Merge branch 'KelvinTegelaar:master' into master

Author: luke255

CIPPTimers.json

@@ -142,5 +142,13 @@
     "Priority": 15,
     "RunOnProcessor": true,
     "IsSystem": true
+  },
+  {
+    "Command": "Start-TableCleanup",
+    "Description": "Timer to cleanup tables",
+    "Cron": "0 0 23 * * *",
+    "Priority": 20,
+    "RunOnProcessor": true,
+    "IsSystem": true
   }
 ]

Modules/CIPPCore/Public/Add-CIPPScheduledTask.ps1

@@ -21,7 +21,7 @@ function Add-CIPPScheduledTask {
     $Parameters = [System.Collections.Hashtable]@{}
     foreach ($Key in $task.Parameters.PSObject.Properties.Name) {
         $Param = $task.Parameters.$Key
-        if ($Param -is [System.Collections.IDictionary]) {
+        if ($Param -is [System.Collections.IDictionary] -or $Param.Key) {
             $ht = @{}
             foreach ($p in $Param.GetEnumerator()) {
                 $ht[$p.Key] = $p.Value

Modules/CIPPCore/Public/AuditLogs/Get-CippAuditLogSearchResults.ps1

@@ -14,10 +14,21 @@ function Get-CippAuditLogSearchResults {
         [string]$TenantFilter,
         [Parameter(ValueFromPipelineByPropertyName = $true, Mandatory = $true)]
         [Alias('id')]
-        [string]$QueryId
+        [string]$QueryId,
+        [switch]$CountOnly
     )
 
     process {
-        New-GraphGetRequest -uri ('https://graph.microsoft.com/beta/security/auditLog/queries/{0}/records?$top=999' -f $QueryId) -AsApp $true -tenantid $TenantFilter -ErrorAction Stop
+        $GraphRequest = @{
+            Uri      = ('https://graph.microsoft.com/beta/security/auditLog/queries/{0}/records?$top=999&$count=true' -f $QueryId)
+            Method   = 'GET'
+            AsApp    = $true
+            tenantid = $TenantFilter
+        }
+        if ($CountOnly.IsPresent) {
+            $GraphRequest.CountOnly = $true
+        }
+
+        New-GraphGetRequest @GraphRequest -ErrorAction Stop
     }
 }

Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserTenant.ps1

@@ -27,7 +27,9 @@ function Push-DomainAnalyserTenant {
                 '*.excl.cloud'
                 '*.codetwo.online'
                 '*.call2teams.com'
-                '*signature365.net'
+                '*.signature365.net'
+                '*.myteamsconnect.io'
+                '*.teams.dstny.com'
             )
             $Domains = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/domains' -tenantid $Tenant.customerId | Where-Object { $_.isVerified -eq $true } | ForEach-Object {
                 $Domain = $_

Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Webhooks/Push-AuditLogTenant.ps1

@@ -32,7 +32,8 @@ function Push-AuditLogTenant {
         # Get webhook rules
         $ConfigEntries = Get-CIPPAzDataTableEntity @ConfigTable
         $LogSearchesTable = Get-CippTable -TableName 'AuditLogSearches'
-
+        Write-Information ("Audit: Memory usage before processing $([System.GC]::GetTotalMemory($false))")
+        $SearchCount = 0
         $Configuration = $ConfigEntries | Where-Object { ($_.Tenants -match $TenantFilter -or $_.Tenants -match 'AllTenants') }
         if ($Configuration) {
             try {
@@ -88,12 +89,17 @@ function Push-AuditLogTenant {
                             }
                         }
                     }
+                    $SearchCount++
+                    Write-Information "Audit: Memory usage after processing $SearchCount searches: $([System.GC]::GetTotalMemory($false))"
                 }
             } catch {
                 Write-Information ( 'Audit Log search: Error {0} line {1} - {2}' -f $_.InvocationInfo.ScriptName, $_.InvocationInfo.ScriptLineNumber, $_.Exception.Message)
             }
         }
     } catch {
         Write-Information ( 'Push-AuditLogTenant: Error {0} line {1} - {2}' -f $_.InvocationInfo.ScriptName, $_.InvocationInfo.ScriptLineNumber, $_.Exception.Message)
+    } finally {
+        Write-Information "Audit Logs: Completed processing $($TenantFilter)"
+        Write-Information "Audit Logs: Memory usage after processing $([System.GC]::GetTotalMemory($false))"
     }
 }

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecRestoreBackup.ps1

@@ -13,7 +13,7 @@ Function Invoke-ExecRestoreBackup {
     $APIName = $TriggerMetadata.FunctionName
     Write-LogMessage -user $request.headers.'x-ms-client-principal' -API $APINAME -message 'Accessed this API' -Sev 'Debug'
     try {
-        foreach ($line in ($Request.body | ConvertFrom-Json | Select-Object * -ExcludeProperty ETag)) {
+        foreach ($line in ($Request.body | ConvertFrom-Json | Select-Object * -ExcludeProperty ETag, Timestamp)) {
             Write-Host ($line)
             $Table = Get-CippTable -tablename $line.table
             $ht2 = @{}

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ExecDeviceAction.ps1

@@ -20,7 +20,19 @@ Function Invoke-ExecDeviceAction {
         if ($Request.Query.Action -eq 'setDeviceName') {
             $ActionBody = @{ deviceName = $Request.Body.input } | ConvertTo-Json -Compress
         }
-        $ActionResult = New-CIPPDeviceAction -Action $Request.Query.Action -ActionBody $ActionBody -DeviceFilter $Request.Query.GUID -TenantFilter $Request.Query.TenantFilter -ExecutingUser $request.headers.'x-ms-client-principal' -APINAME $APINAME
+        else {
+            $ActionBody = $Request.Body | ConvertTo-Json -Compress
+        }
+
+        $cmdparams = @{
+            Action = $Request.Query.Action
+            ActionBody = $ActionBody
+            DeviceFilter = $Request.Query.GUID
+            TenantFilter = $Request.Query.TenantFilter
+            ExecutingUser = $request.headers.'x-ms-client-principal'
+            APINAME = $APINAME
+        }
+        $ActionResult = New-CIPPDeviceAction @cmdparams
         $body = [pscustomobject]@{'Results' = "$ActionResult" }
 
     } catch {

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Groups/Invoke-AddGroup.ps1

@@ -68,7 +68,6 @@ Function Invoke-AddGroup {
                     }
                     $GraphRequest = New-ExoRequest -tenantid $tenant -cmdlet 'New-DistributionGroup' -cmdParams $params
                 }
-                $GraphRequest = New-ExoRequest -tenantid $tenant -cmdlet 'New-DistributionGroup' -cmdParams $params
                 # At some point add logic to use AddOwner/AddMember for New-DistributionGroup, but idk how we're going to brr that - rvdwegen
             }
             "Successfully created group $($groupobj.displayname) for $($tenant)"

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListPerUserMFA.ps1

@@ -0,0 +1,50 @@
+using namespace System.Net
+
+function Invoke-ListPerUserMFA {
+    <#
+    .FUNCTIONALITY
+        Entrypoint
+    .ROLE
+        Identity.User.Read
+    #>
+    [CmdletBinding()]
+    param($Request, $TriggerMetadata)
+
+    $APIName = $TriggerMetadata.FunctionName
+    $User = $request.headers.'x-ms-client-principal'
+    Write-LogMessage -user $User -API $APINAME -message 'Accessed this API' -Sev 'Debug'
+
+    # Write to the Azure Functions log stream.
+    Write-Host 'PowerShell HTTP trigger function processed a request.'
+
+    # Parse query parameters
+    $Tenant = $Request.query.tenantFilter
+    try {
+        $AllUsers = [System.Convert]::ToBoolean($Request.query.allUsers)
+    } catch {
+        $AllUsers = $false
+    }
+    $UserId = $Request.query.userId
+
+    # Get the MFA state for the user/all users
+    try {
+        if ($AllUsers -eq $true) {
+            $Results = Get-CIPPPerUserMFA -TenantFilter $Tenant -AllUsers $true
+        } else {
+            $Results = Get-CIPPPerUserMFA -TenantFilter $Tenant -userId $UserId
+        }
+        $StatusCode = [HttpStatusCode]::OK
+    } catch {
+        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
+        $Results = "Failed to get MFA State for $UserId : $ErrorMessage"
+        $StatusCode = [HttpStatusCode]::Forbidden
+    }
+
+    # Associate values to output bindings by calling 'Push-OutputBinding'.
+    Push-OutputBinding -Name Response -Value ([HttpResponseContext]@{
+            StatusCode = $StatusCode
+            Body       = @($Results)
+        })
+
+
+}

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/Administration/Alerts/Invoke-PublicWebhooks.ps1

@@ -65,7 +65,8 @@ function Invoke-PublicWebhooks {
             }
             Add-CIPPAzDataTableEntity @WebhookIncoming -Entity $Entity
         } else {
-            return 'Not replying to this webhook or processing it'
+            $Body = 'This webhook is not authorized.'
+            $StatusCode = [HttpStatusCode]::Forbidden
         }
         $Body = 'Webhook Recieved'
         $StatusCode = [HttpStatusCode]::OK
@@ -80,4 +81,4 @@ function Invoke-PublicWebhooks {
             StatusCode = $StatusCode
             Body       = $Body
         })
-}
+}