CIPPAPIModule.psm1
#Region './private/Connect-CIPP.ps1' -1 <# .SYNOPSIS Connects to the CIPP API using the provided credentials. .DESCRIPTION The Connect-CIPP function establishes a connection to the CIPP API by obtaining an access token using the client credentials flow. It requires the CIPP API URL, client ID, client secret, and tenant ID as input parameters. .PARAMETER CIPPAPIUrl The URL of the CIPP API. .PARAMETER CIPPClientID The client ID used to authenticate with the CIPP API. .PARAMETER CIPPClientSecret The client secret used to authenticate with the CIPP API. .PARAMETER TenantID The ID of the tenant associated with the CIPP API. .EXAMPLE Connect-CIPP -CIPPAPIUrl "https://api.cipp.com" -CIPPClientID "12345678-1234-1234-1234-1234567890ab" -CIPPClientSecret "MyClientSecret" -TenantID "98765432-4321-4321-4321-0987654321ba" Connects to the CIPP API using the specified credentials. #> function Connect-CIPP { [CmdletBinding()] Param( [string]$CIPPAPIUrl, [string]$CIPPClientID, [string]$CIPPClientSecret, [string]$TenantID ) $Script:AuthBody = @{ client_id = $script:CIPPClientID client_secret = $script:CIPPClientSecret scope = "api://$($script:CIPPClientID)/.default" grant_type = 'client_credentials' } $token = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$script:TenantId/oauth2/v2.0/token" -Method POST -Body $AuthBody $script:AuthHeader = @{ Authorization = "Bearer $($token.access_token)" } $script:TokenAcquiredTime = Get-Date $script:ExpiresIn = $token.expires_in } #EndRegion './private/Connect-CIPP.ps1' 47 #Region './private/Get-TokenExpiry.ps1' -1 <# .SYNOPSIS Calculates the expiry date and time for a token. .DESCRIPTION The Get-TokenExpiry function calculates the expiry date and time for a token based on the token's expiration time in seconds. .PARAMETER ExpiresIn Specifies the expiration time of the token in seconds. If not provided, the function uses the default expiration time stored in the $script:ExpiresIn variable. .OUTPUTS System.DateTime The calculated expiry date and time for the token. .EXAMPLE Get-TokenExpiry -ExpiresIn 3600 Calculates the expiry date and time for a token that expires in 3600 seconds (1 hour). #> function Get-TokenExpiry { [CmdletBinding()] [OutputType([DateTime])] param ( [Parameter(Mandatory = $false)] [int64]$ExpiresIn = $script:ExpiresIn ) if ($script:ExpiresIn -eq $null) { return } else { $Script:ExpiryDateTime = $script:TokenAcquiredTime.AddSeconds($script:ExpiresIn) Write-Verbose "Calculated token expiry as $Script:ExpiryDateTime" } } #EndRegion './private/Get-TokenExpiry.ps1' 35 #Region './private/Invoke-CIPPPreFlightCheck.ps1' -1 <# .SYNOPSIS Invokes the pre-flight check before connecting to the CIPP API. .DESCRIPTION This function performs a pre-flight check before connecting to the CIPP API. It checks if the required CIPP API information is available and if the token has expired. If the information is not found or the token has expired, it connects to the CIPP API using the provided credentials. .PARAMETER None This function does not accept any parameters. .EXAMPLE Invoke-CIPPPreFlightCheck #> function Invoke-CIPPPreFlightCheck { [CmdletBinding()] param () if ($null -eq $Script:CIPPClientID -or $null -eq $Script:CIPPClientSecret -or $null -eq $Script:CIPPAPIUrl -or $null -eq $Script:TenantID) { throw "Cannot continue: CIPP API information not found. Please run Set-CIPPAPIDetails before connecting to the API." break } Get-TokenExpiry if ((-not $Script:ExpiryDateTime) -or ($script:ExpiryDateTime -lt (Get-Date))) { write-Verbose "Token expired or not found. Connecting to CIPP" $request = @{ CIPPClientID = $script:CIPPClientID CIPPClientSecret = $script:CIPPClientSecret CIPPAPIUrl = $script:CIPPAPIUrl TenantID = $TenantID } Connect-CIPP @request } } #EndRegion './private/Invoke-CIPPPreFlightCheck.ps1' 38 #Region './public/CIPP/Core/Get-CIPPAccessCheck.ps1' -1 <# .SYNOPSIS Performs a tenant access check for the specified customer tenant ID. .DESCRIPTION The Get-CIPPAccessCheck function performs a tenant access check for the specified customer tenant ID. It sends a POST request to the "/api/execaccesschecks" endpoint with the provided tenant ID. .PARAMETER CustomerTenantID Specifies the customer tenant ID for which the access check needs to be performed. .EXAMPLE Get-CIPPAccessCheck -CustomerTenantID "87654321-4321-4321-4321-0987654321BA" Runs a tenant access check for the customer tenant ID "87654321-4321-4321-4321-0987654321BA". #> function Get-CIPPAccessCheck { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string[]]$CustomerTenantID ) Write-Verbose "Running tenant access check for $CustomerTenantID" $Endpoint = "/api/execaccesschecks" $params = @{ tenants = "true" } $body = @{ tenantid = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Body $body -Params $params -Method POST } #EndRegion './public/CIPP/Core/Get-CIPPAccessCheck.ps1' 34 #Region './public/CIPP/Core/Get-CIPPExecAPIPermissionsList.ps1' -1 <# .SYNOPSIS Retrieves the list of CIPP execution API permissions. .DESCRIPTION The Get-CIPPExecAPIPermissionsList function retrieves the list of CIPP execution API permissions by making a REST API call to the specified endpoint. .PARAMETER None This function does not accept any parameters. .EXAMPLE Get-CIPPExecAPIPermissionsList Retrieves the list of CIPP execution API permissions. #> function Get-CIPPExecAPIPermissionsList { [CmdletBinding()] Param() Write-Verbose "Getting CIPP Logs" $endpoint = "/api/ExecAPIPermissionList" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion './public/CIPP/Core/Get-CIPPExecAPIPermissionsList.ps1' 27 #Region './public/CIPP/Core/Get-CIPPKnownIPDB.ps1' -1 <# .SYNOPSIS Retrieves the Known IP Database for a specific customer tenant. .DESCRIPTION The Get-CIPPKnownIPDB function retrieves the Known IP Database for a specific customer tenant by making a REST API call to the "/api/listknownipdb" endpoint. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which to retrieve the Known IP Database. .EXAMPLE Get-CIPPKnownIPDB -CustomerTenantID "12345678" Retrieves the Known IP Database for the customer tenant with ID "12345678". .INPUTS None. .OUTPUTS System.Object .NOTES This function requires the Invoke-CIPPRestMethod function to be available. .LINK Invoke-CIPPRestMethod #> function Get-CIPPKnownIPDB { [CmdletBinding()] Param( [Parameter(Mandatory = $false)] [string]$CustomerTenantID ) Write-Verbose "Getting Known IP Database for $CustomerTenantID" $endpoint = "/api/listknownipdb" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/CIPP/Core/Get-CIPPKnownIPDB.ps1' 41 #Region './public/CIPP/Core/Get-CIPPLogs.ps1' -1 <# .SYNOPSIS Retrieves CIPP logs from the API. .DESCRIPTION The Get-CIPPLogs function retrieves logs from the CIPP API by invoking the "/api/ListLogs" endpoint. .PARAMETER None This function does not accept any parameters. .EXAMPLE Get-CIPPLogs Retrieves CIPP logs from the API. #> function Get-CIPPLogs { [CmdletBinding()] Param() Write-Verbose "Getting CIPP Logs" $endpoint = "/api/ListLogs" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion './public/CIPP/Core/Get-CIPPLogs.ps1' 26 #Region './public/CIPP/Core/Get-CIPPPublicPhishingCheck.ps1' -1 <# .SYNOPSIS Retrieves public phishing check for a specific customer tenant. .DESCRIPTION The Get-CIPPPublicPhishingCheck function retrieves the public phishing check for a specific customer tenant. It makes an API call to the "/api/publicphishingcheck" endpoint with the provided tenant ID. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve the public phishing check. .EXAMPLE Get-CIPPPublicPhishingCheck -CustomerTenantID "87654321-4321-4321-4321-0987654321BA" Retrieves the public phishing check for the customer tenant with the ID "87654321-4321-4321-4321-0987654321BA". #> function Get-CIPPPublicPhishingCheck { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting public phishing check $CustomerTenantID" $endpoint = "/api/publicphishingcheck" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/CIPP/Core/Get-CIPPPublicPhishingCheck.ps1' 30 #Region './public/CIPP/Core/Set-CIPPExecCPVPerms.ps1' -1 <# .SYNOPSIS Sets the CPV (Customer Provided Values) permissions for a specific customer tenant. .DESCRIPTION The Set-CIPPExecCPVPerms function is used to refresh the CPV permissions for a specified customer tenant. It calls the Invoke-CIPPRestMethod function internally to make the REST API call. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which the CPV permissions need to be refreshed. This parameter is mandatory. .PARAMETER resetsp Specifies whether to reset the Stored Procedure (SP) associated with the CPV permissions. The valid values are "true" and "false". This parameter is optional and defaults to "false". .EXAMPLE Set-CIPPExecCPVPerms -CustomerTenantID "12345678-1234-1234-1234-1234567890AB" -resetsp "true" Refreshes the CPV permissions for the customer tenant with the ID "12345678-1234-1234-1234-1234567890AB" and resets the associated Stored Procedure. .EXAMPLE Set-CIPPExecCPVPerms -CustomerTenantID "87654321-4321-4321-4321-0987654321BA" Refreshes the CPV permissions for the customer tenant with the ID "87654321-4321-4321-4321-0987654321BA" without resetting the associated Stored Procedure. #> function Set-CIPPExecCPVPerms { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [guid]$CustomerTenantID, [Parameter(Mandatory = $false)] [ValidateSet( "true", "false" )] [string]$resetsp = "false" ) Write-Verbose "Refreshing CPV for $CustomerTenantID" $endpoint = "/api/execcpvpermissions" $params = @{ tenantfilter = $CustomerTenantID ResetSP = $resetsp } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/CIPP/Core/Set-CIPPExecCPVPerms.ps1' 43 #Region './public/CIPP/Settings/Get-CIPPVersion.ps1' -1 <# .SYNOPSIS Retrieves the version of the CIPP application. .DESCRIPTION The Get-CIPPVersion function retrieves the version of the CIPP application by making a REST API call to the "/api/Getversion" endpoint. .PARAMETER None This function does not accept any parameters. .EXAMPLE Get-CIPPVersion Retrieves the version of the CIPP application. #> function Get-CIPPVersion { [CmdletBinding()] Param() Write-Verbose "Getting CIPP Version" $endpoint = "/api/Getversion" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion './public/CIPP/Settings/Get-CIPPVersion.ps1' 25 #Region './public/Email-Exchange/Add-CIPPContact.ps1' -1 <# .SYNOPSIS Adds a contact to a customer's tenant. .DESCRIPTION The Add-CIPPContact function adds a contact to a customer's tenant using the CIPP API. It requires the customer's tenant ID, display name, external email address, first name, and last name as mandatory parameters. .PARAMETER CustomerTenantID The ID of the customer's tenant. .PARAMETER DisplayName The display name of the contact. .PARAMETER ExternalEmailAddress The external email address of the contact. .PARAMETER FirstName The first name of the contact. .PARAMETER LastName The last name of the contact. .EXAMPLE Add-CIPPContact -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -DisplayName "John Doe" -ExternalEmailAddress "john.doe@example.com" -FirstName "John" -LastName "Doe" Adds a contact with the specified details to the customer's tenant. #> function Add-CIPPContact { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$DisplayName, [Parameter(Mandatory = $true)] [string]$ExternalEmailAddress, [Parameter(Mandatory = $true)] [string]$FirstName, [Parameter(Mandatory = $true)] [string]$LastName ) Write-Verbose "Adding Contact in tenant: $CustomerTenantID" $Endpoint = "/api/addcontact" $body = @{ tenantid = $CustomerTenantID displayName = $DisplayName email = $ExternalEmailAddress FirstName = $FirstName LastName = $LastName } Invoke-CIPPRestMethod -Endpoint $Endpoint -Body $body -Method POST } #EndRegion './public/Email-Exchange/Add-CIPPContact.ps1' 55 #Region './public/Email-Exchange/Get-CIPPCalendarPerms.ps1' -1 <# .SYNOPSIS Retrieves calendar permissions for a user in a specified customer tenant. .DESCRIPTION The Get-CIPPCalendarPerms function retrieves the calendar permissions for a user in a specified customer tenant using the CIPP API. It sends a request to the "/api/listcalendarpermissions" endpoint with the provided customer tenant ID and user ID. .PARAMETER CustomerTenantID The ID of the customer tenant. .PARAMETER UserID The ID of the user. .EXAMPLE Get-CIPPCalendarPerms -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "john.doe@example.com" Retrieves the calendar permissions for the user "john.doe@example.com" in the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPCalendarPerms { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user calendar permissions for user: $UserID" $Endpoint = "/api/listcalendarpermissions" $Params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion './public/Email-Exchange/Get-CIPPCalendarPerms.ps1' 37 #Region './public/Email-Exchange/Get-CIPPContacts.ps1' -1 <# .SYNOPSIS Retrieves contact details for a specific contact or all contacts for a given tenant. .DESCRIPTION The Get-CIPPContacts function retrieves contact details for a specific contact or all contacts for a given tenant in the CIPP system. It makes use of the Invoke-CIPPRestMethod function to send a request to the CIPP API. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which to retrieve the contacts. This parameter is mandatory. .PARAMETER ContactID Specifies the ID of the contact to retrieve details for. If not provided, details for all contacts in the specified tenant will be retrieved. This parameter is optional. .EXAMPLE Get-CIPPContacts -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -ContactID "65be49bb-85cb-4d92-9e34-9e855d0c830c" Retrieves contact details for the contact with ID "65be49bb-85cb-4d92-9e34-9e855d0c830c" in the tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPContacts -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves contact details for all contacts in the tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPContacts { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [GUID]$ContactID ) if ($ContactID) { Write-Verbose "Getting Contact details for Contact: $ContactID" } else { Write-Verbose "Getting all Contacts for tenant $CustomerTenantID" } $endpoint = "/api/listcontacts" $params = @{ tenantfilter = $CustomerTenantID contactid = $ContactID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPContacts.ps1' 45 #Region './public/Email-Exchange/Get-CIPPEnabledSharedMailboxes.ps1' -1 <# .SYNOPSIS Retrieves shared mailboxes with account enabled for a specific customer tenant ID. .DESCRIPTION The Get-CIPPEnabledSharedMailboxes function retrieves shared mailboxes with account enabled for a specific customer tenant ID. It makes use of the Invoke-CIPPRestMethod function to send a request to the CIPP API and retrieve the shared mailboxes. .PARAMETER CustomerTenantID Specifies the customer tenant ID for which to retrieve the shared mailboxes. .EXAMPLE Get-CIPPEnabledSharedMailboxes -CustomerTenantID "contoso.onmicrosoft.com" Retrieves shared mailboxes with account enabled for the "contoso.onmicrosoft.com" customer tenant ID. #> function Get-CIPPEnabledSharedMailboxes { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting shared mailboxes with account enabled for $CustomerTenantID" $endpoint = "/api/listsharedmailboxaccountenabled" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPEnabledSharedMailboxes.ps1' 30 #Region './public/Email-Exchange/Get-CIPPExchangeConnectors.ps1' -1 <# .SYNOPSIS Retrieves Exchange Connectors for a specific customer. .DESCRIPTION The Get-CIPPExchangeConnectors function retrieves Exchange Connectors for a specific customer based on the provided CustomerTenantID. .PARAMETER CustomerTenantID Specifies the unique identifier of the customer's tenant. .EXAMPLE Get-CIPPExchangeConnectors -CustomerTenantID "Get-CIPPEnabledSharedMailboxes" Retrieves the Exchange Connectors for the customer with the tenant ID "Get-CIPPEnabledSharedMailboxes". #> function Get-CIPPExchangeConnectors { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Exchange Connectors for customer: $CustomerTenantID" $endpoint = "/api/listexchangeconnectors" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPExchangeConnectors.ps1' 31 #Region './public/Email-Exchange/Get-CIPPExchangeConnectorTemplates.ps1' -1 <# .SYNOPSIS Retrieves the Exchange Connector Templates. .DESCRIPTION The Get-CIPPExchangeConnectorTemplates function retrieves the Exchange Connector Templates by making a REST API call to the specified endpoint. .PARAMETER None This function does not accept any parameters. .EXAMPLE Get-CIPPExchangeConnectorTemplates This example demonstrates how to use the Get-CIPPExchangeConnectorTemplates function to retrieve the Exchange Connector Templates. #> function Get-CIPPExchangeConnectorTemplates { [CmdletBinding()] Param() Write-Verbose "Getting Exchange Connectors Templates" $endpoint = "/api/listexconnectortemplates" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion './public/Email-Exchange/Get-CIPPExchangeConnectorTemplates.ps1' 26 #Region './public/Email-Exchange/Get-CIPPMailboxes.ps1' -1 <# .SYNOPSIS Retrieves a list of mailboxes for a specific customer tenant. .DESCRIPTION The Get-CIPPMailboxes function retrieves a list of mailboxes for a specific customer tenant by making a REST API call to the "/api/ListMailboxes" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve the mailbox list. .EXAMPLE Get-CIPPMailboxes -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the mailbox list for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPMailboxes { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Mailbox List for $CustomerTenantID" $endpoint = "/api/ListMailboxes" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPMailboxes.ps1' 30 #Region './public/Email-Exchange/Get-CIPPMailboxMobileDevices.ps1' -1 <# .SYNOPSIS Retrieves the mobile devices associated with a mailbox. .DESCRIPTION The Get-CIPPMailboxMobileDevices function retrieves the mobile devices associated with a mailbox in the CIPP system. It makes use of the Invoke-CIPPRestMethod function to send a request to the CIPP API and retrieve the mobile devices. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant. .PARAMETER Mailbox Specifies the mailbox for which to retrieve the mobile devices. .EXAMPLE Get-CIPPMailboxMobileDevices -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -Mailbox "user@example.com" Retrieves the mobile devices associated with the mailbox "user@example.com" in the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPMailboxMobileDevices { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$Mailbox ) Write-Verbose "Getting mailbox mobile devices for $Mailbox" $endpoint = "/api/listmailboxmobiledevices" $params = @{ tenantfilter = $CustomerTenantID mailbox = $Mailbox } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPMailboxMobileDevices.ps1' 36 #Region './public/Email-Exchange/Get-CIPPMailboxPermissions.ps1' -1 <# .SYNOPSIS Retrieves mailbox permissions for a specified customer tenant and user ID. .DESCRIPTION The Get-CIPPMailboxPermissions function retrieves mailbox permissions for a specified customer tenant and user ID. It makes an API call to the "/api/listmailboxpermissions" endpoint with the provided parameters. .PARAMETER CustomerTenantID The ID of the customer tenant for which mailbox permissions are to be retrieved. This parameter is mandatory. .PARAMETER UserID The ID of the user for which mailbox permissions are to be retrieved. This parameter is mandatory. .EXAMPLE Get-CIPPMailboxPermissions -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "user1@domain.com" This example retrieves mailbox permissions for the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" and the user with ID "user1@domain.com". #> function Get-CIPPMailboxPermissions { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting mailbox permissions for $CustomerTenantID" $endpoint = "/api/listmailboxpermissions" $params = @{ tenantfilter = $CustomerTenantID userid = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPMailboxPermissions.ps1' 38 #Region './public/Email-Exchange/Get-CIPPMailboxRestores.ps1' -1 <# .SYNOPSIS Retrieves mailbox restores for a specified customer tenant. .DESCRIPTION The Get-CIPPMailboxRestores function retrieves mailbox restores for a specified customer tenant in the CIPP project. It uses the Invoke-CIPPRestMethod function to make a REST API call to the "/api/listmailboxrestores" endpoint. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which mailbox restores should be retrieved. This parameter is mandatory. .PARAMETER Identity Specifies the identity of the mailbox for which restores should be retrieved. This parameter is optional. .PARAMETER Includereport Indicates whether to include the restore report in the results. This parameter is optional. .PARAMETER Statistics Indicates whether to include statistics about the restores in the results. This parameter is optional. .EXAMPLE Get-CIPPMailboxRestores -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -Identity "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" -Includereport -Statistics Retrieves mailbox restores for the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" and includes the restore report and statistics in the results. #> function Get-CIPPMailboxRestores { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [string]$Identity, [Parameter(Mandatory = $false)] [switch]$Includereport, [Parameter(Mandatory = $false)] [switch]$Statistics ) Write-Verbose "Getting mailbox restores for $CustomerTenantID" $endpoint = "/api/listmailboxrestores" $params = @{ tenantfilter = $CustomerTenantID identity = $Identity } if ($Includereport) { $params.IncludeReport = "true" } if ($Statistics) { $params.Statistics = "true" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPMailboxRestores.ps1' 55 #Region './public/Email-Exchange/Get-CIPPMailboxRules.ps1' -1 <# .SYNOPSIS Retrieves mailbox rules for a specified customer tenant ID. .DESCRIPTION The Get-CIPPMailboxRules function retrieves mailbox rules for a specified customer tenant ID by making a REST API call to the "/api/listmailboxrules" endpoint. .PARAMETER CustomerTenantID The customer tenant ID for which to retrieve mailbox rules. .EXAMPLE Get-CIPPMailboxRules -CustomerTenantID "contoso.onmicrosoft.com" This example retrieves mailbox rules for the customer tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPMailboxRules { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting mailbox rules for $CustomerTenantID" $endpoint = "/api/listmailboxrules" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPMailboxRules.ps1' 31 #Region './public/Email-Exchange/Get-CIPPMailboxStatistics.ps1' -1 <# .SYNOPSIS Retrieves mailbox statistics for a specified customer tenant ID. .DESCRIPTION The Get-CIPPMailboxStatistics function retrieves mailbox statistics for a specified customer tenant ID by making a REST API call to the "/api/listmailboxstatistics" endpoint. .PARAMETER CustomerTenantID Specifies the customer tenant ID for which mailbox statistics need to be retrieved. .EXAMPLE Get-CIPPMailboxStatistics -CustomerTenantID "contoso.onmicrosoft.com" Retrieves mailbox statistics for the customer tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPMailboxStatistics { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting mailbox statistics for $CustomerTenantID" $endpoint = "/api/listmailboxstatistics" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPMailboxStatistics.ps1' 30 #Region './public/Email-Exchange/Get-CIPPMailQuarantine.ps1' -1 <# .SYNOPSIS Retrieves the mail quarantine for a specific customer tenant. .DESCRIPTION The Get-CIPPMailQuarantine function retrieves the mail quarantine for a specific customer tenant by making a REST API call to the "/api/listmailquarantine" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve the mail quarantine. .EXAMPLE Get-CIPPMailQuarantine -CustomerTenantID "contoso.onmicrosoft.com" Retrieves the mail quarantine for the customer tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPMailQuarantine { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting mail quarantine for $CustomerTenantID" $endpoint = "/api/listmailquarantine" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPMailQuarantine.ps1' 30 #Region './public/Email-Exchange/Get-CIPPMessageTrace.ps1' -1 <# .SYNOPSIS Retrieves the message trace for a specific customer tenant ID. .DESCRIPTION The Get-CIPPMessageTrace function retrieves the message trace for a specific customer tenant ID within a specified number of days. It can also filter the results based on the sender and recipient email addresses. .PARAMETER CustomerTenantID Specifies the customer tenant ID for which the message trace needs to be retrieved. This parameter is mandatory. .PARAMETER Days Specifies the number of days within which the message trace needs to be retrieved. This parameter is mandatory. .PARAMETER Sender Specifies the sender email address to filter the message trace results. This parameter is optional. .PARAMETER Recipient Specifies the recipient email address to filter the message trace results. This parameter is optional. .EXAMPLE Get-CIPPMessageTrace -CustomerTenantID "contoso.onmicrosoft.com" -Days 7 Retrieves the message trace for the customer tenant ID "contoso.onmicrosoft.com" within the last 7 days. .EXAMPLE Get-CIPPMessageTrace -CustomerTenantID "contoso.onmicrosoft.com" -Days 30 -Sender "john.doe@contoso.com" Retrieves the message trace for the customer tenant ID "contoso.onmicrosoft.com" within the last 30 days, filtering the results to include only messages sent by "john.doe@contoso.com". .EXAMPLE Get-CIPPMessageTrace -CustomerTenantID "contoso.onmicrosoft.com" -Days 14 -Recipient "jane.smith@contoso.com" Retrieves the message trace for the customer tenant ID "contoso.onmicrosoft.com" within the last 14 days, filtering the results to include only messages received by "jane.smith@contoso.com". #> function Get-CIPPMessageTrace { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$Days, [Parameter(Mandatory = $false)] [string]$Sender, [Parameter(Mandatory = $false)] [string]$Recipient ) Write-Verbose "Getting message trace for $CustomerTenantID" $endpoint = "/api/listmessagetrace" $params = @{ tenantfilter = $CustomerTenantID days = $Days sender = $Sender recipient = $Recipient } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPMessageTrace.ps1' 58 #Region './public/Email-Exchange/Get-CIPPOutOfOffice.ps1' -1 <# .SYNOPSIS Retrieves the out of office status for a specified user. .DESCRIPTION The Get-CIPPOutOfOffice function retrieves the out of office status for a specified user in a customer's tenant. .PARAMETER CustomerTenantID Specifies the ID of the customer's tenant. .PARAMETER UserID Specifies the ID of the user. .EXAMPLE Get-CIPPOutOfOffice -CustomerTenantID "contoso.onmicrosoft.com" -UserID "john.doe@domain.com" Retrieves the out of office status for the user with the ID "john.doe@domain.com" in the customer's tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPOutOfOffice { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting out of office for $UserID" $endpoint = "/api/listooo" $params = @{ tenantfilter = $CustomerTenantID userid = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPOutOfOffice.ps1' 36 #Region './public/Email-Exchange/Get-CIPPPhishPolicies.ps1' -1 <# .SYNOPSIS Retrieves the phishing policies for a specific customer tenant. .DESCRIPTION The Get-CIPPPhishPolicies function retrieves the phishing policies for a specific customer tenant by making a REST API call to the "/api/listphishpolicies" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve the phishing policies. .EXAMPLE Get-CIPPPhishPolicies -CustomerTenantID "contoso.onmicrosoft.com" Retrieves the phishing policies for the customer tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPPhishPolicies { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Phish Policies for $CustomerTenantID" $endpoint = "/api/listphishpolicies" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPPhishPolicies.ps1' 30 #Region './public/Email-Exchange/Get-CIPPRecipients.ps1' -1 <# .SYNOPSIS Retrieves recipients for a specified customer tenant ID. .DESCRIPTION The Get-CIPPRecipients function retrieves recipients for a specified customer tenant ID by making a REST API call to the "/api/listrecipients" endpoint. .PARAMETER CustomerTenantID Specifies the customer tenant ID for which to retrieve recipients. .EXAMPLE Get-CIPPRecipients -CustomerTenantID "contoso.onmicrosoft.com" Retrieves recipients for the customer tenant ID "contoso.onmicrosoft.com". #> function Get-CIPPRecipients { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting recipients for $CustomerTenantID" $endpoint = "/api/listrecipients" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPRecipients.ps1' 30 #Region './public/Email-Exchange/Get-CIPPSpamFilter.ps1' -1 <# .SYNOPSIS Retrieves the spam filter settings for a specified customer tenant ID. .DESCRIPTION The Get-CIPPSpamFilter function retrieves the spam filter settings for a specified customer tenant ID using the CIPP API. It sends a request to the "/api/listspamfilter" endpoint with the provided tenant ID as a filter parameter. .PARAMETER CustomerTenantID The customer tenant ID for which to retrieve the spam filter settings. This parameter is mandatory. .EXAMPLE Get-CIPPSpamFilter -CustomerTenantID "contoso.onmicrosoft.com" Retrieves the spam filter settings for the customer tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPSpamFilter { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting spam filter settings for $CustomerTenantID" $endpoint = "/api/listspamfilter" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPSpamFilter.ps1' 30 #Region './public/Email-Exchange/Get-CIPPSpamFilterTemplates.ps1' -1 <# .SYNOPSIS Retrieves spam filter templates from the CIPP API. .DESCRIPTION The Get-CIPPSpamFilterTemplates function retrieves spam filter templates from the CIPP API. It makes a REST API call to the "/api/listspamfiltertemplates" endpoint and returns the templates. .PARAMETER TemplateID Specifies the ID of the template to retrieve. This parameter is optional. .EXAMPLE Get-CIPPSpamFilterTemplates -TemplateID "12345" Retrieves the spam filter template with the ID "12345" from the CIPP API. #> function Get-CIPPSpamFilterTemplates { [CmdletBinding()] Param( [Parameter(Mandatory = $false)] [string]$TemplateID ) Write-Verbose "Getting spam filter templates" $endpoint = "/api/listspamfiltertemplates" $params = @{ id = $TemplateID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPSpamFilterTemplates.ps1' 30 #Region './public/Email-Exchange/Get-CIPPTransportRules.ps1' -1 <# .SYNOPSIS Retrieves transport rules for a specified customer tenant ID. .DESCRIPTION The Get-CIPPTransportRules function retrieves transport rules for a specified customer tenant ID using the CIPP API. .PARAMETER CustomerTenantID The unique identifier of the customer tenant for which to retrieve the transport rules. .EXAMPLE Get-CIPPTransportRules -CustomerTenantID "contoso.onmicrosoft.com" Retrieves the transport rules for the customer tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPTransportRules { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting transport rules for $CustomerTenantID" $endpoint = "/api/listtransportrulestemplates" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPTransportRules.ps1' 30 #Region './public/Email-Exchange/Get-CIPPUserMailboxDetails.ps1' -1 <# .SYNOPSIS Retrieves the mailbox details for a specific user in the CIPP system. .DESCRIPTION The Get-CIPPUserMailboxDetails function retrieves the mailbox details for a specific user in the CIPP system. It makes an API call to the "/api/listusermailboxdetails" endpoint, passing the customer tenant ID and user ID as parameters. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve the mailbox details. .PARAMETER UserID The ID of the user for which to retrieve the mailbox details. .EXAMPLE Get-CIPPUserMailboxDetails -CustomerTenantID "contoso.onmicrosoft.com" -UserID "user@domain.com" Retrieves the mailbox details for the user with ID "user@domain.com" in the customer tenant with ID "contoso.onmicrosoft.com". #> function Get-CIPPUserMailboxDetails { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user Mailbox Details for $userID" $endpoint = "/api/listusermailboxdetails" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPUserMailboxDetails.ps1' 38 #Region './public/Email-Exchange/Get-CIPPUserMailboxRules.ps1' -1 <# .SYNOPSIS Retrieves the mailbox rules for a specific user in the CIPP system. .DESCRIPTION The Get-CIPPUserMailboxRules function retrieves the mailbox rules for a specific user in the CIPP system. It makes an API call to the "/api/listusermailboxrules" endpoint, passing the customer tenant ID and user ID as parameters. .PARAMETER CustomerTenantID The ID of the customer tenant. .PARAMETER UserID The ID of the user. .EXAMPLE Get-CIPPUserMailboxRules -CustomerTenantID "contoso.onmicrosoft.com" -UserID "user@domain.com" Retrieves the mailbox rules for the user with the ID "user@domain.com" in the customer tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPUserMailboxRules { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user Mailbox Rules for $userID" $endpoint = "/api/listusermailboxrules" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Get-CIPPUserMailboxRules.ps1' 38 #Region './public/Email-Exchange/Set-CIPPCalendarPermissions.ps1' -1 <# .SYNOPSIS Sets calendar permissions for a user in a customer's tenant. .DESCRIPTION The Set-CIPPCalendarPermissions function is used to edit calendar permissions for a specified user in a customer's tenant. It allows you to set different levels of permissions for the user on the calendar folder. .PARAMETER CustomerTenantID Specifies the ID of the customer's tenant. .PARAMETER Permissions Specifies the level of permissions to be set for the user on the calendar folder. Valid values are: - Author - Contributor - Editor - Owner - Non Editing Author - Publishing Author - Publishing Editor - Reviewer - LimitedDetails - AvailabilityOnly .PARAMETER Userid Specifies the ID of the user for whom the calendar permissions are being set. .PARAMETER RemoveAccess Specifies whether to remove the user's access to the calendar folder. This parameter is optional. .PARAMETER usertogetpermissions Specifies the ID of the user for whom you are giving permission to. This parameter is optional. .PARAMETER FolderName Specifies the name of the calendar folder. The default value is "Calendar". .EXAMPLE Set-CIPPCalendarPermissions -CustomerTenantID "contoso.onmicrosoft.com" -Permissions "Editor" -Userid "user@example.com" This example sets the calendar permissions for the user with the ID "user@example.com" in the customer's tenant with the ID "contoso.onmicrosoft.com" to "Editor" level. #> function Set-CIPPCalendarPermissions { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [ValidateSet( "Author", "Contributor", "Editor", "Owner", "Non Editing Author", "Publishing Author", "Publishing Editor", "Reviewer", "LimitedDetails", "AvailabilityOnly" )] [string]$Permissions, [Parameter(Mandatory = $true)] [string]$Userid, [Parameter(Mandatory = $false)] [string]$RemoveAccess, [Parameter(Mandatory = $false)] [string]$usertogetpermissions, [Parameter(Mandatory = $false)] [string]$FolderName = "Calendar" ) Write-Verbose "Editing calendar permissions for $Userid" $endpoint = "/api/execeditcalendarpermissions" $params = @{ TenantFilter = $CustomerTenantID permissions = $Permissions userid = $Userid removeaccess = $RemoveAccess usertogetpermissions = $usertogetpermissions FolderName = $FolderName } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Set-CIPPCalendarPermissions.ps1' 86 #Region './public/Email-Exchange/Set-CIPPConvertMailbox.ps1' -1 <# .SYNOPSIS Converts a mailbox to a shared mailbox or user mailbox in the CIPP system. .DESCRIPTION The Set-CIPPConvertMailbox function is used to convert a mailbox in the CIPP system to either a shared mailbox or a user mailbox. It sends a request to the CIPP API to perform the conversion. .PARAMETER CustomerTenantID The ID of the customer tenant where the mailbox belongs. .PARAMETER UserID The ID of the user whose mailbox needs to be converted. .PARAMETER ConvertToUserMailbox Specifies whether the mailbox should be converted to a user mailbox. If this switch is provided, the mailbox will be converted to a user mailbox. If not provided, the mailbox will be converted to a shared mailbox. .EXAMPLE Set-CIPPConvertMailbox -CustomerTenantID "contoso.onmicrosoft.com" -UserID "user@domain.com" -ConvertToUserMailbox Converts the mailbox of user "user1" in the customer tenant "contoso.onmicrosoft.com" to a user mailbox. .EXAMPLE Set-CIPPConvertMailbox -CustomerTenantID "contoso.onmicrosoft.com" -UserID "user@domain.com" Converts the mailbox of user "user@domain.com" in the customer tenant "contoso.onmicrosoft.com" to a shared mailbox. #> function Set-CIPPConvertMailbox { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID, [Parameter(Mandatory = $false)] [switch]$ConvertToUserMailbox ) Write-Verbose "Converting Mailbox $userID" $endpoint = "/api/execconverttosharedmailbox" $params = @{ tenantfilter = $CustomerTenantID id = $UserID ConvertToUser = if ($ConvertToUserMailbox) { "true" } else { "false" } } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Set-CIPPConvertMailbox.ps1' 48 #Region './public/Email-Exchange/Set-CIPPCopyToSent.ps1' -1 <# .SYNOPSIS Sets the option to copy sent items to a shared mailbox for a specific user. .DESCRIPTION The Set-CIPPCopyToSent function sets the option to copy sent items to a shared mailbox for a specific user in the CIPP system. .PARAMETER CustomerTenantID Specifies the ID