[pull] dev from KelvinTegelaar:dev#102
Open
pull[bot] wants to merge 7399 commits intocovenanttechnologysolutions:devfrom
Open
[pull] dev from KelvinTegelaar:dev#102pull[bot] wants to merge 7399 commits intocovenanttechnologysolutions:devfrom
pull[bot] wants to merge 7399 commits intocovenanttechnologysolutions:devfrom
Conversation
Capture results from Add-CIPPApplicationPermission/Add-CIPPDelegatedPermission, detect and aggregate permission failures (excluding service principal creation failures), and log success/warn messages accordingly. Persist LastStatus and LastError to the CPV graph row so downstream logic knows whether the update succeeded. Also add an error log in the catch block. Update the orchestrator selection logic to use LastStatus when deciding retry interval: failed or missing statuses are retried after 1 day, successful tenants after 7 days. This makes retries for failing tenants more aggressive while avoiding unnecessary reprocessing of stable tenants.
Fix comparison object
Dev to hotfix
Include TermInfo in the Licenses object returned by Get-CippExtensionReportingData (wraps TermInfo as an array). Update Invoke-NinjaOneTenantSync to stop aggregating $Subscriptions from ExtensionCache and instead use each $License.TermInfo when matching subscription info. This preserves per-license term details and removes the now-unused $Subscriptions extraction.
Expose SKU service plan details in reporting by adding a ServicePlans property to the objects returned by Get-CIPPLicenseOverview (uses $sku.servicePlans) and mapping a servicePlans field in Get-CippExtensionReportingData (uses $_.ServicePlans). This ensures service plan information is propagated into the extension reporting output.
Update Invoke-NinjaOneTenantSync to set cippLicenseID from $License.skuId instead of $License.id. This aligns the recorded license identifier with the API's SKU field when building the cippLicenseSummary/cippLicenseUsers payload.
Guard against null or empty $UserPolicies in Invoke-NinjaOneTenantSync.ps1 when formatting Conditional Access Policies. Build the <ul> list only if policies exist and use a 'No Conditional Access Policies Assigned' fallback message otherwise, avoiding empty HTML lists.
Introduce a new PowerShell entrypoint Invoke-ExecLicenseSearch that accepts a Request and TriggerMetadata. It validates Request.Body.skuIds, searches across tenants using Search-CIPPDbData for LicenseOverview records, deduplicates results by skuId, and returns unique skuId/displayName objects in an HttpResponseContext. Handles missing input (400) and runtime errors with logging and a 500 response. Contains annotations for functionality (Entrypoint,AnyTenant) and role (CIPP.Core.Read).
Determine allowed tenants via Test-CIPPAccess and compute a TenantFilter (specific tenant domains or 'allTenants'), pass that TenantFilter into Search-CIPPDbData for Users/Groups/default branches, and update Search-CIPPDbData's TenantFilter parameter to accept string[] so multiple tenants can be supplied. This restricts search results to the caller's permitted tenants.
Add support for BitLocker recovery keys: new Search-CIPPBitlockerKeys (search + enrich with Devices/ManagedDevices), Set-CIPPDBCacheBitlockerKeys (cache keys from Graph beta), and Invoke-ExecBitlockerSearch entrypoint to expose search via HTTP with tenant filtering and limits. Also register 'BitlockerKeys' in Push-CIPPDBCacheData and Search-CIPPDbData types so BitLocker data is included in caching and DB searches.
Replace references to UserPrincipalName with UPN when selecting mailbox properties and when passing Identity to Set-Mailbox. Updated three locations: NonCompliantMailboxes selection, Set-Mailbox Parameters (Identity), and the report Filtered selection. This ensures correct property access for mailbox objects that expose UPN.
Deduplicate technicalNotificationMails array to prevent duplicate entries when SecurityContact and TechContact resolve to the same email address.
Feat: Add JIT reason to alert messages (add/remove)
Allow callers to explicitly request no types by adding 'None' to the Types ValidateSet and handling it by setting $Types to an empty array. Maintains existing 'All' behavior (expands to Permissions, CalendarPermissions, Rules) and preserves default of 'All'. This enables callers to skip processing types when desired.
Extend Set-PwPushConfig to accept FullConfiguration parameter and configure CloudFlare Zero Trust Network Access headers when both PWPush CFEnabled and CFZTNA extension are enabled. Pass CF-Access-Client-Id and CF-Access-Client-Secret headers to PassPushPosh module's internal headers. Update Get-PwPushAccount and New-PwPushLink to pass full parsed configuration. Modify PassPushPosh module to include CF headers in API requests when
The username result was returned as a plain string ("Username: foo@bar.com"),
causing the clipboard to include the "Username: " prefix. Wrap it in a
structured result object with a dedicated copyField pointing to the raw UPN,
matching the existing pattern used for the password field.
Fixes KelvinTegelaar/CIPP#5645
feat: added remaining options for Teams Global Meeting Policy standard
fix: Separate username copyField from display label
feat: add ability to edit existing User Default Templates
Add JIT group membership support and fix directory role activation
Fix: incorrect expected value type in Defender standards
chore: Add script to regenerate intuneCollection.json and also update it
…ndard Bug/autopilot profile standard
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
13 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )