance Add handling for additional group types Add followup task for exchange groups if user hasn't replicated * Update Set-CIPPCopyGroupMembers.ps1 * add webhookcreation task cleanup * Adjust parameters for ListAuditLogTest * New audit log api endpoints * Update Push-AuditLogTenant.ps1 * Update Invoke-ListAuditLogSearches.ps1 * Cleanup triggers * AsApp support * Update Get-GraphRequestList.ps1 * Added Expand assignments * JD Cleanup Co-Authored-By: John Duprey <[email protected]> * added logging * Add or update the Azure App Service build and deployment workflow config * logging * update logging * change to write warning to be able to read logs better in insights * removing redundant logging * log * logon value logging * test * Fix Teams Global Meeting Policy StateIsCorrect * add 1 hour to enddate * changed start time to include an entire hour * Add or update the Azure App Service build and deployment workflow config * AntiPhish standard update Fixes ticket 3458533280 * Audit log alerts * update prefilter * whoops * Test stuff * remove ExchangeItemAggregated * revert * revert * User Offboarding - Schedule license removal Fixes ticket 3399058699 * Update Invoke-CIPPStandardDisableUserSiteCreate.ps1 fixes KelvinTegelaar/CIPP#2916 * Delete Package.zip * six five zero * CPV partner tenant support * Remove return on exo exception * Fix listmailboxes param issue * Fix CA vacation mode exclusion Switch to AsApp so not impacted by CA changes * Update domain analyser Remove returns on exceptions for each test Add new signature domain to domain list exclusion * Correct issue with standard * Optimize tenant refresh in onboarding * Ninja webhook error handling * Adjust logging webhooks for ninja * Add function node to log messages * Fix issue with ProcessorQueue functions * Add missing timer * app upload tweaks * Update Start-CIPPProcessorQueue.ps1 * Update Start-CIPPProcessorQueue.ps1 * cleanup generic graph request * Fix LAPS & error msgs * handle json conversion issues in BPA * NinjaOne API validation & fixes Update standards.json file Add hostname check to ExecExtensionsConfig Add hostname check to NinjaOneTenantSync * Fix complex queries * Update Set-CIPPAssignedPolicy.ps1 * fix list intune policy urlname * filter queries * Intune * Update Invoke-CIPPStandardPerUserMFA.ps1 * Audit log limit processing * tweak audit log search query * Remove queues from application approval * Update Invoke-NinjaOneTenantSync.ps1 * Audit log error handling * Update version_latest.txt * ninja edit * up version * fix: InTune Compliance Policy deployment * update delete template * update to rerun detection * filter final tenant result * Clean up get-tenants * fix: AuditLog check true or false * Unify processorfunction injection * add Login:reprocess to exclude * Update Add-CIPPDelegatedPermission.ps1 * Update Start-CIPPProcessorQueue.ps1 * fix ninja url * domain analyser fixes * ExecBPA fix for offloading * rerun tweaks * Update azbobbytables to 3.3.1 * Add -Force to remove-azdatatableentity * more error handling * Update Push-AuditLogTenant.ps1 * Update Push-AuditLogTenant.ps1 * Small change to make it easier to add exclusions in the future * entrypoint tweaks * feat: New TeamsEnrollUser Standard * fix: rename Remove-CIPPAzDataTableEntity function * fix: improvements for Anti-phishing * fix: small tweak to Spam Filter Policy * fix: SafeLinks,SafeAttachment,Malware policy tweaks * Add ExternalDirectoryObjectId to ListMailbox * Add logging name param and change to use it for logging messages * Add loggingName paraa and clean up a wrong logging message * standards logging * durable cleanup * Add MFA reset back in * bugfix * Refactor block signin and alias addition logic in Invoke-AddSharedMailbox function * Add SharePoint quota info to AlertData * Update ContentType in New-ExoRequest function to include charset * Refactor Invoke-AddRoomMailbox function to improve tenant ID handling and error logging * Refactor Invoke-AddSharedMailbox function to enhance tenant ID handling and improve error logging * feat: added IntuneComplianceSettings standard * fix: check if $state -eq $true * fix: ActivityBasedTimeout StateIsCorrect * fix: remove try catch * feat: new Guest Invite standard * feat: Customize AllowAnonymousUsersToJoinMeeting * Audit log tweaks * feat: Customization MeetingChatEnabledType * Fix partner webhook standards setting * backup tweaks, fix DA issue * the real domain analyser fix * Durable cleanup tweak Audit log tweak * more timer tweaks * Update version_latest.txt --------- Co-authored-by: John Duprey <[email protected]> Co-authored-by: John Duprey <[email protected]> Co-authored-by: Kristian Kjærgård <[email protected]> Co-authored-by: BNWEIN <[email protected]> Co-authored-by: KelvinTegelaar <[email protected]> Co-authored-by: KelvinTegelaar <[email protected]> Co-authored-by: Esco <[email protected]> Co-authored-by: John Duprey <[email protected]> Co-authored-by: Kristian Kjærgård <[email protected]> Co-authored-by: Craig Bradwell <[email protected]>
Description
Appologies in advance as i am not truly a dev and may not follow usual GitHub etiquette.
The standard currently only changes the "isSiteCreationEnabled" flag, but does not change the "isSiteCreationUIEnabled" flag.
the isSiteCreationUIEnabled flag appears to control if the site creation is allowed through the UI (web).
I am assuming the "isSiteCreationEnabled" flag changes behavior through api/powershell.
I have updated the powershell and tested on my installation and the changes below appear to work
"isSiteCreationUIEnabled": true
"isSiteCreationUIEnabled": false
Invoke-CIPPStandardDisableUserSiteCreate.ps1
updated code:
Environment data
The text was updated successfully, but these errors were encountered: