Merge pull request #404 from microsoft/Dev

Release 1.0.3.1723
microsoft · Mar 5, 2020 · 5dd77b8 · 5dd77b8
2 parents 69e6e88 + 57cba2c
commit 5dd77b8
Show file tree

Hide file tree

Showing 108 changed files with 140,824 additions and 6,890 deletions.
diff --git a/.gitignore b/.gitignore
@@ -8,4 +8,8 @@ Modules/Office365Dsc/DscResource.Tests
 Modules/Office365Dsc/DscResource.Tests/*
 node_modules
 node_modules/*
-markdownissues.txt
+markdownissues.txt
+start-unittests.ps1
+TestDSCresource.ps1
+Modules/Office365DSC/DSCResources/MSFT_EXOMalwareFilterPolicy/Set-MalwareFilterPolicy.txt
+
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,21 @@
 # Change log for Office365Dsc
 
+## UNRELEASED
+
+* EXOHostedOutboundSpamFilterPolicy
+  * BREAKING CHANGE: Remove IsSingleInstance and added
+    Identity as key;
+* SPOSite
+  * Refactor to use PnP and expose updated parameters;
+* TeamsGuestMessagingConfiguration
+  * Added value NoRestriction for GiphyRatingValues;
+* Metadata
+  * Removed dependencyon MSOnline;
+  * Updated MSCloudLoginAssistant dependency to 1.0.2;
+  * Updated SharePointPnPPowerShellOnline dependency to 3.18.2002.0;
+  * Updated Microsoft.PowerApps.Administration.PowerShell
+    dependency to 2.0.42;
+
 ## 1.0.2.1583
 
 * EXOAcceptedDomain

diff --git a/Modules/Office365DSC/DSCResources/MSFT_EXOAcceptedDomain/MSFT_EXOAcceptedDomain.psm1 b/Modules/Office365DSC/DSCResources/MSFT_EXOAcceptedDomain/MSFT_EXOAcceptedDomain.psm1
@@ -10,7 +10,7 @@ function Get-TargetResource
         $Identity,
 
         [Parameter()]
-        [ValidateSet('Authoritative')]
+        [ValidateSet('Authoritative','InternalRelay')]
         [System.String]
         $DomainType = 'Authoritative',
 
@@ -45,8 +45,10 @@ function Get-TargetResource
     Test-MSCloudLogin -O365Credential $GlobalAdminAccount `
         -Platform ExchangeOnline
 
+    Write-Verbose -Message 'Getting all Accepted Domain'
     $AllAcceptedDomains = Get-AcceptedDomain
 
+    Write-Verbose -Message 'Filtering Accepted Domain list by Identity'
     $AcceptedDomain = $AllAcceptedDomains | Where-Object -FilterScript { $_.Identity -eq $Identity }
 
     if ($null -eq $AcceptedDomain)
@@ -118,7 +120,7 @@ function Set-TargetResource
         $Identity,
 
         [Parameter()]
-        [ValidateSet('Authoritative')]
+        [ValidateSet('Authoritative','InternalRelay')]
         [System.String]
         $DomainType = 'Authoritative',
 
@@ -177,7 +179,7 @@ function Test-TargetResource
         $Identity,
 
         [Parameter()]
-        [ValidateSet('Authoritative')]
+        [ValidateSet('Authoritative','InternalRelay')]
         [System.String]
         $DomainType = 'Authoritative',
 

diff --git a/Modules/Office365DSC/DSCResources/MSFT_EXOAcceptedDomain/MSFT_EXOAcceptedDomain.schema.mof b/Modules/Office365DSC/DSCResources/MSFT_EXOAcceptedDomain/MSFT_EXOAcceptedDomain.schema.mof
@@ -3,7 +3,7 @@ class MSFT_EXOAcceptedDomain : OMI_BaseResource
 {
     [Key, Description("Specify the Fully Qualified Domain Name for the AcceptedDomain.")] String Identity;
     [Write, Description("Specify if the AcceptedDomain should exist or not."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure;
-    [Write, Description("The type of AcceptedDomain.  Currently the EXOAcceptedDomain DSC Resource only accepts a value of 'Authoritative'."), ValueMap{"Authoritative"}, Values{"Authoritative"}] String DomainType;
+    [Write, Description("The type of AcceptedDomain.  Currently the EXOAcceptedDomain DSC Resource accepts a value of 'Authoritative' and 'InternalRelay'."), ValueMap{"Authoritative","InternalRelay"}, Values{"Authoritative","InternalRelay"}] String DomainType;
     [Write, Description("The MatchSubDomains parameter must be false on Authoritative domains. The default value is false.")] Boolean MatchSubDomains;
     [Write, Description("The OutboundOnly must be false on Authoritative domains. The default value is false.")] Boolean OutboundOnly;
     [Required, Description("Credentials of the Exchange Global Admin"), EmbeddedInstance("MSFT_Credential")] string GlobalAdminAccount;

diff --git a/Modules/Office365DSC/DSCResources/MSFT_EXOAcceptedDomain/readme.md b/Modules/Office365DSC/DSCResources/MSFT_EXOAcceptedDomain/readme.md
@@ -16,7 +16,6 @@ DomainType
 
