[pull] dev from KelvinTegelaar:dev#85
Open
pull[bot] wants to merge 187 commits intoisgq-github01:devfrom
Open
Conversation
…derTVM Changed 'affectedDevices' to create an array of objects instead of joining device names with commas. This makes them look a lot nicer in the tables.
Enhance Import-CommunityTemplate to detect duplicate templates (GroupTemplate, CATemplate, IntuneTemplate), preserve existing GUID/RowKey when updating, and skip imports when SHA matches (unless -Force). Introduce a $StatusMessage, log informative messages for create/update/skip cases, preserve Package from duplicates, and return the status string. Update callers (Invoke-ExecCommunityRepo and New-CIPPTemplateRun) to capture and use the import result (write/log it and include it in results), and pass Source where needed. These changes add feedback and prevent creating duplicate template records.
Fix(reusable-settings): Data normalizing and formatting
- Introduced logic to handle AssignmentFilterName and AssignmentFilterType. - Updated parameters for Set-CIPPIntunePolicy to include assignment filter details if provided.
chore: Update .gitignore and improve alert device handling
…ed locations When creating a new named location, the uncaptured Select-Object on line 198 leaked an id-less object into $LocationLookupTable. This caused duplicate lookup matches where $lookup.id resolved to @($null, "guid"), producing invalid nested-array JSON in excludeLocations/includeLocations. Fixes KelvinTegelaar/CIPP#5368
fix: Fix named location creation in New-CIPPCAPolicy
Update Invoke-AddUser.ps1
feat: Add Invoke-ExecSyncDEP function for DEP sync
feat: Add assignment filter handling in Invoke-AddPolicy
Possibly fixes KelvinTegelaar/CIPP#5338 Sort licenses by License name by default ADD WORD
…nfig Implements standard to enable/disable Windows Backup and Restore for Organizations (WBfO) enrollment setting in Intune via Graph API.
…p-restore feat: Add WindowsBackupRestore standard
Improve parsing and comparison of Teams AllowedDomains and BlockedDomains when evaluating/updating tenant federation settings. Handles multiple API return shapes (AllowAllKnownDomains, AllowedDomain arrays, Domain arrays, empty PSObject), normalizes domain lists for comparisons, and correctly decides whether to send AllowedDomains or AllowedDomainsAsAList to Set-CsTenantFederationConfiguration. Also normalizes blocked domains comparisons, adds informational logging for detected structures and update parameters, and adjusts reporting to return consistent Current/Expected values. Minor formatting tweaks to license capability array and try/catch alignment.
Refactor parsing and comparison logic for Teams federation AllowedDomains/BlockedDomains. Handle PSObject and deserialized types, detect AllowAllKnownDomains, extract AllowedDomain/Domain properties, and normalize blocked domains up-front. Add DomainControl-specific validation for allow/block modes and normalize values for reporting. Remove a noisy Update info log and tidy comparison initialization to avoid false mismatches.
Introduce Get-CIPPMailboxesReport to retrieve mailbox records from the reporting DB (supports TenantFilter and 'AllTenants' aggregation, attaches a CacheTimestamp, sorts by displayName and logs errors). Update Invoke-ListMailboxes to accept a UseReportDB query parameter; when set to 'true' it calls the new report function and returns the results (with HTTP status/error handling), otherwise it continues to use the existing live EXO logic.
Stop using Convert-SKUname/convert-skuname and culture-based formatting for license display names. Use the raw SkuPartNumber value (with a fallback of 'Unknown License' when missing) and simplify list output. Also add informational logging of license objects. Changes touch Invoke-HuduExtensionSync.ps1 and Invoke-NinjaOneTenantSync.ps1 to avoid conversion errors and reduce formatting complexity.
Feat: Add RouteMessageOutboundConnector support
fix: Update role in Invoke-ExecDnsConfig.ps1
Update the Invoke-listStandardTemplates function comment to include 'AnyTenant' in the .FUNCTIONALITY tag. This documents that the entrypoint can operate in an any-tenant context; no runtime logic was changed.
Wrap processing of entity.SplitOverProps in a try/catch/finally block to stop and handle ConvertFrom-Json errors (-ErrorAction Stop). On failure, emit a warning including the entity's PartitionKey and RowKey so problematic rows can be identified. Always remove the SplitOverProps property in the finally block to ensure cleanup and prevent leftover properties even when parsing fails.
Capture results from Add-CIPPApplicationPermission/Add-CIPPDelegatedPermission, detect and aggregate permission failures (excluding service principal creation failures), and log success/warn messages accordingly. Persist LastStatus and LastError to the CPV graph row so downstream logic knows whether the update succeeded. Also add an error log in the catch block. Update the orchestrator selection logic to use LastStatus when deciding retry interval: failed or missing statuses are retried after 1 day, successful tenants after 7 days. This makes retries for failing tenants more aggressive while avoiding unnecessary reprocessing of stable tenants.
Fix comparison object
Include TermInfo in the Licenses object returned by Get-CippExtensionReportingData (wraps TermInfo as an array). Update Invoke-NinjaOneTenantSync to stop aggregating $Subscriptions from ExtensionCache and instead use each $License.TermInfo when matching subscription info. This preserves per-license term details and removes the now-unused $Subscriptions extraction.
Expose SKU service plan details in reporting by adding a ServicePlans property to the objects returned by Get-CIPPLicenseOverview (uses $sku.servicePlans) and mapping a servicePlans field in Get-CippExtensionReportingData (uses $_.ServicePlans). This ensures service plan information is propagated into the extension reporting output.
Update Invoke-NinjaOneTenantSync to set cippLicenseID from $License.skuId instead of $License.id. This aligns the recorded license identifier with the API's SKU field when building the cippLicenseSummary/cippLicenseUsers payload.
Guard against null or empty $UserPolicies in Invoke-NinjaOneTenantSync.ps1 when formatting Conditional Access Policies. Build the <ul> list only if policies exist and use a 'No Conditional Access Policies Assigned' fallback message otherwise, avoiding empty HTML lists.
Introduce a new PowerShell entrypoint Invoke-ExecLicenseSearch that accepts a Request and TriggerMetadata. It validates Request.Body.skuIds, searches across tenants using Search-CIPPDbData for LicenseOverview records, deduplicates results by skuId, and returns unique skuId/displayName objects in an HttpResponseContext. Handles missing input (400) and runtime errors with logging and a 500 response. Contains annotations for functionality (Entrypoint,AnyTenant) and role (CIPP.Core.Read).
Determine allowed tenants via Test-CIPPAccess and compute a TenantFilter (specific tenant domains or 'allTenants'), pass that TenantFilter into Search-CIPPDbData for Users/Groups/default branches, and update Search-CIPPDbData's TenantFilter parameter to accept string[] so multiple tenants can be supplied. This restricts search results to the caller's permitted tenants.
Add support for BitLocker recovery keys: new Search-CIPPBitlockerKeys (search + enrich with Devices/ManagedDevices), Set-CIPPDBCacheBitlockerKeys (cache keys from Graph beta), and Invoke-ExecBitlockerSearch entrypoint to expose search via HTTP with tenant filtering and limits. Also register 'BitlockerKeys' in Push-CIPPDBCacheData and Search-CIPPDbData types so BitLocker data is included in caching and DB searches.
Replace references to UserPrincipalName with UPN when selecting mailbox properties and when passing Identity to Set-Mailbox. Updated three locations: NonCompliantMailboxes selection, Set-Mailbox Parameters (Identity), and the report Filtered selection. This ensures correct property access for mailbox objects that expose UPN.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )