Skip to content

Commit

Permalink
Merge pull request #46 from KelvinTegelaar/master
Browse files Browse the repository at this point in the history
[pull] master from KelvinTegelaar:master
  • Loading branch information
pull[bot] authored Dec 11, 2023
2 parents d0fcb2a + 2494cc2 commit 93f4bb5
Show file tree
Hide file tree
Showing 303 changed files with 5,857 additions and 4,068 deletions.
534 changes: 534 additions & 0 deletions Config/StandardsTable.BPATemplate.json

Large diffs are not rendered by default.

585 changes: 585 additions & 0 deletions Config/standards.json

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions ExecExtensionNinjaOneQueue/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,5 @@ Switch ($QueueItem.NinjaAction) {
'StartAutoMapping' { Invoke-NinjaOneOrgMapping }
'AutoMapTenant' { Invoke-NinjaOneOrgMappingTenant -QueueItem $QueueItem }
'SyncTenant' { Invoke-NinjaOneTenantSync -QueueItem $QueueItem }
'SyncTenants' {Invoke-NinjaOneSync}
}
2 changes: 1 addition & 1 deletion ExecGDAPInviteApproved_Timer/function.json
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@
{
"type": "queue",
"direction": "out",
"name": "Msg",
"name": "gdapinvitequeue",
"queueName": "gdapinvitequeue"
}
]
Expand Down
12 changes: 5 additions & 7 deletions ExecGDAPInviteQueue/run.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,12 @@
param( $QueueItem, $TriggerMetadata)

# Write out the queue message and metadata to the information log.
Write-Host "PowerShell queue trigger function processed work item: $QueueItem"
#$TenantFilter = $env:TenantID
Write-Host "PowerShell queue trigger function processed work item: $($QueueItem.customer.displayName)"

$Table = Get-CIPPTable -TableName 'GDAPInvites'
$Invite = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq '$QueueItem'"
$Invite = Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq '$($QueueItem.id)'"
$APINAME = 'GDAPInvites'
$RoleMappings = $Invite.RoleMappings | ConvertFrom-Json
Write-Host ($Invite | ConvertTo-Json -Compress)

foreach ($role in $RoleMappings) {
try {
Expand All @@ -24,12 +22,12 @@ foreach ($role in $RoleMappings) {
})
}
}
New-GraphPostRequest -NoAuthCheck $True -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships/$($QueueItem)/accessAssignments" -tenantid $env:TenantID -type POST -body $MappingBody -verbose
New-GraphPostRequest -NoAuthCheck $True -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships/$($QueueItem.id)/accessAssignments" -tenantid $env:TenantID -type POST -body $MappingBody -verbose
Start-Sleep -Milliseconds 100
} catch {
Write-LogMessage -API $APINAME -message "GDAP Group mapping failed - $($role.GroupId): $($_.Exception.Message)" -Sev Error
Write-LogMessage -API $APINAME -message "GDAP Group mapping failed for $($QueueItem.customer.displayName) - Group: $($role.GroupId) - Exception: $($_.Exception.Message)" -Sev Error
exit 1
}
Write-LogMessage -API $APINAME -message "Groups mapped for GDAP Relationship: $($GdapInvite.RowKey)" -Sev Info
}
Write-LogMessage -API $APINAME -message "Groups mapped for GDAP Relationship: $($QueueItem.customer.displayName) - $($QueueItem.displayName)" -Sev Info
Remove-AzDataTableEntity @Table -Entity $Invite
15 changes: 6 additions & 9 deletions Modules/CIPPCore/Public/Add-CIPPAzDataTableEntity.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,8 @@ function Add-CIPPAzDataTableEntity {
foreach ($SingleEnt in $Entity) {
try {
Add-AzDataTableEntity -context $Context -force:$Force -CreateTableIfNotExists:$CreateTableIfNotExists -Entity $SingleEnt
}
catch [System.Exception] {
if ($_.Exception.ErrorCode -eq "PropertyValueTooLarge" -or $_.Exception.ErrorCode -eq "EntityTooLarge") {
} catch [System.Exception] {
if ($_.Exception.ErrorCode -eq 'PropertyValueTooLarge' -or $_.Exception.ErrorCode -eq 'EntityTooLarge') {
try {
$MaxSize = 30kb
$largePropertyName = $null
Expand All @@ -36,10 +35,10 @@ function Add-CIPPAzDataTableEntity {
}