 - Required: No (Defaults to 'Authoritative')
 - Description: The DomainType parameter specifies the accepted domain type.
-  The EXOAcceptedDomain DSC Resource only accepts a value of 'Authoritative'
 
 GlobalAdminAccount
 

diff --git a/...C/DSCResources/MSFT_EXOActiveSyncDeviceAccessRule/MSFT_EXOActiveSyncDeviceAccessRule.psm1 b/...C/DSCResources/MSFT_EXOActiveSyncDeviceAccessRule/MSFT_EXOActiveSyncDeviceAccessRule.psm1
@@ -0,0 +1,266 @@
+function Get-TargetResource
+{
+    [CmdletBinding()]
+    [OutputType([System.Collections.Hashtable])]
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [System.String]
+        $Identity,
+
+        [Parameter()]
+        [ValidateSet('Allow', 'Block', 'Quarantine')]
+        [System.String]
+        $AccessLevel,
+
+        [Parameter()]
+        [ValidateSet('DeviceModel', 'DeviceType', 'DeviceOS', 'UserAgent', 'XMSWLHeader')]
+        [System.String]
+        $Characteristic,
+
+        [Parameter()]
+        [System.String]
+        $QueryString,
+
+        [Parameter()]
+        [ValidateSet('Present', 'Absent')]
+        [System.String]
+        $Ensure = 'Present',
+
+        [Parameter(Mandatory = $true)]
+        [System.Management.Automation.PSCredential]
+        $GlobalAdminAccount
+    )
+
+    Write-Verbose -Message "Getting Active Sync Device Access Rule configuration for $Identity"
+    #region Telemetry
+    $data = [System.Collections.Generic.Dictionary[[String], [String]]]::new()
+    $data.Add("Resource", $MyInvocation.MyCommand.ModuleName)
+    $data.Add("Method", $MyInvocation.MyCommand)
+    Add-O365DSCTelemetryEvent -Data $data
+    #endregion
+
+    Test-MSCloudLogin -O365Credential $GlobalAdminAccount `
+        -Platform ExchangeOnline
+
+    $AllActiveSyncDeviceAccessRules = Get-ActiveSyncDeviceAccessRule
+
+    $ActiveSyncDeviceAccessRule = $AllActiveSyncDeviceAccessRules | Where-Object -FilterScript { $_.Identity -eq $Identity }
+
+    if ($null -eq $ActiveSyncDeviceAccessRule)
+    {
+        Write-Verbose -Message "Active Sync Device Access Rule $($Identity) does not exist."
+
+        $nullReturn = @{
+            Identity           = $Identity
+            AccessLevel        = $AccessLevel
+            Characteristic     = $Characteristic
+            QueryString        = $QueryString
+            Ensure             = 'Absent'
+            GlobalAdminAccount = $GlobalAdminAccount
+        }
+
+        return $nullReturn
+    }
+    else
+    {
+        $result = @{
+            Identity           = $ActiveSyncDeviceAccessRule.Identity
+            AccessLevel        = $ActiveSyncDeviceAccessRule.AccessLevel
+            Characteristic     = $ActiveSyncDeviceAccessRule.Characteristic
+            QueryString        = $ActiveSyncDeviceAccessRule.QueryString
+            Ensure             = 'Present'
+            GlobalAdminAccount = $GlobalAdminAccount
+        }
+
+        Write-Verbose -Message "Found Active Sync Device Access Rule $($Identity)"
+        return $result
+    }
+}
+
+function Set-TargetResource
+{
+    [CmdletBinding()]
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [System.String]
+        $Identity,
+
+        [Parameter()]
+        [ValidateSet('Allow', 'Block', 'Quarantine')]
+        [System.String]
+        $AccessLevel,
+
+        [Parameter()]
+        [ValidateSet('DeviceModel', 'DeviceType', 'DeviceOS', 'UserAgent', 'XMSWLHeader')]
+        [System.String]
+        $Characteristic,
+
+        [Parameter()]
+        [System.String]
+        $QueryString,
+
+        [Parameter()]
+        [ValidateSet('Present', 'Absent')]
+        [System.String]
+        $Ensure = 'Present',
+
+        [Parameter(Mandatory = $true)]
+        [System.Management.Automation.PSCredential]
+        $GlobalAdminAccount
+    )
+
