Merge pull request #27 from BNWEIN/Dev

Update to 1.1.8

CIPPAPIModule/CIPPAPIModule.psd1

@@ -12,7 +12,7 @@
 RootModule = 'CIPPAPIModule.psm1'
 
 # Version number of this module.
-ModuleVersion = '1.1.7'
+ModuleVersion = '1.1.8'
 
 # Supported PSEditions
 # CompatiblePSEditions = @()

CIPPAPIModule/public/Email-Exchange/Add-CIPPRoomMailbox.ps1

@@ -0,0 +1,59 @@
+<#
+.SYNOPSIS
+    Adds a room mailbox to a specified tenant.
+
+.DESCRIPTION
+    This function adds a room mailbox to a specified tenant by calling the CIPP API endpoint '/api/AddRoomMailbox'.
+    It requires the tenant ID, display name, domain, and username as mandatory parameters.
+    Optionally, the resource capacity can also be specified.
+
+.PARAMETER CustomerTenantID
+    The ID of the customer tenant where the room mailbox will be added.
+    Either TenantID or Default domain can be used to identify the tenant.
+
+.PARAMETER DisplayName
+    The display name for the room mailbox.
+
+.PARAMETER Domain
+    The domain for the room mailbox.
+
+.PARAMETER Username
+    The username for the room mailbox.
+
+.PARAMETER ResourceCapacity
+    The resource capacity for the room mailbox. This parameter is optional.
+
+.EXAMPLE
+    Add-RoomMailbox -CustomerTenantID "7e3effb6-6efe-42f2-b071-48ce318eaf95" -DisplayName "Conference Room 1" -Domain "example.com" -Username "confroom1" -ResourceCapacity 10
+
+.NOTES
+    This function uses the Invoke-CIPPRestMethod cmdlet to make a POST request to the CIPP API.
+#>
+function Add-CIPPRoomMailbox {
+    [CmdletBinding()]
+    Param(
+        [Parameter(Mandatory = $true)]
+        [string]$CustomerTenantID,
+        [Parameter(Mandatory = $true)]
+        [string]$DisplayName,
+        [Parameter(Mandatory = $true)]
+        [string]$Domain,
+        [Parameter(Mandatory = $true)]
+        [string]$Username,
+        [Parameter(Mandatory = $false)]
+        [int]$ResourceCapacity
+    )
+
+    Write-Verbose "Adding room mailbox in tenant: $CustomerTenantID"
+    $Endpoint = '/api/AddRoomMailbox'
+    $body = @{
+        tenantID          = $CustomerTenantID
+        displayName       = $DisplayName
+        username          = $Username
+        domain            = $Domain
+        userPrincipalName = "$Username@$Domain"
+        resourceCapacity  = $ResourceCapacity
+
+    }
+    Invoke-CIPPRestMethod -Endpoint $Endpoint -Body $body -Method POST
+}

CIPPAPIModule/public/Email-Exchange/Add-CIPPSharedMailbox.ps1

@@ -0,0 +1,68 @@
+<#
+.SYNOPSIS
+    Adds a shared mailbox to a specified tenant.
+
+.DESCRIPTION
+    This function adds a shared mailbox to a specified tenant using the provided tenant ID, display name, domain, and username. Optionally, additional aliases can be added.
+
+.PARAMETER CustomerTenantID
+    The ID of the customer tenant where the shared mailbox will be added. This parameter is mandatory.
+    Either TenantID or Default domain can be used to identify the tenant.
+
+.PARAMETER DisplayName
+    The display name for the shared mailbox. This parameter is mandatory.
+
+.PARAMETER Domain
+    The domain for the shared mailbox. This parameter is mandatory.
+
+.PARAMETER Username
+    The username for the shared mailbox. This parameter is mandatory.
+
+.PARAMETER AddedAliases
+    An array of additional aliases to be added to the shared mailbox. This parameter is optional.
+
+.EXAMPLE
+    Add-CIPPSharedMailbox -CustomerTenantID "d6766bb9-44e0-4a4b-b8d0-3d9c4d1d15cc" -DisplayName "Support" -Domain "example.com" -Username "support"
+    This example adds a shared mailbox with the display name "Support" and the username "support" to the tenant "d6766bb9-44e0-4a4b-b8d0-3d9c4d1d15cc".
+
+.EXAMPLE
+    Add-CIPPSharedMailbox -CustomerTenantID "example.com" -DisplayName "Support" -Domain "example.com" -Username "support" -AddedAliases "itsupport@example.com"
+    This example adds a shared mailbox with the display name "Support" and the username "support" to the tenant "example.com". One additional alias is also added to the mailbox.
+
+.EXAMPLE
+    Add-CIPPSharedMailbox -CustomerTenantID "example.com" -DisplayName "Support" -Domain "example.com" -Username "support" -AddedAliases 'itsupport@example.com','helpdesk@example.com','sos@example.com'
+    This example adds a shared mailbox with the display name "Support" and the username "support" to the tenant "example.com". Three additional aliases is also added to the mailbox.
+    The AddedAliases parameter accepts an array of strings.
+
+
+.NOTES
+    This function uses the Invoke-CIPPRestMethod cmdlet to send a POST request to the /api/AddSharedMailbox endpoint.
+#>
+
+function Add-CIPPSharedMailbox {
+    [CmdletBinding()]
+    Param(
+        [Parameter(Mandatory = $true)]
+        [string]$CustomerTenantID,
+        [Parameter(Mandatory = $true)]
+        [string]$DisplayName,
+        [Parameter(Mandatory = $true)]
+        [string]$Domain,
+        [Parameter(Mandatory = $true)]
+        [string]$Username,
+        [Parameter(Mandatory = $false)]
+        [array]$AddedAliases
+    )
+
+    Write-Verbose "Adding Shared mailbox in tenant: $CustomerTenantID"
+    $Endpoint = '/api/AddSharedMailbox'
+    $body = @{
+        tenantID     = $CustomerTenantID
+        displayName  = $DisplayName
+        username     = $Username
+        domain       = $Domain
+        AddedAliases = $AddedAliases
+
+    }
+    Invoke-CIPPRestMethod -Endpoint $Endpoint -Body $body -Method POST
+}

CIPPAPIModule/public/Identity/Administration/Users/Get-CIPPPerUserMFA.ps1

@@ -0,0 +1,50 @@
+<#
+.SYNOPSIS
+    Retrieves the per-user Multi-Factor Authentication (MFA) status for a specified user or all users in a given customer tenant.
+
+.PARAMETER CustomerTenantID
+    The ID of the customer tenant for which to retrieve the per-user MFA status. This parameter is mandatory.
+
+.PARAMETER UserId
+    The ID of the user for whom to retrieve the per-user MFA status. This parameter is optional and is ignored if the AllUsers switch is specified.
+    Can be either the user's email address or the user's ID.
+
+.PARAMETER AllUsers
+    A switch parameter that, when specified, retrieves the per-user MFA status for all users in the specified customer tenant. If this switch is specified, the UserId parameter is ignored.
+
+.EXAMPLE
+    Get-CIPPPerUserMFA -CustomerTenantID "12345" -UserId "user@example.com"
+    Retrieves the per-user MFA status for the user with ID "user@example.com" in the customer tenant with ID "12345".
+
+.EXAMPLE
+    Get-CIPPPerUserMFA -CustomerTenantID "12345" -AllUsers
+    Retrieves the per-user MFA status for all users in the customer tenant with ID "12345".
+
+.NOTES
+    This function uses the Invoke-CIPPRestMethod cmdlet to make a GET request to the '/api/ListPerUserMFA' endpoint with the specified parameters.
+#>
+function Get-CIPPPerUserMFA {
+    [CmdletBinding()]
+    Param(
+        [Parameter(Mandatory = $true)]
+        [string]$CustomerTenantID,
+        [Parameter(Mandatory = $false)]
+        [string]$UserId,
+        [Parameter(Mandatory = $false)]
+        [switch]$AllUsers
+    )
+
+    if ($AllUsers.IsPresent -eq $true) {
+        Write-Verbose "Getting Per user MFA for all users in $CustomerTenantID"
+    } else {
+        Write-Verbose "Getting Per user MFA for $UserId in $CustomerTenantID"
+    }
+
+    $endpoint = '/api/ListPerUserMFA'
+    $params = @{
+        TenantFilter = $CustomerTenantID
+        userId       = $UserId
+        allUsers     = $AllUsers.IsPresent
+    }
+    Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params -Method GET
+}