of the customer's tenant. .PARAMETER UserID Specifies the ID of the user. .PARAMETER MessageCopyForSentAsEnabled Specifies whether to enable or disable the option to copy sent items for the user. Valid values are "true" or "false". The default value is "true". .EXAMPLE Set-CIPPCopyToSent -CustomerTenantID "contoso.onmicrosoft.com" -UserID "john.doe@domain.com" -MessageCopyForSentAsEnabled "true" This example sets the option to copy sent items to a shared mailbox for the user "john.doe@domain.com" in the customer's tenant with ID "contoso.onmicrosoft.com". #> function Set-CIPPCopyToSent { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID, [Parameter(Mandatory = $false)] [ValidateSet( "true", "false" )] [string]$MessageCopyForSentAsEnabled = "true" ) Write-Verbose "Copy Sent Items to Shared Mailbox for $userID $MessageCopyForSentAsEnabled" $endpoint = "/api/execcopyforsent" $params = @{ tenantfilter = $CustomerTenantID id = $UserID MessageCopyForSentAsEnabled = $MessageCopyForSentAsEnabled } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Set-CIPPCopyToSent.ps1' 50 #Region './public/Email-Exchange/Set-CIPPEnableArchive.ps1' -1 <# .SYNOPSIS Enables email archiving for a specified user in the CIPP system. .DESCRIPTION The Set-CIPPEnableArchive function enables email archiving for a specified user in the CIPP system. It sends a request to the CIPP API to enable email archiving for the user identified by the provided CustomerTenantID and UserID. .PARAMETER CustomerTenantID The unique identifier of the customer tenant. .PARAMETER UserID The unique identifier of the user. .EXAMPLE Set-CIPPEnableArchive -CustomerTenantID "contoso.onmicrosoft.com" -UserID "user@domain.com" Enables email archiving for the user with the CustomerTenantID "contoso.onmicrosoft.com" and UserID "user@domain.com". #> function Set-CIPPEnableArchive { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Enabling Email Archive for $userID" $endpoint = "/api/execenablearchive" $params = @{ tenantfilter = $CustomerTenantID id = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Set-CIPPEnableArchive.ps1' 40 #Region './public/Email-Exchange/Set-CIPPExchConnector.ps1' -1 <# .SYNOPSIS Sets the state and type of an Exchange Connector for a specific customer tenant. .DESCRIPTION The Set-CIPPExchConnector function is used to edit the state and type of an Exchange Connector for a specific customer tenant. It sends a REST API request to update the connector settings. .PARAMETER CustomerTenantID The ID of the customer tenant for which the Exchange Connector needs to be edited. .PARAMETER State The state of the Exchange Connector. Valid values are "Enable" and "Disabled". .PARAMETER Guid The GUID of the Exchange Connector. .PARAMETER Type The type of the Exchange Connector. .EXAMPLE Set-CIPPExchConnector -CustomerTenantID "contoso.onmicrosoft.com" -State "Enable" -Guid "abcdefg" -Type "Inbound" This example sets the state of the Exchange Connector for the customer tenant with ID "contoso.onmicrosoft.com" to "Enable", using the GUID "abcdefg" and the type "Inbound". #> function Set-CIPPExchConnector { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory)] [ValidateSet("Enable", "Disabled")] [string]$State, [Parameter(Mandatory = $true)] [guid]$Guid, [Parameter(Mandatory = $true)] [string]$Type ) Write-Verbose "Editing Exchange Connector for tenant $CustomerTenantID" $endpoint = "/api/editexconnector" $params = @{ TenantFilter = $CustomerTenantID state = $State GUID = $Guid Type = $Type } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Set-CIPPExchConnector.ps1' 52 #Region './public/Email-Exchange/Set-CIPPHideFromGAL.ps1' -1 <# .SYNOPSIS Sets the "hide from Global Address List (GAL)" property for a user in a customer's tenant. .DESCRIPTION The Set-CIPPHideFromGAL function is used to set the "hide from GAL" property for a specified user in a customer's tenant. This property determines whether the user's email address is visible in the Global Address List (GAL) or not. .PARAMETER CustomerTenantID Specifies the ID of the customer's tenant. .PARAMETER UserID Specifies the ID of the user for whom the "hide from GAL" property needs to be set. .PARAMETER hidefromgal Specifies whether the user's email address should be hidden from the GAL or not. Valid values are 'true' and 'false'. .EXAMPLE Set-CIPPHideFromGAL -CustomerTenantID "contoso.onmicrosoft.com" -UserID "user1@example.com" -hidefromgal "true" Sets the "hide from GAL" property to true for the user with the email address "user1@example.com" in the customer's tenant with ID "contoso.onmicrosoft.com". .EXAMPLE Set-CIPPHideFromGAL -CustomerTenantID "contoso.onmicrosoft.com" -UserID "user2@example.com" -hidefromgal "false" Sets the "hide from GAL" property to false for the user with the email address "user2@example.com" in the customer's tenant with ID "contoso.onmicrosoft.com". #> function Set-CIPPHideFromGAL { param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID, [Parameter(Mandatory = $true)] [validateset( 'true', 'false' )] [string]$hidefromgal ) Write-Verbose "Setting hide from GAL to $hidefromgal for $UserID" $endpoint = "/api/exechidefromgal" $params = @{ tenantfilter = $CustomerTenantID id = $UserID hidefromgal = $hidefromgal } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Set-CIPPHideFromGAL.ps1' 51 #Region './public/Email-Exchange/Set-CIPPMailboxMobileDevices.ps1' -1 <# .SYNOPSIS Edits the mobile device settings for a specified user in a customer's tenant. .DESCRIPTION The Set-CIPPMailboxMobileDevices function allows you to edit the mobile device settings for a specified user in a customer's tenant. You can set the device ID, user ID, quarantine status, delete status, and device GUID. .PARAMETER CustomerTenantID Specifies the ID of the customer's tenant. .PARAMETER DeviceID Specifies the ID of the mobile device. .PARAMETER UserID Specifies the ID of the user. .PARAMETER Quarantine Specifies whether the mobile device should be quarantined. Valid values are "true" or "False". .PARAMETER Delete Specifies whether the mobile device should be deleted. Valid values are "true" or "False". The default value is "False". .PARAMETER DeviceGUID Specifies the GUID of the mobile device. .EXAMPLE Set-CIPPMailboxMobileDevices -CustomerTenantID "contoso.onmicrosoft.com" -DeviceID "ABCD1234" -UserID "user1@domain.com" -Quarantine "true" This example sets the mobile device with the ID "ABCD1234" for the user "user1@domain.com" in the customer's tenant with the ID "contoso.onmicrosoft.com" to be quarantined. .EXAMPLE Set-CIPPMailboxMobileDevices -CustomerTenantID "contoso.onmicrosoft.com" -UserID "user1@domain.com" -Delete "true" -DeviceGUID "EFGH5678" This example deletes the mobile device with the GUID "EFGH5678" for the user "user1@domain.com" in the customer's tenant with the ID "contoso.onmicrosoft.com". #> function Set-CIPPMailboxMobileDevices { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [string]$DeviceID, [Parameter(Mandatory = $true)] [string]$UserID, [Parameter(Mandatory = $false)] [ValidateSet("true", "False")] [string]$Quarantine, [Parameter(Mandatory = $false)] [ValidateSet("true", "False")] [string]$Delete = "False", [Parameter(Mandatory = $false)] [guid]$DeviceGUID ) Write-Verbose "Editing Mobile Device for $UserID" $endpoint = "/api/execmailboxmobiledevices" if ($Quarantine) { $params = @{ tenantfilter = $CustomerTenantID DeviceID = $DeviceID Userid = $UserID Quarantine = $Quarantine } } else { $params = @{ tenantfilter = $CustomerTenantID Userid = $UserID Delete = $Delete GUID = $DeviceGUID } } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Set-CIPPMailboxMobileDevices.ps1' 77 #Region './public/Email-Exchange/Set-CIPPMailboxPermissions.ps1' -1 <# .SYNOPSIS Sets mailbox permissions for a user in the CIPP system. .DESCRIPTION The Set-CIPPMailboxPermissions function is used to edit mailbox permissions for a specified user in the CIPP system. It allows you to add or remove full access, send as, and send on behalf permissions for the user's mailbox. .PARAMETER CustomerTenantID The ID of the customer's tenant in the CIPP system. .PARAMETER Userid The ID of the user whose mailbox permissions need to be edited. .PARAMETER RemoveFullAccess An optional array of mailboxes from which to remove full access permissions for the user. .PARAMETER AddFullAccessAutoMap An optional array of mailboxes to which to add full access permissions with automapping enabled for the user. .PARAMETER AddFullAccessNoAutoMap An optional array of mailboxes to which to add full access permissions with automapping disabled for the user. .PARAMETER AddSendAs An optional array of mailboxes to which to add send as permissions for the user. .PARAMETER RemoveSendAs An optional array of mailboxes from which to remove send as permissions for the user. .PARAMETER AddSendOnBehalf An optional array of mailboxes to which to add send on behalf permissions for the user. .PARAMETER RemoveSendOnBehalf An optional array of mailboxes from which to remove send on behalf permissions for the user. .EXAMPLE Set-CIPPMailboxPermissions -CustomerTenantID "contoso.onmicrosoft.com" -Userid "john.doe@example.com" -AddFullAccessAutoMap "mailbox1@example.com", "mailbox2@example.com" -AddSendAs "mailbox3@example.com" This example sets mailbox permissions for the user "john.doe@example.com" in the CIPP system. It adds full access permissions with automapping enabled to "mailbox1@example.com" and "mailbox2@example.com", and adds send as permissions to "mailbox3@example.com". #> function Set-CIPPMailboxPermissions { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$Userid, [Parameter(Mandatory = $false)] [array]$RemoveFullAccess = @(), [Parameter(Mandatory = $false)] [array]$AddFullAccessAutoMap = @(), [Parameter(Mandatory = $false)] [array]$AddFullAccessNoAutoMap = @(), [Parameter(Mandatory = $false)] [array]$AddSendAs = @(), [Parameter(Mandatory = $false)] [array]$RemoveSendAs = @(), [Parameter(Mandatory = $false)] [array]$AddSendOnBehalf = @(), [Parameter(Mandatory = $false)] [array]$RemoveSendOnBehalf = @() ) function ConvertTo-FormattedArray { param ( [array]$inputArray, [string]$labelPrefix ) $formattedArray = @() foreach ($item in $inputArray) { $formattedArray += @{ value = $item label = "$labelPrefix - $item" } } return $formattedArray } Write-Verbose "Editing Mailbox permissions for $Userid" $endpoint = "/api/execeditmailboxpermissions" $body = @{ TenantFilter = $CustomerTenantID UserID = $Userid RemoveFullAccess = (ConvertTo-FormattedArray -inputArray $RemoveFullAccess -labelPrefix "Remove Full Access") AddFullAccess = (ConvertTo-FormattedArray -inputArray $AddFullAccessAutoMap -labelPrefix "Add Full Access AutoMap") AddFullAccessNoAutoMap = (ConvertTo-FormattedArray -inputArray $AddFullAccessNoAutoMap -labelPrefix "Add Full Access No AutoMap") AddSendAs = (ConvertTo-FormattedArray -inputArray $AddSendAs -labelPrefix "Add Send As") RemoveSendAs = (ConvertTo-FormattedArray -inputArray $RemoveSendAs -labelPrefix "Remove Send As") AddSendOnBehalf = (ConvertTo-FormattedArray -inputArray $AddSendOnBehalf -labelPrefix "Add Send On Behalf") RemoveSendOnBehalf = (ConvertTo-FormattedArray -inputArray $RemoveSendOnBehalf -labelPrefix "Remove Send On Behalf") } Invoke-CIPPRestMethod -Endpoint $endpoint -body $body -Method 'POST' } #EndRegion './public/Email-Exchange/Set-CIPPMailboxPermissions.ps1' 97 #Region './public/Email-Exchange/Set-CIPPOOO.ps1' -1 <# .SYNOPSIS Sets the out of office settings for a user. .DESCRIPTION The Set-CIPPOOO function is used to set the out of office settings for a user in a customer's Exchange environment. It allows you to specify the customer tenant ID, user, auto reply state, external message, internal message, start time, and end time for the out of office settings. .PARAMETER CustomerTenantID The ID of the customer's tenant. .PARAMETER User The user for whom the out of office settings should be set. .PARAMETER autoreplystate The auto reply state. Valid values are 'Scheduled', 'Disabled', or 'Enabled'. .PARAMETER externalmessage The external message to be sent as an auto reply. .PARAMETER internalmessage The internal message to be sent as an auto reply. .PARAMETER endtime The end time for the out of office settings. This parameter is mandatory when autoreplystate is 'Scheduled'. .PARAMETER starttime The start time for the out of office settings. This parameter is mandatory when autoreplystate is 'Scheduled'. .EXAMPLE Set-CIPPOOO -CustomerTenantID "contoso.onmicrosoft.com" -User "john.doe@contoso.onmicrosoft.com" -autoreplystate "Disabled" Sets the out of office settings for the user "john.doe@contoso.onmicrosoft.com" in the customer's tenant with ID "contoso.onmicrosoft.com". The auto reply state is set to "Disable" .EXAMPLE Set-CIPPOOO -CustomerTenantID "contoso.onmicrosoft.com" -User "john.doe@contoso.onmicrosoft.com" -autoreplystate "Enabled" Sets the out of office settings for the user "john.doe@contoso.onmicrosoft.com" in the customer's tenant with ID "contoso.onmicrosoft.com". The auto reply state is set to "Enabled" .EXAMPLE Set-CIPPOOO -CustomerTenantID "contoso.onmicrosoft.com" -User "john.doe@contoso.onmicrosoft.com" -autoreplystate "Enabled" -externalmessage "I'm currently out of office." -internalmessage "I'm currently out of office." -starttime 2024-06-21 14:00" -endtime "2024-06-21 14:30"" Sets the out of office settings for the user "john.doe@contoso.onmicrosoft.com" in the customer's tenant with ID "@contoso.onmicrosoft.com". The auto reply state is set to "Enabled" and the external and internal messages are set to "I'm currently out of office.". The out of office settings are scheduled to start on "2024-06-21 14:00" and end on "2024-06-21 14:30". #> function Set-CIPPOOO { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$User, [Parameter(Mandatory = $true)] [ValidateSet( 'Scheduled', 'Disabled', 'Enabled' )] [string]$autoreplystate, [Parameter(Mandatory = $false)] [string]$externalmessage, [Parameter(Mandatory = $false)] [string]$internalmessage, [Parameter(Mandatory = $false)] [datetime]$endtime, [Parameter(Mandatory = $false)] [datetime]$starttime ) Write-Verbose "Setting out of office for $User to $autoreplystate" if ($autoreplystate -eq 'Scheduled') { if (-not $PSBoundParameters.ContainsKey('starttime')) { throw "Start time is mandatory when autoreplystate is 'Scheduled'." } if (-not $PSBoundParameters.ContainsKey('endtime')) { throw "End time is mandatory when autoreplystate is 'Scheduled'." } } $endpoint = "/api/execsetooo" $body = @{ TenantFilter = $CustomerTenantID User = $User AutoReplyState = $autoreplystate externalmessage = $externalmessage internalmessage = $internalmessage endtime = $endtime starttime = $starttime input = $Input } Invoke-CIPPRestMethod -Endpoint $endpoint -body $body -Method 'POST' } #EndRegion './public/Email-Exchange/Set-CIPPOOO.ps1' 92 #Region './public/Email-Exchange/Set-CIPPQuarantineManagement.ps1' -1 <# .SYNOPSIS Manages quarantine for a specific customer tenant ID. .DESCRIPTION The Set-CIPPQuarantineManagement function is used to manage quarantine for a specific customer tenant ID. It allows you to set various parameters such as the ID, AllowSender, and Type. .PARAMETER CustomerTenantID Specifies the customer tenant ID for which the quarantine management is performed. This parameter is mandatory. .PARAMETER ID Specifies the ID of the quarantine management. This parameter is mandatory. .PARAMETER AllowSender Specifies whether to allow the sender. Valid values are 'true' or 'false'. This parameter is optional. .PARAMETER Type Specifies the type of quarantine management. Valid values are 'Deny' or 'Release'. This parameter is mandatory. .EXAMPLE Set-CIPPQuarantineManagement -CustomerTenantID "contoso.onmicrosoft.com" -ID "67890" -AllowSender "true" -Type "Deny" This example sets the quarantine management for the customer tenant ID "contoso.onmicrosoft.com" with the ID "67890". It allows the sender and sets the type to "Deny". #> function Set-CIPPQuarantineManagement { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$ID, [Parameter(Mandatory = $false)] [ValidateSet( 'true', 'false' )] [string]$AllowSender, [Parameter(Mandatory = $true)] [ValidateSet( 'Deny', 'Release' )] [string]$Type ) Write-Verbose "Managing Quarantine for $CustomerTenantID" $endpoint = "/api/execquarantinemanagement" $params = @{ tenantfilter = $CustomerTenantID id = $ID allowSender = $AllowSender type = $Type } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Set-CIPPQuarantineManagement.ps1' 58 #Region './public/Email-Exchange/Set-CIPPSpamFilter.ps1' -1 <# .SYNOPSIS Sets the state of a spam filter for a customer's tenant. .DESCRIPTION The Set-CIPPSpamFilter function is used to edit the state of a spam filter for a customer's tenant. It takes the customer's tenant ID, a unique identifier (optional), the name of the spam filter, and the desired state (Enable or Disable) as parameters. .PARAMETER CustomerTenantID The ID of the customer's tenant. .PARAMETER Guid A unique identifier for the spam filter. This parameter is optional. .PARAMETER Name The name of the spam filter. .PARAMETER State The desired state of the spam filter. Valid values are "Enable" or "Disable". .EXAMPLE Set-CIPPSpamFilter -CustomerTenantID "contoso.onmicrosoft.com" -Name "SpamFilter1" -State "Enable" Sets the state of the spam filter named "SpamFilter1" to "Enable" for the customer's tenant with ID "contoso.onmicrosoft.com". .EXAMPLE Set-CIPPSpamFilter -CustomerTenantID "contoso.onmicrosoft.com" -Guid "abcdefg" -Name "SpamFilter2" -State "Disable" Sets the state of the spam filter named "SpamFilter2" to "Disable" for the customer's tenant with ID "contoso.onmicrosoft.com" using the unique identifier "abcdefg". #> function Set-CIPPSpamFilter { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [guid]$Guid, [Parameter(Mandatory = $true)] [string]$Name, [Parameter(Mandatory = $true)] [ValidateSet("Enable", "Disable")] [string]$State ) Write-Verbose "Editing Spam Filter" $endpoint = "/api/editspamfilter" $params = @{ tenantfilter = $CustomerTenantID guid = $Guid name = $Name state = $State } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Set-CIPPSpamFilter.ps1' 54 #Region './public/Email-Exchange/Set-CIPPTransportRule.ps1' -1 <# .SYNOPSIS Sets the state of a transport rule for a specific customer tenant. .DESCRIPTION The Set-CIPPTransportRule function is used to set the state of a transport rule for a specific customer tenant in the CIPP API. .PARAMETER CustomerTenantID The ID of the customer tenant for which the transport rule needs to be edited. .PARAMETER State The state to set for the transport rule. Valid values are "Enable" and "Disable". .PARAMETER Guid The GUID of the transport rule to be edited. .EXAMPLE Set-CIPPTransportRule -CustomerTenantID "contoso.onmicrosoft.com" -State "Enable" -Guid "abcdefg" Sets the state of the transport rule with the GUID "abcdefg" to "Enable" for the customer tenant with ID "contoso.onmicrosoft.com". .EXAMPLE Set-CIPPTransportRule -CustomerTenantID "contoso.onmicrosoft.com" -State "Disable" -Guid "hijklmn" Sets the state of the transport rule with the GUID "hijklmn" to "Disable" for the customer tenant with ID "contoso.onmicrosoft.com". #> function Set-CIPPTransportRule { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory)] [ValidateSet("Enable", "Disable")] [string]$State, [Parameter(Mandatory = $true)] [guid]$Guid ) Write-Verbose "Editing transport rule for tenant $CustomerTenantID" $endpoint = "/api/edittransportrule" $params = @{ TenantFilter = $CustomerTenantID state = $State GUID = $Guid } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Email-Exchange/Set-CIPPTransportRule.ps1' 49 #Region './public/Endpoint/Applications/Get-CIPPApps.ps1' -1 <# .SYNOPSIS Retrieves a list of apps for a specific customer tenant ID. .DESCRIPTION The Get-CIPPApps function retrieves a list of apps for a specific customer tenant ID by making a REST API call to the "/api/listapps" endpoint. .PARAMETER CustomerTenantID Specifies the customer tenant ID for which to retrieve the apps. .EXAMPLE Get-CIPPApps -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves a list of apps for the customer tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPApps { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Apps for $CustomerTenantID" $Endpoint = "/api/listapps" $Params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion './public/Endpoint/Applications/Get-CIPPApps.ps1' 32 #Region './public/Endpoint/Autopilot/Get-CIPPAPDevices.ps1' -1 <# .SYNOPSIS Retrieves AutoPilot devices for a specific customer tenant. .DESCRIPTION The Get-CIPPAPDevices function retrieves AutoPilot devices for a specific customer tenant by making a REST API call to the "/api/listapdevices" endpoint. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which to retrieve AutoPilot devices. .EXAMPLE Get-CIPPAPDevices -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves AutoPilot devices for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPAPDevices { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting AutoPilot Devices for $CustomerTenantID" $Endpoint = "/api/listapdevices" $Params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion './public/Endpoint/Autopilot/Get-CIPPAPDevices.ps1' 32 #Region './public/Endpoint/Autopilot/Get-CIPPAutoPilotConfig.ps1' -1 <# .SYNOPSIS Retrieves AutoPilot configuration information for a specified customer tenant ID and type. .DESCRIPTION The Get-CIPPAutoPilotConfig function retrieves AutoPilot configuration information for a specified customer tenant ID and type. It makes a REST API call to retrieve the configuration data. .PARAMETER CustomerTenantID Specifies the customer tenant ID for which to retrieve the AutoPilot configuration. .PARAMETER Type Specifies the type of AutoPilot configuration to retrieve. Valid values are "ESP" and "ApProfile". .EXAMPLE Get-CIPPAutoPilotConfig -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -Type "ESP" Retrieves the AutoPilot Status Page for the customer tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPAutoPilotConfig -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -Type "ApProfile" Retrieves the AutoPilot Profile for the customer tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPAutoPilotConfig { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$Type ) if ($Type -eq "ESP") { Write-Verbose "Getting AutoPilot Status Page for $CustomerTenantID" } elseif ($Type -eq "ApProfile"){ Write-Verbose "Getting AutoPilot Profile for customer: $CustomerTenantID" } $Endpoint = "/api/listautopilotconfig" $Params = @{ tenantfilter = $CustomerTenantID type = $Type } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion './public/Endpoint/Autopilot/Get-CIPPAutoPilotConfig.ps1' 47 #Region './public/Endpoint/MEM/Set-CIPPMEMPolicy.ps1' -1 <# .SYNOPSIS Sets the CIPP MEM policy for a customer. .DESCRIPTION The Set-CIPPMEMPolicy function is used to set the CIPP (Customer Identity and Protection Platform) MEM (Mobile Endpoint Management) policy for a customer. It allows you to specify the customer tenant ID, policy ID, display name, description, and assignment type. .PARAMETER CustomerTenantID The unique identifier of the customer tenant. .PARAMETER ID The unique identifier of the policy. .PARAMETER DisplayName The display name of the policy. .PARAMETER Description The description of the policy. .PARAMETER AssignTo The assignment type for the policy. Valid values are "allLicensedUsers", "AllDevices", and "AllDevicesAndUsers". .EXAMPLE Set-CIPPMEMPolicy -CustomerTenantID "12345678-1234-1234-1234-1234567890ab" -ID "Policy001" -DisplayName "Policy 1" -Description "This is policy 1" -AssignTo "AllDevices" This example sets the CIPP MEM policy for a customer with the specified parameters. #> function Set-CIPPMEMPolicy { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$ID, [Parameter(Mandatory = $false)] [string]$DisplayName, [Parameter(Mandatory = $false)] [string]$Description, [ValidateSet("allLicensedUsers", "AllDevices", "AllDevicesAndUsers")] [string]$AssignTo ) Write-Verbose "Getting app consent requests for customer: $CustomerTenantID" $Endpoint = "/api/editpolicy" $body = @{ Tenant = $CustomerTenantID ID = $ID displayname = $DisplayName description = $Description } Invoke-CIPPRestMethod -Endpoint $Endpoint -Body $body -Method 'POST' } #EndRegion './public/Endpoint/MEM/Set-CIPPMEMPolicy.ps1' 57 #Region './public/Endpoint/Reports/Get-CIPPDevices.ps1' -1 <# .SYNOPSIS Retrieves a list of devices for a specific customer. .DESCRIPTION The Get-CIPPDevices function retrieves a list of devices associated with a specific customer in the CIPP system. .PARAMETER CustomerTenantID The unique identifier of the customer's tenant. .EXAMPLE Get-CIPPDevices -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves a list of devices for the customer with the tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .INPUTS None. .OUTPUTS System.Object. .NOTES Author: [Your Name] Date: [Current Date] #> function Get-CIPPDevices { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Devices for customer: $CustomerTenantID" $endpoint = "/api/listdevices" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Endpoint/Reports/Get-CIPPDevices.ps1' 40 #Region './public/Identity/Administration/Get-CIPPRoles.ps1' -1 <# .SYNOPSIS Retrieves the roles for a specific customer tenant ID. .DESCRIPTION The Get-CIPPRoles function retrieves the roles associated with a specific customer tenant ID by making a REST API call to the "/api/listroles" endpoint. .PARAMETER CustomerTenantID The customer tenant ID for which to retrieve the roles. .EXAMPLE Get-CIPPRoles -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the roles for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPRoles { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting roles for $CustomerTenantID" $endpoint = "/api/listroles" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Get-CIPPRoles.ps1' 30 #Region './public/Identity/Administration/Groups/Get-CIPPGroups.ps1' -1 <# .SYNOPSIS Retrieves information about CIPP groups. .DESCRIPTION The Get-CIPPGroups function retrieves information about CIPP groups based on the provided parameters. It can retrieve all groups for a specific tenant, group details for a specific group, group members for a specific group, or group owners for a specific group. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which to retrieve the groups. .PARAMETER GroupID Specifies the ID of the group for which to retrieve the information. If not provided, all groups for the specified tenant will be retrieved. .PARAMETER Members Switch parameter. If specified, retrieves the members of the specified group. .PARAMETER Owners Switch parameter. If specified, retrieves the owners of the specified group. .EXAMPLE Get-CIPPGroups -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves all groups for the specified customer tenant. .EXAMPLE Get-CIPPGroups -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -GroupID "abcdefg" Retrieves the details of the specified group. .EXAMPLE Get-CIPPGroups -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -GroupID "abcdefg" -Members Retrieves the members of the specified group. .EXAMPLE Get-CIPPGroups -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -GroupID "abcdefg" -Owners Retrieves the owners of the specified group. #> function Get-CIPPGroups { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [GUID]$GroupID, [Parameter(Mandatory = $false)] [switch]$Members, [Parameter(Mandatory = $false)] [switch]$Owners ) $switchCount = 0 if ($Members) { $switchCount++ } if ($Owners) { $switchCount++ } if ($switchCount -gt 1) { Write-Error "Only one role switch can be specified at a time." return } if (-not $GroupID) { Write-Verbose "Getting all Groups for tenant $CustomerTenantID" } elseif ($GroupID -and -not $Members -and -not $Owners) { Write-Verbose "Getting Group Details for Group $GroupID" } elseif ($GroupID -and $Members -and -not $Owners) { Write-Verbose "Getting Group Members for Group $GroupID" } elseif ($GroupID -and -not $Members -and $Owners) { Write-Verbose "Getting Group Owners for Group $GroupID" } $endpoint = "/api/listgroups" $params = @{ tenantfilter = $CustomerTenantID groupid = $GroupID } if ($Members) { $params.members = "true" } if ($Owners) { $params.owners = "true" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Groups/Get-CIPPGroups.ps1' 84 #Region './public/Identity/Administration/Groups/Get-CIPPGroupTemplates.ps1' -1 <# .SYNOPSIS Retrieves group templates from the CIPP API. .DESCRIPTION The Get-CIPPGroupTemplates function retrieves group templates from the CIPP API. It can retrieve all group templates or a specific template based on the provided TemplateID. .PARAMETER TemplateID Specifies the ID of the group template to retrieve. If not provided, all group templates will be retrieved. .EXAMPLE Get-CIPPGroupTemplates -TemplateID "12345" Retrieves the group template with the ID "12345" from the CIPP API. .EXAMPLE Get-CIPPGroupTemplates Retrieves all group templates from the CIPP API. #> function Get-CIPPGroupTemplates { [CmdletBinding()] Param( [Parameter(Mandatory = $false)] [string]$TemplateID ) if ($TemplateID) { Write-Verbose "Getting Group Template $TemplateID" } else { Write-Verbose "Getting all Group Templates" } $endpoint = "/api/ListGroupTemplates" $params = @{ id = $TemplateID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Groups/Get-CIPPGroupTemplates.ps1' 41 #Region './public/Identity/Administration/Groups/Remove-CIPPGroup.ps1' -1 <# .SYNOPSIS Removes a CIPP group. .DESCRIPTION The Remove-CIPPGroup function is used to remove a CIPP group from the specified customer tenant. .PARAMETER CustomerTenantID The ID of the customer tenant. .PARAMETER GroupID The ID of the group to be removed. .PARAMETER Grouptype The type of the group. .PARAMETER DisplayName The display name of the group. .EXAMPLE Remove-CIPPGroup -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -GroupID "98765432-1234-5678-9012-34567890ABCD" -Grouptype "Security" -DisplayName "Admins" This example removes a group with the specified ID, type, and display name from the customer tenant with the specified ID. #> function Remove-CIPPGroup { param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [guid]$GroupID, [Parameter(Mandatory = $true)] [string]$Grouptype, [Parameter(Mandatory = $true)] [string]$DisplayName ) Write-Verbose "Removing group: $GroupID" $endpoint = "/api/execgroupsdelete" $params = @{ tenantfilter = $CustomerTenantID id = $GroupID grouptype = $Grouptype displayname = $DisplayName } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Groups/Remove-CIPPGroup.ps1' 50 #Region './public/Identity/Administration/Groups/Set-CIPPGroupDeliveryManagement.ps1' -1 <# .SYNOPSIS Sets the delivery management settings for a group. .DESCRIPTION The Set-CIPPGroupDeliveryManagement function is used to set the delivery management settings for a group in the CIPP project. It allows you to specify the customer tenant ID, group ID, group type, and whether to only allow internal delivery. .PARAMETER CustomerTenantID The ID of the customer tenant. .PARAMETER GroupID The ID of the group. .PARAMETER GroupType The type of the group. Valid values are 'Distribution List', 'Mail-Enabled Security', and 'Microsoft 365'. .PARAMETER OnlyAllowInternal Specifies whether to only allow internal delivery. Valid values are 'true' and 'false'. .EXAMPLE Set-CIPPGroupDeliveryManagement -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -GroupID "67890" -GroupType "Distribution List" -OnlyAllowInternal "true" Sets the delivery management settings for the group with the specified customer tenant ID, group ID, group type, and only allow internal delivery. #> function Set-CIPPGroupDeliveryManagement { param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [guid]$GroupID, [Parameter(Mandatory = $true)] [validateset( 'Distribution List', 'Mail-Enabled Security', 'Microsoft 365' )] [string]$Grouptype, [Parameter(Mandatory = $true)] [validateset( 'true', 'false' )] [string]$onlyallowinternal ) Write-Verbose "Setting delivery management for group: $GroupID" $endpoint = "/api/execgroupsdeliverymanagement" $params = @{ tenantfilter = $CustomerTenantID id = $GroupID grouptype = $Grouptype onlyallowinternal = $onlyallowinternal } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Groups/Set-CIPPGroupDeliveryManagement.ps1' 60 #Region './public/Identity/Administration/Groups/Set-CIPPGroupHideFromGAL.ps1' -1 <# .SYNOPSIS Sets the "hide from GAL" property for a specified group. .DESCRIPTION The Set-CIPPGroupHideFromGAL function is used to set the "hide from GAL" property for a specified group in the CIPP (Cloud Identity and Privacy Protection) system. This function requires the customer tenant ID, group ID, group type, and the hide from GAL value as input parameters. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant. This parameter is mandatory. .PARAMETER GroupID Specifies the ID of the group. This parameter is mandatory. .PARAMETER GroupType Specifies the type of the group. Valid values are 'Distribution List', 'Mail-Enabled Security', 'Microsoft 365', and 'Security'. This parameter is mandatory. .PARAMETER HideFromGAL Specifies whether the group should be hidden from the Global Address List (GAL). Valid values are 'true' and 'false'. This parameter is mandatory. .EXAMPLE Set-CIPPGroupHideFromGAL -CustomerTenantID "12345678-1234-1234-1234-1234567890AB" -GroupID "98765432-4321-4321-4321-0987654321BA" -GroupType "Distribution List" -HideFromGAL "true" Sets the "hide from GAL" property to true for the specified distribution list group. .EXAMPLE Set-CIPPGroupHideFromGAL -CustomerTenantID "12345678-1234-1234-1234-1234567890AB" -GroupID "98765432-4321-4321-4321-0987654321BA" -GroupType "Security" -HideFromGAL "false" Sets the "hide from GAL" property to false for the specified security group. #> function Set-CIPPGroupHideFromGAL { param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [guid]$GroupID, [Parameter(Mandatory = $true)] [validateset( 'Distribution List', 'Mail-Enabled Security', 'Microsoft 365', 'Security' )] [string]$Grouptype, [Parameter(Mandatory = $true)] [validateset( 'true', 'false' )] [string]$hidefromgal ) Write-Verbose "Setting hide from GAL to $hidefromgal for $GroupID" $endpoint = "/api/execgroupshidefromgal" $params = @{ tenantfilter = $CustomerTenantID id = $GroupID grouptype = $Grouptype hidefromgal = $hidefromgal } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Groups/Set-CIPPGroupHideFromGAL.ps1' 64 #Region './public/Identity/Administration/Users/Add-CIPPUser.ps1' -1 <# .SYNOPSIS Adds a user to the specified customer tenant. .DESCRIPTION The Add-CIPPUser function adds a user to the specified customer tenant in the CIPP system. It sends a request to the "/api/adduser" endpoint with the provided user details. .PARAMETER CustomerTenantID The ID of the customer tenant to which the user will be added. .PARAMETER DisplayName The display name of the user. .PARAMETER UserName The username of the user. .PARAMETER AutoPassword Specifies whether to automatically generate a password for the user. Default value is $true. .PARAMETER FirstName The first name of the user. .PARAMETER LastName The last name of the user. .PARAMETER Domain The domain of the user. .PARAMETER AddedAliases Additional aliases for the user. .PARAMETER CopyFrom Specifies the user to copy settings from. .PARAMETER UsageLocation The usage location of the user. .PARAMETER Department The department of the user. .PARAMETER City The city of the user. .PARAMETER Country The country of the user. .PARAMETER Jobtitle The job title of the user. .PARAMETER MobilePhone The mobile phone number of the user. .PARAMETER StreetAddress The street address of the user. .PARAMETER PostalCode The postal code of the user. .PARAMETER CompanyName The company name of the user. .PARAMETER MustChangePass Specifies whether the user must change their password on first login. Default value is $true. .EXAMPLE Add-CIPPUser -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -DisplayName "John Doe" -UserName "johndoe" -FirstName "John" -LastName "Doe" -Domain "example.com" -UsageLocation "US" Adds a user with the specified details to the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". The user's display name is "John Doe", username is "johndoe", first name is "John", last name is "Doe", domain is "example.com", and usage location is "US". #> function Add-CIPPUser { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$DisplayName, [Parameter(Mandatory = $true)] [string]$UserName, [Parameter(Mandatory = $false)] [bool]$AutoPassword = $true, [Parameter(Mandatory = $true)] [string]$FirstName, [Parameter(Mandatory = $true)] [string]$LastName, [Parameter(Mandatory = $true)] [string]$Domain, [Parameter(Mandatory = $false)] [string]$AddedAliases, [Parameter(Mandatory = $false)] [string]$CopyFrom, [Parameter(Mandatory = $true)] [string]$UsageLocation, [Parameter(Mandatory = $false)] [string]$Department, [Parameter(Mandatory = $false)] [string]$City, [Parameter(Mandatory = $false)] [string]$Country, [Parameter(Mandatory = $false)] [string]$Jobtitle, [Parameter(Mandatory = $false)] [string]$MobilePhone, [Parameter(Mandatory = $false)] [string]$StreetAddress, [Parameter(Mandatory = $false)] [string]$PostalCode, [Parameter(Mandatory = $false)] [string]$CompanyName, [Parameter(Mandatory = $false)] [bool]$MustChangePass = $true ) Write-Verbose "Adding User to $CustomerTenantID" $endpoint = "/api/adduser" $body = @{ tenantID = $CustomerTenantID DisplayName = $DisplayName UserName = $UserName AutoPassword = $AutoPassword FirstName = $FirstName LastName = $LastName Domain = $Domain AddedAliases = $AddedAliases CopyFrom = $CopyFrom Usagelocation = $UsageLocation MustChangePass = $MustChangePass } $optionalParams = @{ Country = $Country PostalCode = $PostalCode CompanyName = $CompanyName StreetAddress = $StreetAddress MobilePhone = $MobilePhone Jobtitle = $Jobtitle Department = $Department City = $City } foreach ($key in $optionalParams.Keys) { if ($optionalParams[$key]) { $body[$key] = $optionalParams[$key] } } Invoke-CIPPRestMethod -Endpoint $endpoint -Body $body -Method 'POST' } #EndRegion './public/Identity/Administration/Users/Add-CIPPUser.ps1' 151 #Region './public/Identity/Administration/Users/Get-CIPPBECCheck.ps1' -1 <# .SYNOPSIS Performs a BEC (Business Email Compromise) check for a user. .DESCRIPTION The Get-CIPPBECCheck function performs a BEC check for a user by making a REST API call to the specified endpoint. It waits for the check to complete and returns the response. .PARAMETER CustomerTenantID The ID of the customer's tenant. .PARAMETER UserID The ID of the user. .PARAMETER UserName The name of the user. .EXAMPLE Get-CIPPBECCheck -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" -UserName "JohnDoe" This example performs a BEC check for the user with the specified CustomerTenantID, UserID, and UserName. #> function Get-CIPPBECCheck { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID, [Parameter(Mandatory = $true)] [string]$UserName ) Write-Verbose "Running BEC Check for $Username" $endpoint = "/api/execbeccheck" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID username = $UserName } $initialResponse = Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params $GUID = $initialResponse.guid Write-Verbose "Initial check complete. GUID returned: $GUID" $params.guid = $GUID do { Start-Sleep -Seconds 10 $response = Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params if ($response.waiting -eq "True") { Write-Verbose "BEC Check Still Running." } else { Write-Verbose "BEC Check complete" return $response } } while ($response.waiting -eq "True") } #EndRegion './public/Identity/Administration/Users/Get-CIPPBECCheck.ps1' 62 #Region './public/Identity/Administration/Users/Get-CIPPDeletedItems.ps1' -1 <# .SYNOPSIS Retrieves the deleted items for a specific customer tenant. .DESCRIPTION The Get-CIPPDeletedItems function retrieves the deleted items for a specific customer tenant by making a REST API call to the "/api/listdeleteditems" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve the deleted items. .EXAMPLE Get-CIPPDeletedItems -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the deleted items for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPDeletedItems { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting deleted items for $CustomerTenantID" $endpoint = "/api/listdeleteditems" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Get-CIPPDeletedItems.ps1' 33 #Region './public/Identity/Administration/Users/Get-CIPPUniversalSearch.ps1' -1 <# .SYNOPSIS Performs a universal search for a specified name. .DESCRIPTION The Get-CIPPUniversalSearch function performs a universal search for a specified name by making a REST API call to the /api/execuniversalsearch endpoint. .PARAMETER Name The name to search for. .EXAMPLE Get-CIPPUniversalSearch -Name "John Doe" Searches for the name "John Doe" using the universal search functionality. #> function Get-CIPPUniversalSearch { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$Name ) Write-Verbose "Searching for $Name" $endpoint = "/api/execuniversalsearch" $params = @{ name = $Name } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Get-CIPPUniversalSearch.ps1' 32 #Region './public/Identity/Administration/Users/Get-CIPPUserCAPolicies.ps1' -1 <# .SYNOPSIS Retrieves the Conditional Access (CA) policies for a specific user in a customer's tenant. .DESCRIPTION The Get-CIPPUserCAPolicies function retrieves the Conditional Access (CA) policies for a specific user in a customer's tenant. It makes use of the Invoke-CIPPRestMethod function to send a request to the API endpoint "/api/listuserconditionalaccesspolicies" and returns the response. .PARAMETER CustomerTenantID The ID of the customer's tenant. .PARAMETER UserID The ID of the user for whom the CA policies are to be retrieved. .EXAMPLE Get-CIPPUserCAPolicies -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "user1@dom.com" This example retrieves the CA policies for the user with the ID "user1@domain.com" in the customer's tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPUserCAPolicies { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user CA Policies $CustomerTenantID" $endpoint = "/api/listuserconditionalaccesspolicies" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Get-CIPPUserCAPolicies.ps1' 38 #Region './public/Identity/Administration/Users/Get-CIPPUserCounts.ps1' -1 <# .SYNOPSIS Retrieves user counts for a specific customer tenant ID. .DESCRIPTION The Get-CIPPUserCounts function retrieves user counts for a specific customer tenant ID by making a REST API call to the "/api/listusercounts" endpoint. .PARAMETER CustomerTenantID The customer tenant ID for which to retrieve user counts. .EXAMPLE Get-CIPPUserCounts -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves user counts for the customer tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPUserCounts { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting User Counts for $CustomerTenantID" $endpoint = "/api/listusercounts" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Get-CIPPUserCounts.ps1' 31 #Region './public/Identity/Administration/Users/Get-CIPPUserDevices.ps1' -1 <# .SYNOPSIS Retrieves the devices associated with a specific user. .DESCRIPTION The Get-CIPPUserDevices function retrieves the devices associated with a specific user in the CIPP system. It makes a REST API call to the "/api/listuserdevices" endpoint, passing the customer tenant ID and user ID as parameters. .PARAMETER CustomerTenantID The ID of the customer tenant. .PARAMETER UserID The ID of the user. .EXAMPLE Get-CIPPUserDevices -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "user1@domain.com" Retrieves the devices associated with the user "user1@domain.com" in the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPUserDevices { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user devices for $userID" $endpoint = "/api/listuserdevices" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Get-CIPPUserDevices.ps1' 38 #Region './public/Identity/Administration/Users/Get-CIPPUserGroups.ps1' -1 <# .SYNOPSIS Retrieves the groups that a user belongs to. .DESCRIPTION The Get-CIPPUserGroups function retrieves the groups that a user belongs to based on the provided CustomerTenantID and UserID. .PARAMETER CustomerTenantID The ID of the customer tenant. .PARAMETER UserID The ID of the user. .EXAMPLE Get-CIPPUserGroups -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "user@domain.com" Retrieves the groups that the user with the ID "user@domain.com" belongs to in the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPUserGroups { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user groups for $userID" $endpoint = "/api/listusergroups" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Get-CIPPUserGroups.ps1' 38 #Region './public/Identity/Administration/Users/Get-CIPPUserPhoto.ps1' -1 <# .SYNOPSIS Retrieves the photo of a user from the CIPP API. .DESCRIPTION The Get-CIPPUserPhoto function is used to retrieve the photo of a user from the CIPP API. It sends a request to the API endpoint "/api/listuserphoto" with the specified customer tenant ID and user ID. .PARAMETER CustomerTenantID The customer tenant ID associated with the user. .PARAMETER UserID The ID of the user whose photo needs to be retrieved. .EXAMPLE Get-CIPPUserPhoto -CustomerTenantID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" -UserID "user@domain.com" This example retrieves the photo of the user with the ID "user@domain.com" from the customer tenant with the ID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc". #> function Get-CIPPUserPhoto { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Getting user photo for $userID" $endpoint = "/api/listuserphoto" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Get-CIPPUserPhoto.ps1' 39 #Region './public/Identity/Administration/Users/Get-CIPPUsers.ps1' -1 <# .SYNOPSIS Retrieves user information from the CIPP API. .DESCRIPTION The Get-CIPPUsers function is used to retrieve user information from the CIPP API. It can retrieve all users for a specific tenant or retrieve details for a specific user. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which to retrieve user information. This parameter is mandatory. .PARAMETER UserID Specifies the ID of the user for which to retrieve details. This parameter is optional. .EXAMPLE Get-CIPPUsers -CustomerTenantID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" Retrieves all users for the tenant with ID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc". .EXAMPLE Get-CIPPUsers -CustomerTenantID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" -UserID "user@domain.com" Retrieves details for the user with ID "user@domain.com" in the tenant with ID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc". #> function Get-CIPPUsers { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [string]$UserID ) if (-not $UserID) { Write-Verbose "Getting all users for tenant $CustomerTenantID" } else { Write-Verbose "Getting user details for user $UserID" } $endpoint = "/api/Listusers" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Get-CIPPUsers.ps1' 43 #Region './public/Identity/Administration/Users/Get-CIPPUserSignIns.ps1' -1 <# .SYNOPSIS Retrieves sign-in logs for a specific user in the CIPP system. .DESCRIPTION The Get-CIPPUserSignIns function retrieves the sign-in logs for a specific user in the CIPP system. It requires the customer tenant ID and the user ID as mandatory parameters. .PARAMETER CustomerTenantID The customer tenant ID associated with the user. .PARAMETER UserID The unique identifier of the user. .EXAMPLE Get-CIPPUserSignIns -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" This example retrieves the sign-in logs for the user with the customer tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" and the user ID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc". #> function Get-CIPPUserSignIns { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [guid]$UserID ) Write-Verbose "Getting sign-in logs for User $userID" $endpoint = "/api/listusersigninlogs" $params = @{ tenantfilter = $CustomerTenantID userId = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Get-CIPPUserSignIns.ps1' 38 #Region './public/Identity/Administration/Users/Send-CIPPPush.ps1' -1 <# .SYNOPSIS Sends a push notification to a user. .DESCRIPTION The Send-CIPPPush function sends a push notification to a user specified by their email address. .PARAMETER CustomerTenantID The ID of the customer's tenant. .PARAMETER UserEmail The email address of the user to send the push notification to. .EXAMPLE Send-CIPPPush -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserEmail "user@example.com" Sends a push notification to the user with the email address "user@example.com" in the tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Send-CIPPPush { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserEmail ) Write-Verbose "Sending Push Notification to $UserEmail" $endpoint = "/api/execsendpush" $params = @{ tenantfilter = $CustomerTenantID Useremail = $UserEmail } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Send-CIPPPush.ps1' 37 #Region './public/Identity/Administration/Users/Set-CIPPClrImmID.ps1' -1 <# .SYNOPSIS Clears the Immutable ID for a user. .DESCRIPTION The Set-CIPPClrImmID function clears the Immutable ID for a user by invoking a REST API endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant. .PARAMETER UserID The ID of the user. .EXAMPLE Set-CIPPClrImmID -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" This example clears the Immutable ID for the user with the specified CustomerTenantID and UserID. #> function Set-CIPPClrImmID { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [guid]$UserID ) Write-Verbose "Clearing Immutable ID for User: $userID" $endpoint = "/api/execclrimmid" $params = @{ tenantfilter = $CustomerTenantID Id = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Set-CIPPClrImmID.ps1' 39 #Region './public/Identity/Administration/Users/Set-CIPPCreateTap.ps1' -1 <# .SYNOPSIS Creates a TAP (Temporary Access Passcode) for a user. .DESCRIPTION The Set-CIPPCreateTap function is used to create a TAP (Temporary Access Passcode) for a user in the CIPP system. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which the TAP is being created. This parameter is mandatory. .PARAMETER UserID Specifies the ID of the user for whom the TAP is being created. This parameter is mandatory. .EXAMPLE Set-CIPPCreateTap -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "user@domain.com" Creates a TAP for the user with the ID "user@domain.com" in the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Set-CIPPCreateTap { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID ) Write-Verbose "Creating TAP for User: $userID" $endpoint = "/api/execcreatetap" $params = @{ tenantfilter = $CustomerTenantID Id = $UserID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Set-CIPPCreateTap.ps1' 37 #Region './public/Identity/Administration/Users/Set-CIPPResetPassword.ps1' -1 <# .SYNOPSIS Resets the password for a user in the CIPP system. .DESCRIPTION The Set-CIPPResetPassword function is used to reset the password for a user in the CIPP system. It sends a request to the CIPP API to reset the password for the specified user. .PARAMETER CustomerTenantID The ID of the customer tenant in the CIPP system. .PARAMETER UserID The ID of the user whose password needs to be reset. .PARAMETER MustChange Specifies whether the user must change their password upon next login. The default value is "true". .EXAMPLE Set-CIPPResetPassword -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "user@domain.com" -MustChange "false" Resets the password for the user with ID "user@domain.com" in the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". The user will not be required to change their password upon next login. #> function Set-CIPPResetPassword { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID, [Parameter(Mandatory = $false)] [ValidateSet( "true", "false" )] [string]$MustChange = "true" ) Write-Verbose "Resetting password for $UserID" $endpoint = "/api/execresetpass" $params = @{ tenantfilter = $CustomerTenantID Id = $UserID MustChange = $MustChange } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Set-CIPPResetPassword.ps1' 47 #Region './public/Identity/Administration/Users/Set-CIPPRestoreDeletedUser.ps1' -1 <# .SYNOPSIS Restores a deleted user in the CIPP system. .DESCRIPTION The Set-CIPPRestoreDeletedUser function restores a deleted user in the CIPP (Customer Identity and Privacy Platform) system. It sends a request to the CIPP API to restore the user with the specified ID. .PARAMETER CustomerTenantID The ID of the customer tenant in which the user is being restored. .PARAMETER ID The ID of the user to be restored. .EXAMPLE Set-CIPPRestoreDeletedUser -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -ID "32a411a8-65ad-4358-ac14-5027d9abea9a" Restores the user with the ID "32a411a8-65ad-4358-ac14-5027d9abea9a" in the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Set-CIPPRestoreDeletedUser { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$ID ) Write-Verbose "Restoring user: $ID" $endpoint = "/api/execrestoredeleted" $params = @{ tenantfilter = $CustomerTenantID Id = $ID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Set-CIPPRestoreDeletedUser.ps1' 38 #Region './public/Identity/Administration/Users/Set-CIPPRevokeSessions.ps1' -1 <# .SYNOPSIS Revokes sessions for a specified user in the CIPP system. .DESCRIPTION The Set-CIPPRevokeSessions function revokes sessions for a specified user in the CIPP system. It sends a request to the CIPP API to revoke all active sessions for the specified user. .PARAMETER CustomerTenantID The ID of the customer tenant for which the sessions need to be revoked. .PARAMETER UserID The ID of the user for whom the sessions need to be revoked. .EXAMPLE Set-CIPPRevokeSessions -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" Revokes all sessions for the user with ID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" in the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Set-CIPPRevokeSessions { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID, [Parameter(Mandatory = $true)] [string]$UserName ) Write-Verbose "Revoking Sessions for user: $UserID" $endpoint = "/api/execrevokesessions" $params = @{ TenantFilter = $CustomerTenantID ID = $UserID UserName = $UserName } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Set-CIPPRevokeSessions.ps1' 42 #Region './public/Identity/Administration/Users/Set-CIPPSignInStatus.ps1' -1 <# .SYNOPSIS Sets the sign-in status for a user in the CIPP system. .DESCRIPTION The Set-CIPPSignInStatus function is used to enable or disable the sign-in status for a user in the CIPP system. When the $Enable parameter is set to "true", the function enables sign-in for the specified user. When the $Enable parameter is set to "false", the function disables sign-in for the specified user. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant. .PARAMETER UserID Specifies the ID of the user. .PARAMETER Enable Specifies whether to enable or disable sign-in for the user. Valid values are "true" (to enable sign-in) or "false" (to disable sign-in). .EXAMPLE Set-CIPPSignInStatus -CustomerTenantID "47b02ab5-376d-4c85-b82d-13996c023c93" -UserID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" -Enable "true" Enables sign-in for the user with the ID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" in the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Set-CIPPSignInStatus -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" -Enable "false" Disables sign-in for the user with the ID "281ceb6e-3d12-4a7f-b571-3c4f35ad85bc" in the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Set-CIPPSignInStatus { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID, [Parameter(Mandatory = $true)] [ValidateSet( "true", "false" )] [string]$Enable ) if ($Enable -eq "true") { Write-Verbose "Enabling signin for $UserID" } else { Write-Verbose "Disabling signin for $UserID" } $endpoint = "/api/execdisableuser" $params = @{ tenantfilter = $CustomerTenantID Id = $UserID Enable = $Enable } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Administration/Users/Set-CIPPSignInStatus.ps1' 56 #Region './public/Identity/Administration/Users/Set-CIPPUser.ps1' -1 <# .SYNOPSIS Sets the properties of a CIPP user. .DESCRIPTION The Set-CIPPUser function is used to set the properties of a CIPP user. It allows you to modify various user attributes such as display name, username, first name, last name, domain, aliases, usage location, department, city, country, job title, mobile phone, street address, postal code, company name, and more. You can also add or remove the user from groups. .PARAMETER CustomerTenantID The ID of the customer tenant to which the user belongs. This parameter is mandatory. .PARAMETER UserID The ID of the user to be modified. This parameter is mandatory. .PARAMETER DisplayName The display name of the user. .PARAMETER UserName The username of the user. .PARAMETER FirstName The first name of the user. .PARAMETER LastName The last name of the user. .PARAMETER Domain The domain of the user. .PARAMETER AddedAliases Additional aliases for the user. .PARAMETER CopyFrom The ID of another user from which to copy the properties. .PARAMETER UsageLocation The usage location of the user. .PARAMETER Department The department of the user. .PARAMETER City The city of the user. .PARAMETER Country The country of the user. .PARAMETER Jobtitle The job title of the user. .PARAMETER MobilePhone The mobile phone number of the user. .PARAMETER StreetAddress The street address of the user. .PARAMETER PostalCode The postal code of the user. .PARAMETER CompanyName The company name of the user. .PARAMETER MustChangePass Specifies whether the user must change their password. Default value is $false. .PARAMETER AddToGroups An array of group IDs to which the user should be added. .PARAMETER RemoveFromGroups An array of group IDs from which the user should be removed. .PARAMETER BusinessPhone An array of business phone numbers for the user. .EXAMPLE Set-CIPPUser -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -UserID "user1" -DisplayName "John Doe" -UserName "johndoe" -FirstName "John" -LastName "Doe" -Domain "example.com" -UsageLocation "US" -Department "IT" -City "New York" -Country "USA" -Jobtitle "Developer" -MobilePhone "1234567890" -StreetAddress "123 Main St" -PostalCode "12345" -CompanyName "Example Inc" -MustChangePass $true -AddToGroups "group1", "group2" -RemoveFromGroups "group3" -BusinessPhone "9876543210" #> function Set-CIPPUser { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$UserID, [Parameter(Mandatory = $false)] [string]$DisplayName, [Parameter(Mandatory = $false)] [string]$UserName, [Parameter(Mandatory = $false)] [string]$FirstName, [Parameter(Mandatory = $false)] [string]$LastName, [Parameter(Mandatory = $false)] [string]$Domain, [Parameter(Mandatory = $false)] [string]$AddedAliases, [Parameter(Mandatory = $false)] [string]$CopyFrom, [Parameter(Mandatory = $false)] [string]$UsageLocation, [Parameter(Mandatory = $false)] [string]$Department, [Parameter(Mandatory = $false)] [string]$City, [Parameter(Mandatory = $false)] [string]$Country, [Parameter(Mandatory = $false)] [string]$Jobtitle, [Parameter(Mandatory = $false)] [string]$MobilePhone, [Parameter(Mandatory = $false)] [string]$StreetAddress, [Parameter(Mandatory = $false)] [string]$PostalCode, [Parameter(Mandatory = $false)] [string]$CompanyName, [Parameter(Mandatory = $false)] [bool]$MustChangePass = $false, [Parameter(Mandatory = $false)] [array]$AddToGroups = @(), [Parameter(Mandatory = $false)] [array]$RemoveFromGroups = @(), [Parameter(Mandatory = $false)] [array]$BusinessPhone = @() ) Write-Verbose "Editing user data for $UserID in $CustomerTenantID" $existingUser = Get-CIPPUsers -CustomerTenantID $CustomerTenantID -UserID $UserID if ($AddToGroups.Count -gt 0) { $GroupsToAdd = foreach ($group in $AddToGroups) { $CIPPAddGroup = Get-CIPPGroups -CustomerTenantID $CustomerTenantID -GroupID $group [PSCustomObject]@{ value = [PSCustomObject]@{ groupid = $cippAddGroup.ID groupName = $cippAddGroup.DisplayName groupType = $cippAddgroup.calculatedGroupType } label = "$($CIPPAddGroup.DisplayName) - $($CIPPAddGroup.calculatedGroupType)" } } } if ($RemoveFromGroups.Count -gt 0) { $GroupsToRemove = foreach ($oldgroup in $RemoveFromGroups) { $CIPPRemoveGroup = Get-CIPPGroups -CustomerTenantID $CustomerTenantID -GroupID $oldgroup [PSCustomObject]@{ value = [PSCustomObject]@{ groupid = $CIPPRemoveGroup.ID groupName = $CIPPRemoveGroup.DisplayName groupType = $CIPPRemoveGroup.calculatedGroupType } label = "$($CIPPRemoveGroup.DisplayName) - $($CIPPRemoveGroup.calculatedGroupType)" } } } $body = @{ tenantID = $CustomerTenantID UserID = $UserID userPrincipalName = $UserName ? ($UserName + "@" + $Domain) : $existingUser.UserPrincipalName Username = $UserName ? $UserName : $existingUser.UserName DisplayName = $DisplayName ? $DisplayName : $existingUser.DisplayName Domain = $Domain ? $Domain : $existingUser.primDomain firstName = $FirstName ? $FirstName : $existingUser.GivenName LastName = $LastName ? $LastName : $existingUser.surname Jobtitle = $Jobtitle ? $Jobtitle : $existingUser.Jobtitle usageLocation = $UsageLocation ? $UsageLocation : $existingUser.UsageLocation BusinessPhone = if ($BusinessPhone.Count -eq 0) { $existingUser.BusinessPhones } else { $BusinessPhone } AddToGroups = $GroupsToAdd RemoveFromGroups = $GroupsToRemove CopyFrom = $CopyFrom Country = $Country ? $Country : $existingUser.Country PostalCode = $PostalCode ? $PostalCode : $existingUser.PostalCode CompanyName = $CompanyName ? $CompanyName : $existingUser.CompanyName StreetAddress = $StreetAddress ? $StreetAddress : $existingUser.StreetAddress MobilePhone = $MobilePhone ? $MobilePhone : $existingUser.MobilePhone Department = $Department ? $Department : $existingUser.Department City = $City ? $City : $existingUser.City } Invoke-CIPPRestMethod -Endpoint "/api/edituser" -Body $body -Method 'POST' } #EndRegion './public/Identity/Administration/Users/Set-CIPPUser.ps1' 190 #Region './public/Identity/Reports/Get-CIPPBasicAuth.ps1' -1 <# .SYNOPSIS Retrieves Basic Authentication information for a specific customer. .DESCRIPTION The Get-CIPPBasicAuth function retrieves Basic Authentication information for a specific customer by making a REST API call to the "/api/listbasicauth" endpoint. .PARAMETER CustomerTenantID The unique identifier of the customer's tenant. .EXAMPLE Get-CIPPBasicAuth -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves Basic Authentication information for the customer with the tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPBasicAuth { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Basic Auth for customer: $CustomerTenantID" $Endpoint = "/api/listbasicauth" $Params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion './public/Identity/Reports/Get-CIPPBasicAuth.ps1' 30 #Region './public/Identity/Reports/Get-CIPPInactiveAccounts.ps1' -1 <# .SYNOPSIS Retrieves a list of inactive accounts for a specific customer. .DESCRIPTION The Get-CIPPInactiveAccounts function retrieves a list of inactive accounts for a specific customer based on the provided CustomerTenantID. .PARAMETER CustomerTenantID Specifies the ID of the customer's tenant for which to retrieve the inactive accounts. .EXAMPLE Get-CIPPInactiveAccounts -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the list of inactive accounts for the customer with the tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPInactiveAccounts { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting inactive accounts for customer: $CustomerTenantID" $endpoint = "/api/listinactiveaccounts" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Reports/Get-CIPPInactiveAccounts.ps1' 31 #Region './public/Identity/Reports/Get-CIPPMFAUsers.ps1' -1 <# .SYNOPSIS Retrieves the MFA users for a specified customer tenant ID. .DESCRIPTION The Get-CIPPMFAUsers function retrieves the MFA users for a specified customer tenant ID by making a REST API call to the "/api/listmfausers" endpoint. .PARAMETER CustomerTenantID Specifies the customer tenant ID for which to retrieve the MFA users. .EXAMPLE Get-CIPPMFAUsers -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the MFA users for the customer tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPMFAUsers { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting MFA users for $CustomerTenantID" $endpoint = "/api/listmfausers" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Reports/Get-CIPPMFAUsers.ps1' 30 #Region './public/Identity/Reports/Get-CIPPSignIns.ps1' -1 <# .SYNOPSIS Retrieves sign-in information for a specific customer tenant. .DESCRIPTION The Get-CIPPSignIns function retrieves sign-in information for a specific customer tenant. It can filter the results based on various criteria such as failed logons. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which to retrieve sign-in information. This parameter is mandatory. .PARAMETER failedlogononly Indicates whether to retrieve only failed logon sign-ins. This parameter is optional. .PARAMETER filter Specifies an additional filter to apply to the sign-in results. This parameter is optional. .EXAMPLE Get-CIPPSignIns -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -failedlogononly This example retrieves all failed logon sign-ins for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPSignIns { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [switch]$failedlogononly, [Parameter(Mandatory = $false)] [string]$filter ) Write-Verbose "Getting Signins for $CustomerTenantID" $endpoint = "/api/listsignins" $params = @{ tenantfilter = $CustomerTenantID filter = $filter } if ($failedlogononly) { $params.failedlogononly = "true" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Identity/Reports/Get-CIPPSignIns.ps1' 48 #Region './public/Intune/Device/Get-CIPPGetBitLockerKey.ps1' -1 <# .SYNOPSIS Gets the BitLocker recovery key for a specified computer. .DESCRIPTION The Get-CIPPGetBitLockerKey function retrieves the BitLocker recovery key for a specified computer in the CIPP project. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant. .PARAMETER guid Specifies the GUID of the computer for which to retrieve the BitLocker recovery key. .EXAMPLE Get-CIPPGetBitLockerKey -CustomerTenantID "12345678-1234-1234-1234-1234567890AB" -guid "01234567-89AB-CDEF-0123-456789ABCDEF" Retrieves the BitLocker recovery key for the computer with the specified GUID in the CIPP project. #> Function Get-CIPPGetBitLockerKey { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [guid]$guid ) Write-Verbose "Getting bitlocker key for computer: $guid" # Define the endpoint and parameters $endpoint = "/api/execgetrecoverykey" $params = @{ tenantfilter = $CustomerTenantID guid = $guid } # Use the Invoke-CIPPRequest function to make the request Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Intune/Device/Get-CIPPGetBitLockerKey.ps1' 40 #Region './public/Intune/Device/Get-CIPPIntuneIntents.ps1' -1 <# .SYNOPSIS Retrieves Intune Intents for a specific customer. .DESCRIPTION The Get-CIPPIntuneIntents function retrieves Intune Intents for a specific customer based on the provided CustomerTenantID. .PARAMETER CustomerTenantID Specifies the ID of the customer's tenant. .EXAMPLE Get-CIPPIntuneIntents -CustomerTenantID "contoso.onmicrosoft.com" This example retrieves Intune Intents for the customer with the tenant ID "contoso.onmicrosoft.com". .EXAMPLE Get-CIPPIntuneIntents -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" This example retrieves Intune Intents for the customer with the tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> Function Get-CIPPIntuneIntents { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Intune Intents for customer: $CustomerTenantID" # Define the endpoint and parameters $endpoint = "/api/listintuneintents" $params = @{ tenantfilter = $CustomerTenantID } # Use the Invoke-CIPPRequest function to make the request Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Intune/Device/Get-CIPPIntuneIntents.ps1' 38 #Region './public/Intune/Device/Get-CIPPIntunePolicy.ps1' -1 <# .SYNOPSIS Retrieves Intune policies for a specific customer. .DESCRIPTION The Get-CIPPIntunePolicy function retrieves Intune policies for a specific customer based on the provided parameters. It uses the Invoke-CIPPRestMethod function to make the request to the API. .PARAMETER CustomerTenantID The ID of the customer's tenant. .PARAMETER PolicyID The ID of the policy. This parameter is optional. .PARAMETER Urlname The URL name. This parameter is optional. .EXAMPLE Get-CIPPIntunePolicy -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -PolicyID "policy123" -Urlname "example" This example retrieves the Intune policies for the customer with the tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778", using the policy ID "policy123" and the URL name "example". .EXAMPLE Get-CIPPIntunePolicy -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" This example retrieves all Intune policies for the customer with the tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> Function Get-CIPPIntunePolicy { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [string]$PolicyID, [Parameter(Mandatory = $false)] [string]$Urlname ) Write-Verbose "Getting Intune policies for customer: $CustomerTenantID" # Validation to ensure both $PolicyID and $urlname are supplied together if (($PolicyID -and -not $urlname) -or (-not $PolicyID -and $urlname)) { throw "You must supply both -PolicyID and -Urlname parameters together or not at all." } # Define the endpoint and parameters $endpoint = "/api/listintunepolicy" $params = @{ tenantfilter = $CustomerTenantID URLName = $urlname id = $PolicyID } # Use the Invoke-CIPPRequest function to make the request Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Intune/Device/Get-CIPPIntunePolicy.ps1' 55 #Region './public/Intune/Device/Get-CIPPIntuneTemplates.ps1' -1 <# .SYNOPSIS Retrieves Intune templates. .DESCRIPTION The Get-CIPPIntuneTemplates function retrieves Intune templates using the CIPPRestMethod cmdlet. .PARAMETER TemplateID Specifies the ID of the template to retrieve. This parameter is optional. .EXAMPLE Get-CIPPIntuneTemplates -TemplateID "12345" Retrieves the Intune template with the ID "12345". #> function Get-CIPPIntuneTemplates { [CmdletBinding()] Param( [Parameter(Mandatory = $false)] [string]$TemplateID ) Write-Verbose "Getting Intune Templates" $endpoint = "/api/listintunetemplates" $params = @{ tenantfilter = $CustomerTenantID id = $TemplateID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Intune/Device/Get-CIPPIntuneTemplates.ps1' 31 #Region './public/Intune/Device/Get-CIPPLocalAdminPassword.ps1' -1 <# .SYNOPSIS Retrieves the local admin password for a specified computer. .DESCRIPTION The Get-CIPPLocalAdminPassword function retrieves the local admin password for a specified computer in the CIPP project. It makes a REST API request to the CIPP API endpoint to fetch the password. .PARAMETER CustomerTenantID The ID of the customer tenant. .PARAMETER guid The GUID of the computer for which to retrieve the local admin password. .EXAMPLE Get-CIPPLocalAdminPassword -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -guid "abcdefg" This example retrieves the local admin password for the computer with the specified GUID in the CIPP project. .INPUTS None. .OUTPUTS None. .NOTES Author: Your Name Date: Current Date .LINK https://cipp-project.com/documentation/get-cipplocaladminpassword #> Function Get-CIPPLocalAdminPassword { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [guid]$guid ) Write-Verbose "Getting local admin password for computer: $guid" # Define the endpoint and parameters $endpoint = "/api/execgetlocaladminpassword" $params = @{ tenantfilter = $CustomerTenantID guid = $guid } # Use the Invoke-CIPPRequest function to make the request Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Intune/Device/Get-CIPPLocalAdminPassword.ps1' 53 #Region './public/Intune/Device/Set-CIPPAutoPilotSync.ps1' -1 <# .SYNOPSIS Syncs AutoPilot devices for a specified customer tenant ID. .DESCRIPTION The Get-CIPPAutoPilotSync function is used to sync AutoPilot devices for a specific customer tenant ID. It makes a request to the specified endpoint with the provided parameters. .PARAMETER CustomerTenantID Specifies the customer tenant ID for which the AutoPilot devices need to be synced. .EXAMPLE Get-CIPPAutoPilotSync -CustomerTenantID "contoso.onmicrosoft.com" Syncs AutoPilot devices for the customer tenant ID "contoso.onmicrosoft.com". #> Function Set-CIPPAutoPilotSync { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Syncing AutoPilot Devices for $CustomerTenantID" # Define the endpoint and parameters $endpoint = "/api/execsyncapdevices" $params = @{ tenantfilter = $CustomerTenantID } # Use the Invoke-CIPPRequest function to make the request Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Intune/Device/Set-CIPPAutoPilotSync.ps1' 34 #Region './public/Invoke-CIPPRestMethod.ps1' -1 <# .SYNOPSIS Invokes a REST method using the CIPP API. .DESCRIPTION The Invoke-CIPPRestMethod function is used to send HTTP requests to the CIPP API. It supports various HTTP methods such as GET, POST, PUT, DELETE, etc. The function assembles the request parameters, including the endpoint, query parameters, request body, headers, and authorization token. It then sends the request using the Invoke-RestMethod cmdlet and returns the response. .PARAMETER Endpoint The endpoint of the API to send the request to. .PARAMETER Params Optional. A hashtable of query parameters to include in the request URL. .PARAMETER Method Optional. The HTTP method to use for the request. The default value is 'GET'. .PARAMETER Body Optional. A hashtable representing the request body. It will be converted to JSON before sending the request. .PARAMETER ContentType Optional. The content type of the request body. The default value is 'application/json'. .PARAMETER Authorization Optional. The authorization token to include in the request headers. .EXAMPLE Invoke-CIPPRestMethod -Endpoint '/api/Listusers' -Method 'GET' -Params @{ 'tenantfilter' = '11c11ab1-527a-1d29-l92e-76413h012s76' } This example sends a GET request to the '/api/Listusers' endpoint with a query parameter 'tenantfilter' set to '11c11ab1-527a-1d29-l92e-76413h012s76'. .EXAMPLE Invoke-CIPPRestMethod -Endpoint '/api/ListMailboxPermissions' -Params @{ 'tenantfilter' = 'M365x72601982.onmicrosoft.com', 'userid' = '11c11ab1-527a-1d29-l92e-76413h012s76'} This example sends a GET request to the '/api/ListMailboxPermissions' endpoint with a query parameter 'tenantfilter' set to 'M365x72601982.onmicrosoft.com' and 'userid' set to '11c11ab1-527a-1d29-l92e-76413h012s76' .EXAMPLE Invoke-CIPPRestMethod -Endpoint '/api/adduser' -method 'POST' -Body @{ 'tenantID' = '11c11ab1-527a-1d29-l92e-76413h012s76';'DisplayName' = 'Test User';'UserName' = 'testuser';'AutoPassword' = $true;'FirstName' = 'Test';'LastName' = 'User';'Domain' = 'M365x72601982.onmicrosoft.com';'CopyFrom' = "" } This example sends a POST request to the '/api/adduser' endpoint with a Body 'tenantID' set to '11c11ab1-527a-1d29-l92e-76413h012s76' and 