$splitInfo = @{
OriginalHeader = $largePropertyName;
OriginalHeader = $largePropertyName
SplitHeaders = $splitPropertyNames
}
$SingleEnt["SplitOverProps"] = ($splitInfo | ConvertTo-Json).ToString()
$SingleEnt['SplitOverProps'] = ($splitInfo | ConvertTo-Json).ToString()
$SingleEnt.Remove($largePropertyName)

for ($i = 0; $i -lt $splitData.Count; $i++) {
Expand All @@ -49,12 +48,10 @@ function Add-CIPPAzDataTableEntity {
Add-AzDataTableEntity -context $Context -force:$Force -CreateTableIfNotExists:$CreateTableIfNotExists -Entity $SingleEnt
}

}
catch {
} catch {
throw "Error processing entity: $($_.Exception.Message)."
}
}
else {
} else {
throw $_
}
}
Expand Down
45 changes: 45 additions & 0 deletions Modules/CIPPCore/Public/Add-CIPPBPAField.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
function Add-CIPPBPAField {
param (
$BPAName = 'CIPP Standards v1.0 - Table view',
$FieldName,
$FieldValue,
$StoreAs,
$Tenant
)
$Table = Get-CippTable -tablename 'cachebpav2'
$TenantName = Get-Tenants | Where-Object -Property defaultDomainName -EQ $Tenant
$CurrentContentsObject = (Get-CIPPAzDataTableEntity @Table -Filter "RowKey eq '$BPAName' and PartitionKey eq '$($TenantName.customerId)'")
Write-Host "Adding $FieldName to $BPAName for $Tenant. content is $($CurrentContents.RowKey)"
if ($CurrentContentsObject.RowKey) {
$CurrentContents = @{}
$CurrentContentsObject.PSObject.Properties | ForEach-Object {
$CurrentContents[$_.Name] = $_.Value
}
$Result = $CurrentContents
} else {
$Result = @{
Tenant = "$($TenantName.displayName)"
GUID = "$($TenantName.customerId)"
RowKey = $BPAName
PartitionKey = "$($TenantName.customerId)"
LastRefresh = [string]$(Get-Date (Get-Date).ToUniversalTime() -UFormat '+%Y-%m-%dT%H:%M:%S.000Z')
}
}
switch -Wildcard ($StoreAs) {
'*bool' {
$Result["$fieldName"] = [bool]$FieldValue
}
'JSON' {

if ($FieldValue -eq $null) { $JsonString = '{}' } else { $JsonString = (ConvertTo-Json -Depth 15 -InputObject $FieldValue -Compress) }
$Result[$fieldName] = [string]$JsonString
}
'string' {
$Result[$fieldName], [string]$FieldValue
}
'percentage' {

}
}
Add-CIPPAzDataTableEntity @Table -Entity $Result -Force
}
74 changes: 37 additions & 37 deletions Modules/CIPPCore/Public/Entrypoints/Invoke-AddAPDevice.ps1
Original file line number Diff line number Diff line change
@@ -1,50 +1,50 @@
using namespace System.Net
using namespace System.Net

Function Invoke-AddAPDevice {
Function Invoke-AddAPDevice {
<#
.FUNCTIONALITY
Entrypoint
#>
[CmdletBinding()]
param($Request, $TriggerMetadata)

$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Accessed this API" -Sev "Debug"
$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'