CIPPAPIModule/public/Identity/Administration/Users/Set-CIPPUser.ps1

@@ -136,7 +136,7 @@ function Set-CIPPUser {
                 value = [PSCustomObject]@{
                     groupid   = $cippAddGroup.ID
                     groupName = $cippAddGroup.DisplayName
-                    groupType = $cippAddgroup.calculatedGroupType
+                    groupType = $CIPPAddGroup.calculatedGroupType
                 }
                 label = "$($CIPPAddGroup.DisplayName) - $($CIPPAddGroup.calculatedGroupType)"
             }
@@ -183,7 +183,8 @@ function Set-CIPPUser {
         MobilePhone       = $MobilePhone ? $MobilePhone : $existingUser.MobilePhone
         Department        = $Department ? $Department : $existingUser.Department
         City              = $City ? $City : $existingUser.City
+        MustChangePass    = $MustChangePass
     }
 
     Invoke-CIPPRestMethod -Endpoint '/api/edituser' -Body $body -Method 'POST'
-}
+}

Docs/Add-CIPPRoomMailbox.md

@@ -0,0 +1,34 @@
+# Add-CIPPRoomMailbox
+## SYNOPSIS
+Adds a room mailbox to a specified tenant.
+
+## DESCRIPTION
+This function adds a room mailbox to a specified tenant by calling the CIPP API endpoint '/api/AddRoomMailbox'.
+It requires the tenant ID, display name, domain, and username as mandatory parameters.
+Optionally, the resource capacity can also be specified.
+
+# PARAMETERS
+
+## **-CustomerTenantID**
+> ![Type](https://img.shields.io/badge/Type-String-Blue?) ![Mandatory](https://img.shields.io/badge/Mandatory-TRUE-Red?) \
+The ID of the customer tenant where the room mailbox will be added. Either TenantID or Default domain can be used to identify the tenant.
+
+## **-DisplayName**
+> ![Type](https://img.shields.io/badge/Type-String-Blue?) ![Mandatory](https://img.shields.io/badge/Mandatory-TRUE-Red?) \
+The display name for the room mailbox.
+
+## **-Domain**
+> ![Type](https://img.shields.io/badge/Type-String-Blue?) ![Mandatory](https://img.shields.io/badge/Mandatory-TRUE-Red?) \
+The domain for the room mailbox.
+
+## **-Username**
+> ![Type](https://img.shields.io/badge/Type-String-Blue?) ![Mandatory](https://img.shields.io/badge/Mandatory-TRUE-Red?) \
+The username for the room mailbox.
+
+## **-ResourceCapacity**
+> ![Type](https://img.shields.io/badge/Type-Int32-Blue?) ![Mandatory](https://img.shields.io/badge/Mandatory-FALSE-Green?) ![DefaultValue](https://img.shields.io/badge/DefaultValue-0-Blue?color=5547a8) \
+The resource capacity for the room mailbox. This parameter is optional.
+
+#### EXAMPLE 1
+```powershell
+Add-CIPPRoomMailbox -CustomerTenantID "7e3effb6-6efe-42f2-b071-48ce318eaf95" -DisplayName "Conference Room 1" -Domain "example.com" -Username "confroom1" -ResourceCapacity 10

