From 59226417786239bd987748ff6d669b8627f17b0d Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Fri, 23 Jul 2021 18:57:20 +0000 Subject: [PATCH] Added AppSecret params --- .../MSFT_IntuneAppConfigurationPolicy.psm1 | 6 ++ .../MSFT_IntuneAppProtectionPolicyiOS.psm1 | 65 ++++++++++++++++-- .../MSFT_IntuneDeviceCategory.psm1 | 65 ++++++++++++++++-- ...T_IntuneDeviceCompliancePolicyAndroid.psm1 | 65 ++++++++++++++++-- ...iceCompliancePolicyAndroidWorkProfile.psm1 | 65 ++++++++++++++++-- ...SFT_IntuneDeviceCompliancePolicyMacOS.psm1 | 65 ++++++++++++++++-- ...IntuneDeviceCompliancePolicyWindows10.psm1 | 65 ++++++++++++++++-- .../MSFT_IntuneDeviceCompliancePolicyiOs.psm1 | 67 ++++++++++++++++-- ...FT_IntuneDeviceConfigurationPolicyiOS.psm1 | 68 +++++++++++++++++-- ...ntuneDeviceEnrollmentLimitRestriction.psm1 | 65 ++++++++++++++++-- ...neDeviceEnrollmentPlatformRestriction.psm1 | 65 ++++++++++++++++-- package-lock.json | 5 ++ 12 files changed, 624 insertions(+), 42 deletions(-) create mode 100644 package-lock.json diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 index 403ff9c99..074b691c0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 @@ -69,6 +69,9 @@ function Get-TargetResource Description = $configPolicy.Description Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } } catch @@ -224,6 +227,9 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null + $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/MSFT_IntuneAppProtectionPolicyiOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/MSFT_IntuneAppProtectionPolicyiOS.psm1 index 74bb66ddc..6ba7fcd48 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/MSFT_IntuneAppProtectionPolicyiOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/MSFT_IntuneAppProtectionPolicyiOS.psm1 @@ -115,7 +115,19 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Checking for the Intune iOS App Protection Policy {$DisplayName}" $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -208,6 +220,9 @@ function Get-TargetResource Apps = $appsArray Ensure = "Present" GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + ApplicationSecret = $ApplicationSecret + TenantId = $TenantId } } catch @@ -344,7 +359,19 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -522,7 +549,19 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) #region Telemetry $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace("MSFT_", "") @@ -542,6 +581,9 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null + $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -561,7 +603,19 @@ function Export-TargetResource ( [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` -InboundParameters $PSBoundParameters @@ -590,6 +644,9 @@ function Export-TargetResource DisplayName = $policy.displayName Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationID = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCategory/MSFT_IntuneDeviceCategory.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCategory/MSFT_IntuneDeviceCategory.psm1 index d48fcd86e..e49d73a2f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCategory/MSFT_IntuneDeviceCategory.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCategory/MSFT_IntuneDeviceCategory.psm1 @@ -19,7 +19,19 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Checking for the Intune Device Category {$DisplayName}" @@ -56,6 +68,9 @@ function Get-TargetResource Description = $category.Description Ensure = "Present" GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } } catch @@ -104,7 +119,19 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Updating Teams Upgrade Policy {$Identity}" @@ -167,7 +194,19 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) #region Telemetry $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace("MSFT_", "") @@ -187,6 +226,9 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('ApplicationSecret') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -206,7 +248,19 @@ function Export-TargetResource ( [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` -InboundParameters $PSBoundParameters @@ -235,6 +289,9 @@ function Export-TargetResource DisplayName = $category.displayName Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + ApplicationSecret = $ApplicationSecret + TenantId = $TenantId } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 index 4bf0865a9..dee40f594 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 @@ -134,7 +134,19 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Checking for the Intune Android Device Compliance Policy {$DisplayName}" @@ -201,6 +213,9 @@ function Get-TargetResource RoleScopeTagIds = $devicePolicy.RoleScopeTagIds Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } return [System.Collections.Hashtable] $results } @@ -365,7 +380,19 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Intune Device Owner Device Compliance Android Policy {$DisplayName}" @@ -562,7 +589,19 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) #region Telemetry @@ -584,6 +623,9 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null + $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -603,7 +645,19 @@ function Export-TargetResource ( [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -635,6 +689,9 @@ function Export-TargetResource DisplayName = $configDeviceAndroidPolicy.displayName Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 index fba0a82da..b84b0ebaa 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 @@ -118,7 +118,19 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Checking for the Intune Android Work Profile Device Compliance Policy {$DisplayName}" @@ -181,6 +193,9 @@ function Get-TargetResource RoleScopeTagIds = $devicePolicy.RoleScopeTagIds Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } return [System.Collections.Hashtable] $results } @@ -329,7 +344,19 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Intune Android Work Profile Device Compliance Policy {$DisplayName}" @@ -511,7 +538,19 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) #region Telemetry @@ -532,6 +571,9 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null + $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -551,7 +593,19 @@ function Export-TargetResource ( [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -583,6 +637,9 @@ function Export-TargetResource DisplayName = $configDeviceAndroidPolicy.displayName Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 index 80a7655ca..e241b70eb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 @@ -89,7 +89,19 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Checking for the Intune Device Compliance MacOS Policy {$DisplayName}" @@ -145,6 +157,9 @@ function Get-TargetResource FirewallEnableStealthMode = $devicePolicy.FanagedEmailProfileRequired Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } return [System.Collections.Hashtable] $results } @@ -264,7 +279,19 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) @@ -418,7 +445,19 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) #region Telemetry @@ -440,6 +479,9 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null + $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -459,7 +501,19 @@ function Export-TargetResource ( [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -492,6 +546,9 @@ function Export-TargetResource DisplayName = $configDeviceMacOsPolicy.displayName Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } $result = Get-TargetResource @params $result.GlobalAdminAccount = Resolve-Credentials -UserName "globaladmin" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 index eaf786f1d..96d447840 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 @@ -145,7 +145,19 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Checking for the Intune Device Compliance Windows 10 Policy {$DisplayName}" @@ -215,6 +227,9 @@ function Get-TargetResource DeviceCompliancePolicyScript = $devicePolicy.DeviceCompliancePolicyScript ValidOperatingSystemBuildRanges = $devicePolicy.ValidOperatingSystemBuildRanges GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } return [System.Collections.Hashtable] $results } @@ -390,7 +405,19 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) @@ -600,7 +627,19 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) #region Telemetry @@ -622,6 +661,9 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null + $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -641,7 +683,19 @@ function Export-TargetResource ( [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -674,6 +728,9 @@ function Export-TargetResource DisplayName = $configDeviceWindowsPolicy.displayName Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } $result = Get-TargetResource @params $result.GlobalAdminAccount = Resolve-Credentials -UserName "globaladmin" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 index 323219145..45c82f6a3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 @@ -75,7 +75,19 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Checking for the Intune Device Compliance iOS Policy {$DisplayName}" @@ -128,6 +140,9 @@ function Get-TargetResource ManagedEmailProfileRequired = $devicePolicy.ManagedEmailProfileRequired Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } return [System.Collections.Hashtable] $results } @@ -233,10 +248,20 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) - - Write-Verbose -Message "Intune Device Compliance iOS Policy {$DisplayName}" $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -373,7 +398,19 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) #region Telemetry @@ -395,6 +432,9 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null + $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -414,7 +454,19 @@ function Export-TargetResource ( [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -446,6 +498,9 @@ function Export-TargetResource DisplayName = $configDeviceiOsPolicy.displayName Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 index 86cb0c51a..ab7556b80 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 @@ -511,7 +511,19 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Checking for the Intune Device Configuration Policy {$DisplayName}" @@ -672,6 +684,9 @@ function