# Write to the Azure Functions log stream.
Write-Host "PowerShell HTTP trigger function processed a request."
$TenantFilter = (Get-Tenants | Where-Object { $_.defaultDomainName -eq $Request.body.TenantFilter }).customerId
$GroupName = if ($Request.body.Groupname) { $Request.body.Groupname } else { (New-Guid).GUID }
$rawDevices = $request.body.autopilotData
$Devices = ConvertTo-Json @($rawDevices)
Write-Host $Devices
$Result = try {
$CurrentStatus = (New-GraphgetRequest -uri "https://api.partnercenter.microsoft.com/v1/customers/$tenantfilter/DeviceBatches" -scope 'https://api.partnercenter.microsoft.com/user_impersonation')
if ($groupname -in $CurrentStatus.items.id) { throw "This device batch name already exists. Please try with another name." }
$body = '{"batchId":"' + $($GroupName) + '","devices":' + $Devices + '}'
$GraphRequest = (New-GraphPostRequest -uri "https://api.partnercenter.microsoft.com/v1/customers/$TenantFilter/DeviceBatches" -body $body -scope 'https://api.partnercenter.microsoft.com/user_impersonation')
Write-Host ($GraphRequest | ConvertTo-Json)
Start-Sleep 5
$NewStatus = New-GraphgetRequest -uri "https://api.partnercenter.microsoft.com/v1/customers/$tenantfilter/DeviceBatches" -scope 'https://api.partnercenter.microsoft.com/user_impersonation'
Write-Host $($Newstatus | ConvertTo-Json)
if ($Newstatus.totalcount -eq $CurrentStatus.totalcount) { throw "We could not find the new autopilot device. Please check if your input is correct." }
Write-Host $CurrentStatus.Items
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($Request.body.TenantFilter) -message "Created Autopilot devices group. Group ID is $GroupName" -Sev "Info"
"Created Autopilot devices group for $($Request.body.TenantFilter). Group ID is $GroupName"
}
catch {
"$($Request.body.TenantFilter): Failed to create autopilot devices. $($_.Exception.Message)"
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($Request.body.TenantFilter) -message "Failed to create autopilot devices. $($_.Exception.Message)" -Sev "Error"
}
# Write to the Azure Functions log stream.
Write-Host 'PowerShell HTTP trigger function processed a request.'
$TenantFilter = (Get-Tenants | Where-Object { $_.defaultDomainName -eq $Request.body.TenantFilter }).customerId
$GroupName = if ($Request.body.Groupname) { $Request.body.Groupname } else { (New-Guid).GUID }
$rawDevices = $request.body.autopilotData
$Devices = ConvertTo-Json @($rawDevices)
Write-Host $Devices
$Result = try {
$CurrentStatus = (New-GraphgetRequest -uri "https://api.partnercenter.microsoft.com/v1/customers/$tenantfilter/DeviceBatches" -scope 'https://api.partnercenter.microsoft.com/user_impersonation')
if ($groupname -in $CurrentStatus.items.id) { throw 'This device batch name already exists. Please try with another name.' }
$body = '{"batchId":"' + $($GroupName) + '","devices":' + $Devices + '}'
$GraphRequest = (New-GraphPostRequest -uri "https://api.partnercenter.microsoft.com/v1/customers/$TenantFilter/DeviceBatches" -body $body -scope 'https://api.partnercenter.microsoft.com/user_impersonation')
Write-Host ($GraphRequest | ConvertTo-Json)
Start-Sleep 5
$NewStatus = New-GraphgetRequest -uri "https://api.partnercenter.microsoft.com/v1/customers/$tenantfilter/DeviceBatches" -scope 'https://api.partnercenter.microsoft.com/user_impersonation'
Write-Host $($Newstatus | ConvertTo-Json)
if ($Newstatus.totalcount -eq $CurrentStatus.totalcount) { throw 'We could not find the new autopilot device. Please check if your input is correct.' }
Write-Host $CurrentStatus.Items
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($Request.body.TenantFilter) -message "Created Autopilot devices group. Group ID is $GroupName" -Sev 'Info'
"Created Autopilot devices group for $($Request.body.TenantFilter). Group ID is $GroupName"
}
catch {
"$($Request.body.TenantFilter): Failed to create autopilot devices. $($_.Exception.Message)"
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($Request.body.TenantFilter) -message "Failed to create autopilot devices. $($_.Exception.Message)" -Sev 'Error'
}

$body = [pscustomobject]@{"Results" = $Result }
Write-Host $body
# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = $body
$body = [pscustomobject]@{'Results' = $Result }
Write-Host $body
# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = $body

})
})

}
}
9 changes: 6 additions & 3 deletions Modules/CIPPCore/Public/Entrypoints/Invoke-AddAlert.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,8 @@ Function Invoke-AddAlert {
try {
$TenantID = if ($tenant -ne 'AllTenants') {
(get-tenants | Where-Object -Property defaultDomainName -EQ $Tenant).customerId
} else {
}
else {
'AllTenants'
}
if ($Request.body.SetAlerts) {
Expand Down Expand Up @@ -64,7 +65,8 @@ Function Invoke-AddAlert {
Push-OutputBinding -Name Subscription -Value $Params
}
}
} else {
}
else {
foreach ($eventType in $Request.body.EventTypes.value) {
$params = @{
TenantFilter = $tenant
Expand All @@ -80,7 +82,8 @@ Function Invoke-AddAlert {
}
"Successfully added Alert for $($Tenant) to queue."
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenant -message "Successfully added Alert for $($Tenant) to queue." -Sev 'Info'
} catch {
}
catch {
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -tenant $tenant -message "Failed to add Alert for for $($Tenant) to queue" -Sev 'Error'
"Failed to add Alert for for $($Tenant) to queue $($_.Exception.message)"
}
Expand Down
83 changes: 23 additions & 60 deletions Modules/CIPPCore/Public/Entrypoints/Invoke-AddAutopilotConfig.ps1
Original file line number Diff line number Diff line change
@@ -1,77 +1,40 @@
using namespace System.Net
using namespace System.Net

Function Invoke-AddAutopilotConfig {
Function Invoke-AddAutopilotConfig {
<#
.FUNCTIONALITY
Entrypoint
#>
[CmdletBinding()]
param($Request, $TriggerMetadata)

$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message "Accessed this API" -Sev "Debug"
$APIName = $TriggerMetadata.FunctionName
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'


# Write to the Azure Functions log stream.
Write-Host "PowerShell HTTP trigger function processed a request."
# Write to the Azure Functions log stream.
Write-Host 'PowerShell HTTP trigger function processed a request.'