Docs/Add-CIPPSharedMailbox.md

@@ -0,0 +1,40 @@
+# Add-CIPPSharedMailbox
+## SYNOPSIS
+Adds a shared mailbox to a specified tenant.
+## DESCRIPTION
+This function adds a shared mailbox to a specified tenant using the provided tenant ID, display name, domain, and username. Optionally, additional aliases can be added.
+# PARAMETERS
+
+## **-CustomerTenantID**
+> ![Foo](https://img.shields.io/badge/Type-String-Blue?) ![Foo](https://img.shields.io/badge/Mandatory-TRUE-Red?) \
+The ID of the customer tenant where the shared mailbox will be added. This parameter is mandatory. Either TenantID or Default domain can be used to identify the tenant.
+
+  ## **-DisplayName**
+> ![Foo](https://img.shields.io/badge/Type-String-Blue?) ![Foo](https://img.shields.io/badge/Mandatory-TRUE-Red?) \
+The display name for the shared mailbox. This parameter is mandatory.
+
+  ## **-Domain**
+> ![Foo](https://img.shields.io/badge/Type-String-Blue?) ![Foo](https://img.shields.io/badge/Mandatory-TRUE-Red?) \
+The domain for the shared mailbox. This parameter is mandatory.
+
+  ## **-Username**
+> ![Foo](https://img.shields.io/badge/Type-String-Blue?) ![Foo](https://img.shields.io/badge/Mandatory-TRUE-Red?) \
+The username for the shared mailbox. This parameter is mandatory.
+
+  ## **-AddedAliases**
+> ![Foo](https://img.shields.io/badge/Type-Array-Blue?) ![Foo](https://img.shields.io/badge/Mandatory-FALSE-Green?) \
+An array of additional aliases to be added to the shared mailbox. This parameter is optional.
+
+ #### EXAMPLE 1
+```powershell
+PS > Add-CIPPSharedMailbox -CustomerTenantID "d6766bb9-44e0-4a4b-b8d0-3d9c4d1d15cc" -DisplayName "Support" -Domain "example.com" -Username "support"
+```
+ #### EXAMPLE 2
+```powershell
+PS > Add-CIPPSharedMailbox -CustomerTenantID "example.com" -DisplayName "Support" -Domain "example.com" -Username "support" -AddedAliases "itsupport@example.com"
+```
+ #### EXAMPLE 3
+```powershell
+PS > Add-CIPPSharedMailbox -CustomerTenantID "example.com" -DisplayName "Support" -Domain "example.com" -Username "support" -AddedAliases 'itsupport@example.com','helpdesk@example.com','sos@example.com'
+```
+

Docs/Get-CIPPPerUserMFA.md

@@ -0,0 +1,28 @@
+# Get-CIPPPerUserMFA
+## SYNOPSIS
+Retrieves the per-user Multi-Factor Authentication (MFA) status for a specified user or all users in a given customer tenant.
+## DESCRIPTION
+
+# PARAMETERS
+
+## **-CustomerTenantID**
+> ![Foo](https://img.shields.io/badge/Type-String-Blue?) ![Foo](https://img.shields.io/badge/Mandatory-TRUE-Red?) \
+The ID of the customer tenant for which to retrieve the per-user MFA status. This parameter is mandatory.
+
+  ## **-UserId**
+> ![Foo](https://img.shields.io/badge/Type-String-Blue?) ![Foo](https://img.shields.io/badge/Mandatory-FALSE-Green?) \
+The ID of the user for whom to retrieve the per-user MFA status. This parameter is optional and is ignored if the AllUsers switch is specified. Can be either the user's email address or the user's ID.
+
+  ## **-AllUsers**
+> ![Foo](https://img.shields.io/badge/Type-SwitchParameter-Blue?) ![Foo](https://img.shields.io/badge/Mandatory-FALSE-Green?) ![Foo](https://img.shields.io/badge/DefaultValue-False-Blue?color=5547a8)\
+A switch parameter that, when specified, retrieves the per-user MFA status for all users in the specified customer tenant. If this switch is specified, the UserId parameter is ignored.
+
+ #### EXAMPLE 1
+```powershell
+PS > Get-CIPPPerUserMFA -CustomerTenantID "12345" -UserId "user@example.com"
+```
+ #### EXAMPLE 2
+```powershell
+PS > Get-CIPPPerUserMFA -CustomerTenantID "12345" -AllUsers
+```
+