Get-TargetResource WallpaperBlockModification = $policy.WallpaperBlockModification Ensure = "Present" GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } } catch @@ -1205,7 +1220,19 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -1226,6 +1253,9 @@ function Set-TargetResource $setParams = $PSBoundParameters $setParams.Remove("Ensure") | Out-Null $setParams.Remove("GlobalAdminAccount") | Out-Null + $setParams.Remove("ApplicationId") | Out-Null + $setParams.Remove("TenantId") | Out-Null + $setParams.Remove("ApplicationSecret") | Out-Null if ($Ensure -eq 'Present' -and $currentPolicy.Ensure -eq 'Absent') { Write-Verbose -Message "Creating new Device Configuration Policy {$DisplayName}" @@ -1758,7 +1788,19 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) #region Telemetry $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace("MSFT_", "") @@ -1778,6 +1820,9 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null + $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -1797,7 +1842,19 @@ function Export-TargetResource ( [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` -InboundParameters $PSBoundParameters @@ -1826,6 +1883,9 @@ function Export-TargetResource DisplayName = $policy.displayName Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentLimitRestriction/MSFT_IntuneDeviceEnrollmentLimitRestriction.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentLimitRestriction/MSFT_IntuneDeviceEnrollmentLimitRestriction.psm1 index 8943d18ae..7bfcc769c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentLimitRestriction/MSFT_IntuneDeviceEnrollmentLimitRestriction.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentLimitRestriction/MSFT_IntuneDeviceEnrollmentLimitRestriction.psm1 @@ -24,7 +24,19 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Checking for the Intune Device Enrollment Limit Restriction {$DisplayName}" @@ -62,6 +74,9 @@ function Get-TargetResource Limit = $config.Limit Ensure = "Present" GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } } catch @@ -107,7 +122,19 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -175,7 +202,19 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) #region Telemetry $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace("MSFT_", "") @@ -195,6 +234,9 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null + $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -214,7 +256,19 @@ function Export-TargetResource ( [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` -InboundParameters $PSBoundParameters @@ -243,6 +297,9 @@ function Export-TargetResource DisplayName = $config.displayName Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentPlatformRestriction/MSFT_IntuneDeviceEnrollmentPlatformRestriction.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentPlatformRestriction/MSFT_IntuneDeviceEnrollmentPlatformRestriction.psm1 index e6bd1bc74..0485b12cc 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentPlatformRestriction/MSFT_IntuneDeviceEnrollmentPlatformRestriction.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentPlatformRestriction/MSFT_IntuneDeviceEnrollmentPlatformRestriction.psm1 @@ -99,7 +99,19 @@ function Get-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) Write-Verbose -Message "Checking for the Intune Device Enrollment Restriction {$DisplayName}" $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -155,6 +167,9 @@ function Get-TargetResource WindowsMobileOSMaximumVersion = $config.WindowsMobileRestriction.OSMaximumVersion Ensure = "Present" GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } } catch @@ -275,7 +290,19 @@ function Set-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` @@ -418,7 +445,19 @@ function Test-TargetResource [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) #region Telemetry $ResourceName = $MyInvocation.MyCommand.ModuleName.Replace("MSFT_", "") @@ -438,6 +477,9 @@ function Test-TargetResource $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null + $ValuesToCheck.Remove('ApplicationId') | Out-Null + $ValuesToCheck.Remove('TenantId') | Out-Null + $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -457,7 +499,19 @@ function Export-TargetResource ( [Parameter(Mandatory = $true)] [System.Management.Automation.PSCredential] - $GlobalAdminAccount + $GlobalAdminAccount, + + [Parameter()] + [System.String] + $ApplicationId, + + [Parameter()] + [System.String] + $TenantId, + + [Parameter()] + [System.String] + $ApplicationSecret ) $ConnectionMode = New-M365DSCConnection -Platform 'Intune' ` -InboundParameters $PSBoundParameters @@ -486,6 +540,9 @@ function Export-TargetResource DisplayName = $config.displayName Ensure = 'Present' GlobalAdminAccount = $GlobalAdminAccount + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret } $Results = Get-TargetResource @Params $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` diff --git a/package-lock.json b/package-lock.json new file mode 100644 index 000000000..47c0e9ae7 --- /dev/null +++ b/package-lock.json @@ -0,0 +1,5 @@ +{ + "name": "Microsoft365DSC", + "version": "1.0.0.0", + "lockfileVersion": 1 +}