# Input bindings are passed in via param block.
$user = $request.headers.'x-ms-client-principal'
$Tenants = ($Request.body | Select-Object Select_*).psobject.properties.value
$displayname = $request.body.Displayname
$description = $request.body.Description
$AssignTo = if ($request.body.Assignto -ne "on") { $request.body.Assignto }
$Profbod = $Request.body
$usertype = if ($Profbod.NotLocalAdmin -eq "true") { "standard" } else { "administrator" }
$DeploymentMode = if ($profbod.DeploymentMode -eq "true") { "shared" } else { "singleUser" }
$results = foreach ($Tenant in $tenants) {
try {
$ObjBody = [pscustomobject]@{
"@odata.type" = "#microsoft.graph.azureADWindowsAutopilotDeploymentProfile"
"displayName" = "$($displayname)"
"description" = "$($description)"
"deviceNameTemplate" = "$($profbod.DeviceNameTemplate)"
"language" = "os-default"
"enableWhiteGlove" = $([bool]($profbod.allowWhiteGlove))
"deviceType" = "windowsPc"
"extractHardwareHash" = $([bool]($profbod.CollectHash))
"roleScopeTagIds" = @()
"hybridAzureADJoinSkipConnectivityCheck" = $false
"outOfBoxExperienceSettings" = @{
"deviceUsageType" = "$DeploymentMode"
"hideEscapeLink" = $([bool]($Profbod.hideChangeAccount))
"hidePrivacySettings" = $([bool]($Profbod.hidePrivacy))
"hideEULA" = $([bool]($Profbod.hideTerms))
"userType" = "$usertype"
"skipKeyboardSelectionPage" = $([bool]($Profbod.Autokeyboard))
}
}
$Body = ConvertTo-Json -InputObject $ObjBody
$GraphRequest = New-GraphPostRequest -uri "https://graph.microsoft.com/beta/deviceManagement/windowsAutopilotDeploymentProfiles" -body $body -tenantid $Tenant
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($tenant) -message "Added Autopilot profile $($Displayname)" -Sev "Info"
if ($AssignTo) {
$AssignBody = '{"target":{"@odata.type":"#microsoft.graph.allDevicesAssignmentTarget"}}'
$assign = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/deviceManagement/windowsAutopilotDeploymentProfiles/$($GraphRequest.id)/assignments" -tenantid $Tenant -type POST -body $AssignBody
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($tenant) -message "Assigned autopilot profile $($Displayname) to $AssignTo" -Sev "Info"
}
"Successfully added profile for $($Tenant)"
# Input bindings are passed in via param block.
$Tenants = ($Request.body | Select-Object Select_*).psobject.properties.value
$displayname = $request.body.Displayname
$description = $request.body.Description
$AssignTo = if ($request.body.Assignto -ne 'on') { $request.body.Assignto }
$Profbod = $Request.body
$usertype = if ($Profbod.NotLocalAdmin -eq 'true') { 'standard' } else { 'administrator' }
$DeploymentMode = if ($profbod.DeploymentMode -eq 'true') { 'shared' } else { 'singleUser' }
$results = foreach ($Tenant in $tenants) {
Set-CIPPDefaultAPDeploymentProfile -tenantFilter $tenant -displayname $displayname -description $description -usertype $usertype -DeploymentMode $DeploymentMode -assignto $AssignTo -devicenameTemplate $Profbod.deviceNameTemplate -allowWhiteGlove $Profbod.allowWhiteGlove -CollectHash $Profbod.collectHash -hideChangeAccount $Profbod.hideChangeAccount -hidePrivacy $Profbod.hidePrivacy -hideTerms $Profbod.hideTerms -Autokeyboard $Profbod.Autokeyboard
}
catch {
"Failed to add profile for $($Tenant): $($_.Exception.Message)"
Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APIName -tenant $($tenant) -message "Failed adding Autopilot Profile $($Displayname). Error: $($_.Exception.Message)" -Sev "Error"
continue
}

}

$body = [pscustomobject]@{"Results" = $results }
$body = [pscustomobject]@{'Results' = $results }

# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = $body
})
# Associate values to output bindings by calling 'Push-OutputBinding'.
Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
StatusCode = [HttpStatusCode]::OK
Body = $body
})



}
}
Loading

0 comments on commit 93f4bb5

Please sign in to comment.