Example Scripts/Get-AllTenants-Role-Members.ps1

@@ -0,0 +1,70 @@
+<#
+.SYNOPSIS
+    Retrieves and exports a list of all tenants and their roles from the CIPP API.
+
+.DESCRIPTION
+    This script prompts the user for CIPP API details and a Tenant ID, then retrieves a list of tenants and their roles using the CIPPAPIModule.
+    The roles and their members are exported to a CSV file.
+
+.PARAMETER CIPPAPIUrl
+    The URL of the CIPP API.
+
+.PARAMETER CIPPClientID
+    The Client ID for the CIPP API.
+
+.PARAMETER CIPPClientSecret
+    The Client Secret for the CIPP API.
+
+.PARAMETER TenantId
+    The Tenant ID for which to retrieve roles.
+
+.OUTPUTS
+    Exports a CSV file containing the roles and their members for each tenant.
+
+.NOTES
+    The script uses the CIPPAPIModule to interact with the CIPP API.
+    The CSV file is saved in the TEMP directory with a filename in the format 'Rolesyyyy-MM-dd.csv'.
+
+.EXAMPLE
+    PS> .\Get-AllTenants-Role-Members.ps1
+    Enter the CIPP API URL: https://api.example.com
+    Enter the CIPP API Client ID: your-client-id
+    Enter the CIPP API Client Secret: your-client-secret
+    Enter the Tenant ID: your-tenant-id
+#>
+$CIPPAPIUrl = Read-Host 'Enter the CIPP API URL'
+$CIPPClientID = Read-Host 'Enter the CIPP API Client ID'
+$CIPPClientSecret = Read-Host 'Enter the CIPP API Client Secret'
+$TenantId = Read-Host 'Enter the Tenant ID'
+
+Import-Module CIPPAPIModule
+Set-CIPPAPIDetails -CIPPClientID $CIPPClientID -CIPPClientSecret $CIPPClientSecret -CIPPAPIUrl $CIPPAPIUrl -TenantID $TenantId
+
+Write-Output 'Getting List of tenants'
+$tenantsList = Get-CIPPTenants
+Write-Output 'Getting all customer roles - This can take a few minutes...'
+$GlobalAdmins = $tenantsList.defaultDomainName | ForEach-Object -Parallel {
+    Import-Module CIPPAPIModule
+    Set-CIPPAPIDetails -TenantID $using:TenantId -CIPPClientID $using:CIPPClientID -CIPPClientSecret $using:CIPPClientSecret -CIPPAPIUrl $using:CIPPAPIUrl
+    $tenant = $_
+    $Roles = Get-CIPPRoles -CustomerTenantID $tenant
+    foreach ($Role in $Roles) {
+        [PSCustomObject]@{
+            Tenant          = $tenant
+            Role            = $Role.DisplayName
+            Description     = $Role.Description
+            Members         = $Role.Members
+        }
+    }
+} -ThrottleLimit 5
+
+if ($null -eq $GlobalAdmins) {
+    exit
+}
+
+$filename = 'Roles' + (Get-Date -Format 'yyyy-MM-dd') + '.csv'
+$filepath = "$env:TEMP\$($filename)"
+
+$GlobalAdmins | Export-Csv -Path $filepath
+
+Start-Process -FilePath $filepath