+    Write-Verbose -Message "Setting Active Sync Device Access Rule configuration for $Identity"
+
+    $currentActiveSyncDeviceAccessRuleConfig = Get-TargetResource @PSBoundParameters
+
+    #region Telemetry
+    $data = [System.Collections.Generic.Dictionary[[String], [String]]]::new()
+    $data.Add("Resource", $MyInvocation.MyCommand.ModuleName)
+    $data.Add("Method", $MyInvocation.MyCommand)
+    Add-O365DSCTelemetryEvent -Data $data
+    #endregion
+
+    Test-MSCloudLogin -O365Credential $GlobalAdminAccount `
+        -Platform ExchangeOnline
+
+    $NewActiveSyncDeviceAccessRuleParams = @{
+        AccessLevel    = $AccessLevel
+        Characteristic = $Characteristic
+        QueryString    = $QueryString
+        Confirm        = $false
+    }
+
+    $SetActiveSyncDeviceAccessRuleParams = @{
+        Identity       = $Identity
+        AccessLevel    = $AccessLevel
+        Characteristic = $Characteristic
+        QueryString    = $QueryString
+        Confirm        = $false
+    }
+
+    # CASE: Active Sync Device Access Rule doesn't exist but should;
+    if ($Ensure -eq "Present" -and $currentActiveSyncDeviceAccessRuleConfig.Ensure -eq "Absent")
+    {
+        Write-Verbose -Message "Active Sync Device Access Rule '$($Identity)' does not exist but it should. Create and configure it."
+        # Create Active Sync Device Access Rule
+        New-ActiveSyncDeviceAccessRule @NewActiveSyncDeviceAccessRuleParams
+
+    }
+    # CASE: Active Sync Device Access Rule exists but it shouldn't;
+    elseif ($Ensure -eq "Absent" -and $currentActiveSyncDeviceAccessRuleConfig.Ensure -eq "Present")
+    {
+        Write-Verbose -Message "Active Sync Device Access Rule '$($Identity)' exists but it shouldn't. Remove it."
+        Remove-ActiveSyncDeviceAccessRule -Identity $Identity -Confirm:$false
+    }
+    # CASE: Active Sync Device Access Rule exists and it should, but has different values than the desired ones
+    elseif ($Ensure -eq "Present" -and $currentActiveSyncDeviceAccessRuleConfig.Ensure -eq "Present")
+    {
+        Write-Verbose -Message "Active Sync Device Access Rule '$($Identity)' already exists, but needs updating."
+        Write-Verbose -Message "Setting Active Sync Device Access Rule $($Identity) with values: $(Convert-O365DscHashtableToString -Hashtable $SetActiveSyncDeviceAccessRuleParams)"
+        Set-ActiveSyncDeviceAccessRule @SetActiveSyncDeviceAccessRuleParams
+    }
+}
+
+function Test-TargetResource
+{
+    [CmdletBinding()]
+    [OutputType([System.Boolean])]
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [System.String]
+        $Identity,
+
+        [Parameter()]
+        [ValidateSet('Allow', 'Block', 'Quarantine')]
+        [System.String]
+        $AccessLevel,
+
+        [Parameter()]
+        [ValidateSet('DeviceModel', 'DeviceType', 'DeviceOS', 'UserAgent', 'XMSWLHeader')]
+        [System.String]
+        $Characteristic,
+
+        [Parameter()]
+        [System.String]
+        $QueryString,
+
+        [Parameter()]
+        [ValidateSet('Present', 'Absent')]
+        [System.String]
+        $Ensure = 'Present',
+
+        [Parameter(Mandatory = $true)]
+        [System.Management.Automation.PSCredential]
+        $GlobalAdminAccount
+    )
+
+    Write-Verbose -Message "Testing Active Sync Device Access Rule configuration for $Identity"
+
+    $CurrentValues = Get-TargetResource @PSBoundParameters
+
+    Write-Verbose -Message "Current Values: $(Convert-O365DscHashtableToString -Hashtable $CurrentValues)"
+    Write-Verbose -Message "Target Values: $(Convert-O365DscHashtableToString -Hashtable $PSBoundParameters)"
+
+    $ValuesToCheck = $PSBoundParameters
+    $ValuesToCheck.Remove('GlobalAdminAccount') | Out-Null
+
+    $TestResult = Test-Office365DSCParameterState -CurrentValues $CurrentValues `
+        -Source $($MyInvocation.MyCommand.Source) `
+        -DesiredValues $PSBoundParameters `
+        -ValuesToCheck $ValuesToCheck.Keys
+
+    Write-Verbose -Message "Test-TargetResource returned $TestResult"
+
+    return $TestResult
+}
+
+function Export-TargetResource
+{
+    [CmdletBinding()]
+    [OutputType([System.String])]
+    param
+    (
+        [Parameter(Mandatory = $true)]
+        [System.Management.Automation.PSCredential]
+        $GlobalAdminAccount
+    )
+    $InformationPreference = 'Continue'
+    #region Telemetry
+    $data = [System.Collections.Generic.Dictionary[[String], [String]]]::new()
+    $data.Add("Resource", $MyInvocation.MyCommand.ModuleName)
+    $data.Add("Method", $MyInvocation.MyCommand)
+    Add-O365DSCTelemetryEvent -Data $data
+    #endregion
+    Test-MSCloudLogin -O365Credential $GlobalAdminAccount `
+        -Platform ExchangeOnline
+
+    [array]$AllActiveSyncDeviceAccessRules = Get-ActiveSyncDeviceAccessRule
+
+    $dscContent = ""
+    $i = 1
+    foreach ($ActiveSyncDeviceAccessRule in $AllActiveSyncDeviceAccessRules)
+    {
+        Write-Information "    [$i/$($AllActiveSyncDeviceAccessRules.Count)] $($ActiveSyncDeviceAccessRule.Identity)"
+
+        $Params = @{
+            Identity           = $ActiveSyncDeviceAccessRule.Identity
+            GlobalAdminAccount = $GlobalAdminAccount
+        }
+        $result = Get-TargetResource @Params
+        $result.GlobalAdminAccount = Resolve-Credentials -UserName "globaladmin"
+        $content = "        EXOActiveSyncDeviceAccessRule " + (New-GUID).ToString() + "`r`n"
+        $content += "        {`r`n"
+        $currentDSCBlock = Get-DSCBlock -Params $result -ModulePath $PSScriptRoot
+        $content += Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "GlobalAdminAccount"
+        $content += "        }`r`n"
+        $dscContent += $content
+        $i++
+    }
+    return $dscContent
+}
+
+Export-ModuleMember -Function *-TargetResource
+
diff --git a/...esources/MSFT_EXOActiveSyncDeviceAccessRule/MSFT_EXOActiveSyncDeviceAccessRule.schema.mof b/...esources/MSFT_EXOActiveSyncDeviceAccessRule/MSFT_EXOActiveSyncDeviceAccessRule.schema.mof
@@ -0,0 +1,10 @@
+[ClassVersion("1.0.0.0"), FriendlyName("EXOActiveSyncDeviceAccessRule")]
+class MSFT_EXOActiveSyncDeviceAccessRule : OMI_BaseResource
+{
+    [Key, Description("The Identity parameter specifies the identity of the device access rule.")] String Identity;
+    [Write, Description("The AccessLevel parameter specifies whether the devices are allowed, blocked or quarantined."), ValueMap{"Allow","Block","Quarantine"}, Values{"Allow","Block","Quarantine"}] String AccessLevel;
+    [Write, Description("The Characteristic parameter specifies the device characteristic or category that's used by the rule."), ValueMap{"DeviceModel","DeviceType","DeviceOS","UserAgent","XMSWLHeader"}, Values{"DeviceModel","DeviceType","DeviceOS","UserAgent","XMSWLHeader"}] String Characteristic;
+    [Write, Description("The QueryString parameter specifies the device identifier that's used by the rule. This parameter uses a text value that's used with Characteristic parameter value to define the device.")] String QueryString;
+    [Write, Description("Specify if the Active Sync Device Access Rule should exist or not."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure;
+    [Required, Description("Credentials of the Exchange Global Admin"), EmbeddedInstance("MSFT_Credential")] string GlobalAdminAccount;
+};
diff --git a/Modules/Office365DSC/DSCResources/MSFT_EXOActiveSyncDeviceAccessRule/readme.md b/Modules/Office365DSC/DSCResources/MSFT_EXOActiveSyncDeviceAccessRule/readme.md
@@ -0,0 +1,5 @@
+# EXOActiveSyncDeviceAccessRule
+
+## Description
+
+This resource configures Active Sync Device Access Rules in Exchange Online.