'DisplayName' set to 'Test User', 'UserName' set to 'testuser', 'AutoPassword' set to $true, 'FirstName' set to 'Test', 'LastName' set to 'User', 'Domain' set to 'M365x72601982.onmicrosoft.com' #> function Invoke-CIPPRestMethod { param ( [string]$Endpoint, [hashtable]$Params = @{}, [string]$Method = 'GET', [hashtable]$Body = @{}, [string]$ContentType = 'application/json', [string]$Authorization = $null ) try { Invoke-CIPPPreFlightCheck } catch { Write-Error "$($_.Exception.Message)" break } $Headers = $script:AuthHeader # Assemble parameters $ParamCollection = [System.Web.HttpUtility]::ParseQueryString([String]::Empty) $Params.GetEnumerator() | ForEach-Object { $ParamCollection.Add($_.Key, $_.Value) } $Request = $ParamCollection.ToString() $UriBuilder = [System.UriBuilder]('{0}{1}' -f $script:CIPPAPIUrl, $Endpoint) $UriBuilder.Query = $Request $BodyJson = $Body | ConvertTo-Json -Depth 10 $Request = @{ Uri = $UriBuilder.ToString() Method = $Method Headers = $Headers ContentType = $ContentType Body = $BodyJson } Write-Verbose "$Method [ $($UriBuilder.ToString()) ]" $response = Invoke-RestMethod @Request -ConnectionTimeoutSeconds 600 return $response } #EndRegion './public/Invoke-CIPPRestMethod.ps1' 83 #Region './public/Security/Defender/Get-CIPPDefenderState.ps1' -1 <# .SYNOPSIS Retrieves the Defender state for a specific customer. .DESCRIPTION The Get-CIPPDefenderState function retrieves the Defender state for a specific customer identified by their tenant ID. .PARAMETER CustomerTenantID Specifies the tenant ID of the customer for whom the Defender state needs to be retrieved. .EXAMPLE Get-CIPPDefenderState -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the Defender state for the customer with the specified tenant ID. #> function Get-CIPPDefenderState { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [Guid]$CustomerTenantID ) Write-Verbose "Getting Defender State for customer: $CustomerTenantID" $endpoint = "/api/listdefenderstate" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Security/Defender/Get-CIPPDefenderState.ps1' 31 #Region './public/Security/Defender/Get-CIPPDefenderTVM.ps1' -1 <# .SYNOPSIS Retrieves Defender TVM for a specific customer. .DESCRIPTION The Get-CIPPDefenderTVM function retrieves the Defender TVM (Threat and Vulnerability Management) for a specific customer based on the provided CustomerTenantID. .PARAMETER CustomerTenantID Specifies the unique identifier of the customer's tenant. .EXAMPLE Get-CIPPDefenderTVM -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the Defender TVM for the customer with the tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPDefenderTVM { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Defender TVM for customer: $CustomerTenantID" $endpoint = "/api/listdefendertvm" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Security/Defender/Get-CIPPDefenderTVM.ps1' 30 #Region './public/Security/Incidents/Get-CIPPAlertsList.ps1' -1 <# .SYNOPSIS Retrieves a list of alerts for a specific customer. .DESCRIPTION The Get-CIPPAlertsList function retrieves a list of alerts for a specific customer identified by their tenant ID. .PARAMETER CustomerTenantID The tenant ID of the customer for whom to retrieve the alerts. .EXAMPLE Get-CIPPAlertsList -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the alerts for the customer with the tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPAlertsList { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Alerts for customer: $CustomerTenantID" $endpoint = "/api/execalertslist" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Security/Incidents/Get-CIPPAlertsList.ps1' 30 #Region './public/Security/Incidents/Get-CIPPIncidentList.ps1' -1 <# .SYNOPSIS Retrieves a list of incidents for a specific customer. .DESCRIPTION The Get-CIPPIncidentList function retrieves a list of incidents for a specific customer identified by their tenant ID. .PARAMETER CustomerTenantID The tenant ID of the customer for whom to retrieve the incidents. .EXAMPLE Get-CIPPIncidentList -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the incidents for the customer with the tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPIncidentList { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Incidents for customer: $CustomerTenantID" $endpoint = "/api/execincidentslist" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Security/Incidents/Get-CIPPIncidentList.ps1' 30 #Region './public/Security/Reports/Get-CIPPDeviceCompliance.ps1' -1 <# .SYNOPSIS Retrieves device compliance information for a specific customer tenant. .DESCRIPTION The Get-CIPPDeviceCompliance function retrieves device compliance information for a specified customer tenant. It makes use of the Invoke-CIPPRestMethod function to send a request to the CIPP API and retrieve the device compliance data. .PARAMETER CustomerTenantID The unique identifier of the customer tenant for which to retrieve device compliance information. .EXAMPLE Get-CIPPDeviceCompliance -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves device compliance information for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPDeviceCompliance { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Device Compliance for $CustomerTenantID" $endpoint = "/api/listalltenantdevicecompliance" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Security/Reports/Get-CIPPDeviceCompliance.ps1' 30 #Region './public/Set-CIPPAPIDetails.ps1' -1 <# .SYNOPSIS Sets the CIPP API details. .DESCRIPTION The Set-CIPPAPIDetails function is used to set the CIPP API details, including the client ID, client secret, API URL, and tenant ID. .PARAMETER CIPPClientID Specifies the client ID for the CIPP API. .PARAMETER CIPPClientSecret Specifies the client secret for the CIPP API. .PARAMETER CIPPAPIUrl Specifies the URL for the CIPP API. .PARAMETER TenantID Specifies the tenant ID for the CIPP API. .EXAMPLE Set-CIPPAPIDetails -CIPPClientID "d8d41058-97df-4b80-8e1b-7083d756409f" -CIPPClientSecret "YourSecurePassword" -CIPPAPIUrl "https://api.cipp.com" -TenantID "7c2f78c0-554e-4f42-a663-c4df3ce7f51f" This example sets the CIPP API details with the specified values. #> function Set-CIPPAPIDetails { [CmdletBinding()] Param( [Parameter(ParameterSetName = 'CIPP', Mandatory = $true)] [string]$CIPPClientID, [Parameter(ParameterSetName = 'CIPP', Mandatory = $true)] [String]$CIPPClientSecret, [Parameter(ParameterSetName = 'CIPP', Mandatory = $true)] [String]$CIPPAPIUrl, [Parameter(ParameterSetName = 'CIPP', Mandatory = $true)] [String]$TenantID ) write-Verbose "Setting CIPP API Keys" $script:CIPPClientID = $CIPPClientID $script:CIPPClientSecret = $CIPPClientSecret $script:CIPPAPIUrl = $CIPPAPIUrl $script:TenantID = $TenantID } #EndRegion './public/Set-CIPPAPIDetails.ps1' 44 #Region './public/Teams-Sharepoint/OneDrive/Set-CIPPOneDrivePerms.ps1' -1 <# .SYNOPSIS Sets permissions for a user on a OneDrive. .DESCRIPTION The Set-CIPPOneDrivePerms function is used to give or remove access permissions for a specified user on a OneDrive. .PARAMETER CustomerTenantID The ID of the customer's tenant. .PARAMETER OneDriveUserUPN The User Principal Name (UPN) of the OneDrive user. .PARAMETER RemovePermission Specifies whether to remove the access permission for the specified user. If set to $true, the permission will be removed. If set to $false, the permission will be granted. .PARAMETER GiveAccessToUPN The User Principal Name (UPN) of the user to whom access is being granted or removed. .EXAMPLE Set-CIPPOneDrivePerms -CustomerTenantID "contoso.onmicrosoft.com" -OneDriveUserUPN "john@contoso.com" -RemovePermission $false -GiveAccessToUPN "jane@contoso.com" Grants access to "jane@contoso.com" on the OneDrive of user "john@contoso.com" in the "contoso.onmicrosoft.com" tenant. .EXAMPLE Set-CIPPOneDrivePerms -CustomerTenantID "contoso.onmicrosoft.com" -OneDriveUserUPN "john@contoso.com" -RemovePermission $true -GiveAccessToUPN "jane@contoso.com" Removes access for "jane@contoso.com" from the OneDrive of user "john@contoso.com" in the "contoso.onmicrosoft.com" tenant. #> function Set-CIPPOneDrivePerms { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$OneDriveUserUPN, [Parameter(Mandatory = $true)] [bool]$RemovePermission, [Parameter(Mandatory = $true)] [string]$GiveAccessToUPN ) Write-Verbose "Giving access to $GiveAccessToUPN on $OneDriveUserUPN's OneDrive." $endpoint = "/api/ExecSharePointPerms" $body = @{ TenantFilter = $CustomerTenantID UPN = $OneDriveUserUPN URL = $SiteUrl RemovePermission = $RemovePermission input = $GiveAccessToUPN } Invoke-CIPPRestMethod -Endpoint $endpoint -Body $body -Method POST } #EndRegion './public/Teams-Sharepoint/OneDrive/Set-CIPPOneDrivePerms.ps1' 53 #Region './public/Teams-Sharepoint/Sharepoint/Get-CIPPSharePointQuota.ps1' -1 <# .SYNOPSIS Retrieves the SharePoint quota for a specific customer tenant. .DESCRIPTION The Get-CIPPSharePointQuota function retrieves the SharePoint quota for a specific customer tenant by making a REST API call to the "/api/listsharepointquota" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which the SharePoint quota needs to be retrieved. .EXAMPLE Get-CIPPSharePointQuota -CustomerTenantID "contoso.onmicrosoft.com" This example retrieves the SharePoint quota for the customer tenant with the ID "contoso.onmicrosoft.com". .EXAMPLE Get-CIPPSharePointQuota -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" This example retrieves the SharePoint quota for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPSharePointQuota { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting SharePoint quota for $CustomerTenantID" $endpoint = "/api/listsharepointquota" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Teams-Sharepoint/Sharepoint/Get-CIPPSharePointQuota.ps1' 34 #Region './public/Teams-Sharepoint/Sharepoint/Get-CIPPSharePointSites.ps1' -1 <# .SYNOPSIS Retrieves SharePoint sites for a specified customer tenant. .DESCRIPTION The Get-CIPPSharePointSites function retrieves SharePoint sites for a specified customer tenant. It uses the Invoke-CIPPRestMethod function to make a REST API call to retrieve the sites. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve SharePoint sites. This parameter is mandatory. .PARAMETER urlonly Specifies whether to retrieve only the URLs of the SharePoint sites. By default, this parameter is not specified. .PARAMETER UserUPN The user's UPN (User Principal Name) for which to retrieve SharePoint sites. This parameter is optional. .EXAMPLE Get-CIPPSharePointSites -CustomerTenantID "contoso.onmicrosoft.com" Retrieves all SharePoint sites for the customer tenant "contoso.onmicrosoft.com". .EXAMPLE Get-CIPPSharePointSites -CustomerTenantID "contoso.onmicrosoft.com" -urlonly Retrieves only the URLs of the SharePoint sites for the customer tenant "contoso.onmicrosoft.com". .EXAMPLE Get-CIPPSharePointSites -CustomerTenantID "contoso.onmicrosoft.com" -UserUPN "user@contoso.com" Retrieves SharePoint sites for the user "user@contoso.com" in the customer tenant "contoso.onmicrosoft.com". #> function Get-CIPPSharePointSites { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [switch]$urlonly, [Parameter(Mandatory = $false)] [string]$UserUPN ) Write-Verbose "Getting sites for $CustomerTenantID" $endpoint = "/api/listsites" $params = @{ tenantfilter = $CustomerTenantID type = "SharePointSiteUsage" userupn = $UserUPN } if ($urlonly) { $params.URLOnly = "true" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Teams-Sharepoint/Sharepoint/Get-CIPPSharePointSites.ps1' 55 #Region './public/Teams-Sharepoint/Sharepoint/Set-CIPPSharePointSiteAdmin.ps1' -1 <# .SYNOPSIS Sets the SharePoint site admin for a given site. .DESCRIPTION The Set-CIPPSharePointSiteAdmin function sets the SharePoint site admin for a specified site by making a REST API call to the CIPP API. .PARAMETER CustomerTenantID The ID of the customer's tenant. .PARAMETER CurrentAdminUPN The UPN (User Principal Name) of the current site admin. .PARAMETER SiteUrl The URL of the SharePoint site. .PARAMETER RemovePermission Specifies whether to remove the admin permission for the current admin UPN. .PARAMETER AdditionalAdminUPN The UPN of the additional admin to be added. .EXAMPLE Set-CIPPSharePointSiteAdmin -CustomerTenantID "contoso.onmicrosoft.com" -CurrentAdminUPN "admin@contoso.com" -SiteUrl "https://contoso.sharepoint.com/sites/site1" -RemovePermission $true -AdditionalAdminUPN "admin2@contoso.com" Sets the SharePoint site admin for the site "https://contoso.sharepoint.com/sites/site1" by removing the admin permission for "admin@contoso.com" and adding "admin2@contoso.com" as an additional admin. #> function Set-CIPPSharePointSiteAdmin { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$CurrentAdminUPN, [Parameter(Mandatory = $true)] [string]$SiteUrl, [Parameter(Mandatory = $true)] [bool]$RemovePermission, [Parameter(Mandatory = $true)] [string]$AdditionalAdminUPN ) Write-Verbose "Setting SharePoint Owner on $Url" $endpoint = "/api/ExecSharePointPerms" $body = @{ TenantFilter = $CustomerTenantID UPN = $CurrentAdminUPN URL = $SiteUrl RemovePermission = $RemovePermission input = $AdditionalAdminUPN } Invoke-CIPPRestMethod -Endpoint $endpoint -Body $body -Method POST } #EndRegion './public/Teams-Sharepoint/Sharepoint/Set-CIPPSharePointSiteAdmin.ps1' 55 #Region './public/Teams-Sharepoint/Sharepoint/Set-CIPPSharePointSiteMembers.ps1' -1 <# .SYNOPSIS Sets SharePoint site members with specified permissions. .DESCRIPTION The Set-CIPPSharePointSiteMembers function is used to set SharePoint site members with specified permissions. It sends a request to the CIPP API to execute the operation. .PARAMETER CustomerTenantID Specifies the ID of the customer's tenant. .PARAMETER SharePointType Specifies the type of SharePoint site. .PARAMETER SiteUrl Specifies the URL of the SharePoint site. .PARAMETER AddPermission Specifies whether to add or remove permissions for the user. .PARAMETER GroupUPN Specifies the UPN (User Principal Name) of the site group. .PARAMETER UserToGiveAccessUPN Specifies the UPN of the user to give access to. .EXAMPLE Set-CIPPSharePointSiteMembers -CustomerTenantID "contoso.onmicrosoft.com" -SharePointType "Group" -SiteUrl "https://contoso.sharepoint.com/sites/TeamSite" -AddPermission $true -GroupUPN "group@contoso.com" -UserToGiveAccessUPN "user@contoso.com" Sets the SharePoint site members by adding permissions for the specified user. . #> function Set-CIPPSharePointSiteMembers { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $true)] [string]$SharePointType, [Parameter(Mandatory = $true)] [string]$SiteUrl, [Parameter(Mandatory = $true)] [bool]$AddPermission, [Parameter(Mandatory = $true)] [string]$GroupUPN, [Parameter(Mandatory = $true)] [string]$UserToGiveAccessUPN ) Write-Verbose "Setting SharePoint Member on $Url" $endpoint = "/api/ExecSetSharePointMember" $body = @{ TenantFilter = $CustomerTenantID SharePointType = $SharePointType URL = $SiteUrl add = $AddPermission GroupId = $GroupUPN input = $UserToGiveAccessUPN } Invoke-CIPPRestMethod -Endpoint $endpoint -Body $body -Method POST } #EndRegion './public/Teams-Sharepoint/Sharepoint/Set-CIPPSharePointSiteMembers.ps1' 61 #Region './public/Teams-Sharepoint/Teams/Get-CIPPTeams.ps1' -1 <# .SYNOPSIS Retrieves teams sites for a specified customer tenant ID. .DESCRIPTION The Get-CIPPTeams function retrieves teams sites for a specified customer tenant ID. It uses the Invoke-CIPPRestMethod function to make a REST API call to retrieve the teams sites. .PARAMETER CustomerTenantID The customer tenant ID for which to retrieve teams sites. This parameter is mandatory. .PARAMETER ID The ID of the teams site to retrieve. This parameter is optional. .EXAMPLE Get-CIPPTeams -CustomerTenantID "contoso.onmicrosoft.com" Retrieves all teams sites for the "contoso.onmicrosoft.com" tenant. .EXAMPLE Get-CIPPTeams -CustomerTenantID "contoso.onmicrosoft.com" -ID "12345" Retrieves the teams site with the ID "12345" for the "contoso.onmicrosoft.com" tenant. #> function Get-CIPPTeams { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [string]$ID ) Write-Verbose "Getting teams sites for $CustomerTenantID" $endpoint = "/api/listteams" $params = @{ tenantfilter = $CustomerTenantID type = if ($ID) { "team" } else { "list" } ID = $id } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Teams-Sharepoint/Teams/Get-CIPPTeams.ps1' 43 #Region './public/Teams-Sharepoint/Teams/Get-CIPPTeamsActivity.ps1' -1 <# .SYNOPSIS Retrieves the activity of Teams users in a specified customer tenant. .DESCRIPTION The Get-CIPPTeamsActivity function retrieves the activity of Teams users in a specified customer tenant. It makes use of the Invoke-CIPPRestMethod function to send a request to the "/api/listteamsactivity" endpoint with the provided parameters. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve the Teams activity. .EXAMPLE Get-CIPPTeamsActivity -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the Teams activity for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPTeamsActivity { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting teams activity $CustomerTenantID" $endpoint = "/api/listteamsactivity" $params = @{ tenantfilter = $CustomerTenantID type = "TeamsUserActivityUser" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Teams-Sharepoint/Teams/Get-CIPPTeamsActivity.ps1' 32 #Region './public/Teams-Sharepoint/Teams/Get-CIPPTeamsVoice.ps1' -1 <# .SYNOPSIS Retrieves teams voice information for a specified customer tenant ID. .DESCRIPTION The Get-CIPPTeamsVoice function retrieves teams voice information for a specified customer tenant ID. It makes use of the Invoke-CIPPRestMethod function to send a request to the "/api/listteamsvoice" endpoint with the provided tenant filter. .PARAMETER CustomerTenantID The customer tenant ID for which to retrieve teams voice information. This parameter is mandatory. .EXAMPLE Get-CIPPTeamsVoice -CustomerTenantID "contoso.onmicrosoft.com" Retrieves teams voice information for the customer tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPTeamsVoice { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting teams voice $CustomerTenantID" $endpoint = "/api/listteamsvoice" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Teams-Sharepoint/Teams/Get-CIPPTeamsVoice.ps1' 31 #Region './public/Tenant/Administration/Alerts/Get-CIPPAlerts.ps1' -1 <# .SYNOPSIS Retrieves CIPP alerts from the API. .DESCRIPTION The Get-CIPPAlerts function retrieves CIPP alerts from the API by invoking the "/api/getcippalerts" endpoint. .PARAMETER None This function does not accept any parameters. .EXAMPLE Get-CIPPAlerts Retrieves CIPP alerts from the API. #> function Get-CIPPAlerts { [CmdletBinding()] param () Write-Verbose "Getting CIPP Alerts" # Define the endpoint and parameters $endpoint = "/api/getcippalerts" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion './public/Tenant/Administration/Alerts/Get-CIPPAlerts.ps1' 28 #Region './public/Tenant/Administration/Get-CIPPAppConsentReqs.ps1' -1 <# .SYNOPSIS Retrieves app consent requests for a specific customer tenant. .DESCRIPTION The Get-CIPPAppConsentReqs function retrieves app consent requests for a specific customer tenant by making a REST API call to the "/api/listappconsentrequests" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve app consent requests. This parameter is mandatory. .EXAMPLE Get-CIPPAppConsentReqs -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves app consent requests for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPAppConsentReqs { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting app consent requests for customer: $CustomerTenantID" $Endpoint = "/api/listappconsentrequests" $Params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion './public/Tenant/Administration/Get-CIPPAppConsentReqs.ps1' 32 #Region './public/Tenant/Administration/Get-CIPPDomains.ps1' -1 <# .SYNOPSIS Retrieves the domains for a specific customer. .DESCRIPTION The Get-CIPPDomains function retrieves the domains associated with a specific customer in the CIPP system. .PARAMETER CustomerTenantID The unique identifier of the customer's tenant. .EXAMPLE Get-CIPPDomains -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" This example retrieves the domains for the customer with the tenant ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> Function Get-CIPPDomains { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Domains for customer: $CustomerTenantID" # Define the endpoint and parameters $endpoint = "/api/ListDomains" $params = @{ tenantfilter = $CustomerTenantID } # Use the Invoke-CIPPRequest function to make the request Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Administration/Get-CIPPDomains.ps1' 35 #Region './public/Tenant/Administration/Tenant/Get-CIPPADConnectStatus.ps1' -1 <# .SYNOPSIS Retrieves the AD Connect status, AD Connect settings, or AD objects in error for a specified customer tenant. .DESCRIPTION The Get-CIPPADConnectStatus function retrieves information about the AD Connect status, AD Connect settings, or AD objects in error for a specified customer tenant. It makes a REST API call to retrieve the data from the CIPP API. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which the AD Connect information is to be retrieved. .PARAMETER dataToReturn Specifies the type of data to be returned. Valid values are "AzureADConnectSettings" to retrieve AD Connect settings, "AzureADObjectsInError" to retrieve AD objects in error, or leave empty to retrieve the AD Connect status. .EXAMPLE Get-CIPPADConnectStatus -CustomerTenantID "contoso.onmicrosoft.com" -dataToReturn "AzureADConnectSettings" Retrieves the AD Connect settings for the customer tenant "contoso.onmicrosoft.com". .EXAMPLE Get-CIPPADConnectStatus -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -dataToReturn "AzureADConnectSettings" Retrieves the AD Connect settings for the customer tenant "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPADConnectStatus -CustomerTenantID "contoso.onmicrosoft.com" -dataToReturn "AzureADObjectsInError" Retrieves the AD objects in error for the customer tenant "contoso.onmicrosoft.com". .EXAMPLE Get-CIPPADConnectStatus -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -dataToReturn "AzureADObjectsInError" Retrieves the AD objects in error for the customer tenant "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPADConnectStatus -CustomerTenantID "contoso.onmicrosoft.com" Retrieves the AD Connect status for the customer tenant "contoso.onmicrosoft.com". .EXAMPLE Get-CIPPADConnectStatus -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the AD Connect status for the customer tenant "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPADConnectStatus { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [ValidateSet("AzureADConnectSettings", "AzureADObjectsInError")] [string]$dataToReturn ) if ($dataToReturn -eq "AzureADConnectSettings") { Write-Verbose "Getting AD Connect Settings for: $CustomerTenantID" } elseif ($dataToReturn -eq "AzureADObjectsInError") { Write-Verbose "Getting AD Objects in Error for: $CustomerTenantID" } else { Write-Verbose "Getting AD Connect Status for: $CustomerTenantID" } $Endpoint = "/api/listazureadconnectstatus" $Params = @{ tenantfilter = $CustomerTenantID datatoreturn = $dataToReturn } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion './public/Tenant/Administration/Tenant/Get-CIPPADConnectStatus.ps1' 63 #Region './public/Tenant/Administration/Tenant/Get-CIPPOrg.ps1' -1 <# .SYNOPSIS Retrieves information about a specific organization in the CIPP system. .DESCRIPTION The Get-CIPPOrg function retrieves information about a specific organization in the CIPP system based on the provided CustomerTenantID. .PARAMETER CustomerTenantID Specifies the unique identifier of the customer tenant. .EXAMPLE Get-CIPPOrg -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" This example retrieves information about the organization with the CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPOrg -CustomerTenantID "contoso.onmicrosoft.com" This example retrieves information about the organization with the CustomerTenantID "contoso.onmicrosoft.com". #> function Get-CIPPOrg { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting org $CustomerTenantID" $endpoint = "/api/listorg" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Administration/Tenant/Get-CIPPOrg.ps1' 34 #Region './public/Tenant/Administration/Tenant/Get-CIPPPartnerRelationships.ps1' -1 <# .SYNOPSIS Retrieves partner relationships for a specified customer tenant. .DESCRIPTION The Get-CIPPPartnerRelationships function retrieves partner relationships for a specified customer tenant by making a REST API call to the "/api/listpartnerrelationships" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve partner relationships. .EXAMPLE Get-CIPPPartnerRelationships -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves partner relationships for the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPPartnerRelationships -CustomerTenantID "contoso.onmicrosoft.com" Retrieves partner relationships for the customer tenant with ID "contoso.onmicrosoft.com". #> function Get-CIPPPartnerRelationships { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting org $CustomerTenantID" $endpoint = "/api/listpartnerrelationships" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Administration/Tenant/Get-CIPPPartnerRelationships.ps1' 34 #Region './public/Tenant/Administration/Tenant/Get-CIPPTenantDetails.ps1' -1 <# .SYNOPSIS Retrieves the details of a specific CIPP tenant. .DESCRIPTION The Get-CIPPTenantDetails function retrieves the details of a specific CIPP (Customer Information Protection Platform) tenant using the provided CustomerTenantID. .PARAMETER CustomerTenantID The unique identifier of the CIPP tenant. .EXAMPLE Get-CIPPTenantDetails -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the details of the CIPP tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPTenantDetails -CustomerTenantID "contoso.onmicrosoft.com" Retrieves the details of the CIPP tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPTenantDetails { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Tenant Details for $CustomerTenantID" $endpoint = "/api/ListTenantDetails" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Administration/Tenant/Get-CIPPTenantDetails.ps1' 34 #Region './public/Tenant/Administration/Tenant/Get-CIPPTenants.ps1' -1 <# .SYNOPSIS Retrieves a list of CIPP tenants. .DESCRIPTION The Get-CIPPTenants function retrieves a list of CIPP tenants based on the specified parameters. It makes a REST API call to the "/api/listtenants" endpoint and returns the result. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant. This parameter is optional. .PARAMETER ClearCache Indicates whether to clear the cache before retrieving the tenants. This parameter is optional. .PARAMETER TriggerRefresh Indicates whether to trigger a refresh before retrieving the tenants. This parameter is optional. .EXAMPLE Get-CIPPTenants -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -ClearCache This example retrieves the list of CIPP tenants for the specified customer tenant ID and clears the cache before retrieving the tenants. #> function Get-CIPPTenants { [CmdletBinding()] Param( [Parameter(Mandatory = $false)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [switch]$ClearCache, [Parameter(Mandatory = $false)] [switch]$TriggerRefresh ) Write-Verbose "Getting Tenants" $endpoint = "/api/listtenants" $params = @{ tenantfilter = $CustomerTenantID } if ($ClearCache) { $params.ClearCache = "true" } if ($TriggerRefresh) { $params.TriggerRefresh = "true" } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Administration/Tenant/Get-CIPPTenants.ps1' 49 #Region './public/Tenant/Conditional/Get-CIPPCAPolicies.ps1' -1 <# .SYNOPSIS Retrieves Conditional Access Policies for a specific customer tenant. .DESCRIPTION The Get-CIPPCAPolicies function retrieves the Conditional Access Policies for a specific customer tenant by making a REST API call to the "/api/listconditionalaccesspolicies" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve the Conditional Access Policies. .EXAMPLE Get-CIPPCAPolicies -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the Conditional Access Policies for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPCAPolicies -CustomerTenantID "contoso.onmicrosoft.com" Retrieves the Conditional Access Policies for the customer tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPCAPolicies { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Conditional Access Policies for customer: $CustomerTenantID" $Endpoint = "/api/listconditionalaccesspolicies" $Params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion './public/Tenant/Conditional/Get-CIPPCAPolicies.ps1' 36 #Region './public/Tenant/Conditional/Get-CIPPCATemplates.ps1' -1 <# .SYNOPSIS Retrieves Conditional Access Templates. .DESCRIPTION The Get-CIPPCATemplates function retrieves the list of Conditional Access Templates from the specified endpoint. .PARAMETER None This function does not accept any parameters. .EXAMPLE Get-CIPPCATemplates Retrieves the list of Conditional Access Templates. #> function Get-CIPPCATemplates { [CmdletBinding()] Param() Write-Verbose "Getting Conditional Access Templates" $endpoint = "/api/listcatemplates" Invoke-CIPPRestMethod -Endpoint $endpoint } #EndRegion './public/Tenant/Conditional/Get-CIPPCATemplates.ps1' 26 #Region './public/Tenant/Conditional/Get-CIPPNamedLocations.ps1' -1 <# .SYNOPSIS Retrieves named locations for a specific customer tenant. .DESCRIPTION The Get-CIPPNamedLocations function retrieves named locations for a specific customer tenant by making a REST API call to the "/api/listnamedlocations" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve named locations. .EXAMPLE Get-CIPPNamedLocations -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves named locations for the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPNamedLocations -CustomerTenantID "contoso.onmicrosoft.com" Retrieves named locations for the customer tenant with ID "contoso.onmicrosoft.com". #> function Get-CIPPNamedLocations { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting named locations for $CustomerTenantID" $endpoint = "/api/listnamedlocations" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Conditional/Get-CIPPNamedLocations.ps1' 34 #Region './public/Tenant/Conditional/Set-CIPPCAPolicy.ps1' -1 <# .SYNOPSIS Sets the Conditional Access (CA) Policy for a specific customer tenant. .DESCRIPTION The Set-CIPPCAPolicy function is used to set the Conditional Access (CA) Policy for a specific customer tenant. It allows you to enable or disable the CA Policy for the tenant. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which the CA Policy needs to be set. .PARAMETER State Specifies the state of the CA Policy. Valid values are "Enabled" and "Disabled". .PARAMETER Guid Specifies the GUID of the CA Policy. .EXAMPLE Set-CIPPCAPolicy -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -State "Enabled" -Guid "a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6" Sets the CA Policy for the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" to "Enabled" using the GUID "a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6". .EXAMPLE Set-CIPPCAPolicy -CustomerTenantID "contoso.onmicrosoft.com" -State "Enabled" -Guid "a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6" Sets the CA Policy for the customer tenant with ID "contoso.onmicrosoft.com" to "Enabled" using the GUID "a1b2c3d4-e5f6-g7h8-i9j0-k1l2m3n4o5p6". #> function Set-CIPPCAPolicy { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID, [ValidateSet("Enabled", "Disabled")] [string]$State, [Parameter(Mandatory = $true)] [guid]$Guid ) Write-Verbose "Editing CA Policy for tenant $CustomerTenantID" $endpoint = "/api/editcapolicy" $params = @{ tenantfilter = $CustomerTenantID state = $State guid = $Guid } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Conditional/Set-CIPPCAPolicy.ps1' 48 #Region './public/Tenant/GDAP/Remove-CIPPGDAPRelationship.ps1' -1 <# .SYNOPSIS Removes a GDAP (Global Data Access Point) relationship. .DESCRIPTION The Remove-CIPPGDAPRelationship function terminates a GDAP relationship by invoking a REST API endpoint. .PARAMETER GDAPID Specifies the ID of the GDAP relationship to be terminated. .EXAMPLE Remove-CIPPGDAPRelationship -GDAPID "59a6b837-2c8d-4f91-93e1-746cd82b1e37-a9d8b5e2-73cf-41a5-8de7-134f62b0c6e9" Terminates the GDAP relationship with the ID "59a6b837-2c8d-4f91-93e1-746cd82b1e37-a9d8b5e2-73cf-41a5-8de7-134f62b0c6e9". #> function Remove-CIPPGDAPRelationship { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$GDAPID ) Write-Verbose "Terminating GDAP Relationship: $GDAPID" $Endpoint = "/api/execdeletegdaprelationship" $Params = @{ gdapid = $GDAPID } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion './public/Tenant/GDAP/Remove-CIPPGDAPRelationship.ps1' 32 #Region './public/Tenant/Reports/Get-CIPPLicenses.ps1' -1 <# .SYNOPSIS Retrieves licenses for a specific customer tenant. .DESCRIPTION The Get-CIPPLicenses function retrieves licenses for a specific customer tenant by making a REST API call to the "/api/ListLicenses" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which licenses need to be retrieved. .EXAMPLE Get-CIPPLicenses -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves licenses for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPLicenses -CustomerTenantID "contoso.onmicrosoft.com" Retrieves licenses for the customer tenant with the ID "contoso.onmicrosoft.com". #> function Get-CIPPLicenses { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Licenses for $CustomerTenantID" $endpoint = "/api/ListLicenses" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Reports/Get-CIPPLicenses.ps1' 34 #Region './public/Tenant/Reports/Get-CIPPOAuthApps.ps1' -1 <# .SYNOPSIS Retrieves OAuth apps for a specific customer tenant. .DESCRIPTION The Get-CIPPOAuthApps function retrieves OAuth apps for a specific customer tenant by making a REST API call to the "/api/listoauthapps" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve OAuth apps. .EXAMPLE Get-CIPPOAuthApps -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves OAuth apps for the customer tenant with the ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPOAuthApps { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting OAuth apps for $CustomerTenantID" $endpoint = "/api/listoauthapps" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Reports/Get-CIPPOAuthApps.ps1' 30 #Region './public/Tenant/Standards/Get-CIPPBPA.ps1' -1 <# .SYNOPSIS Retrieves the BPA (Best Practices Analyzer) report for a specific customer tenant. .DESCRIPTION The Get-CIPPBPA function retrieves the BPA report for a customer tenant based on the provided CustomerTenantID. Optionally, you can specify a ReportName to filter the report. .PARAMETER CustomerTenantID Specifies the ID of the customer tenant for which to retrieve the BPA report. This parameter is optional. .PARAMETER ReportName Specifies the name of the report to filter the BPA report. This parameter is optional. .EXAMPLE Get-CIPPBPA -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -ReportName "CIPP Best Practices V1.0 - Tenant View" This example retrieves the BPA report for the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" and filters it by the report name "CIPP Best Practices V1.0 - Tenant View". #> function Get-CIPPBPA { [CmdletBinding()] Param( [Parameter(Mandatory = $false)] [string]$CustomerTenantID, [Parameter(Mandatory = $false)] [string]$ReportName ) Write-Verbose "Getting BPA Report for customer: $CustomerTenantID" $Endpoint = "/api/listbpa" $Params = @{ tenantfilter = $CustomerTenantID Report = $ReportName } Invoke-CIPPRestMethod -Endpoint $Endpoint -Params $Params } #EndRegion './public/Tenant/Standards/Get-CIPPBPA.ps1' 39 #Region './public/Tenant/Standards/Get-CIPPBPATemplates.ps1' -1 <# .SYNOPSIS Retrieves the CIPP BPA Templates. .DESCRIPTION The Get-CIPPBPATemplates function retrieves the CIPP (Continuous Improvement and Performance Program) BPA (Best Practice Assessment) Templates from the specified API endpoint. .PARAMETER None This function does not accept any parameters. .EXAMPLE Get-CIPPBPATemplates Retrieves the CIPP BPA Templates. #> function Get-CIPPBPATemplates { [CmdletBinding()] Param() Write-Verbose "Getting BPA Templates" $Endpoint = "/api/listbpatemplates" Invoke-CIPPRestMethod -Endpoint $Endpoint } #EndRegion './public/Tenant/Standards/Get-CIPPBPATemplates.ps1' 27 #Region './public/Tenant/Standards/Get-CIPPDomainAnalyser.ps1' -1 <# .SYNOPSIS Retrieves the list of domain analyzers for a specific customer tenant. .DESCRIPTION The Get-CIPPDomainAnalyser function retrieves the list of domain analyzers associated with a specific customer tenant. It makes a REST API call to retrieve the list of domain analyzers based on the provided customer tenant ID. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve the domain analyzers. .EXAMPLE Get-CIPPDomainAnalyser -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the list of domain analyzers for the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". #> function Get-CIPPDomainAnalyser { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting Domain Analyser List for customer: $CustomerTenantID" $endpoint = "/api/ListDomainAnalyser" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Standards/Get-CIPPDomainAnalyser.ps1' 30 #Region './public/Tenant/Standards/Get-CIPPDomainHealth.ps1' -1 <# .SYNOPSIS Gets the domain health information for a specified domain. .DESCRIPTION The Get-CIPPDomainHealth function retrieves domain health information for a specified domain using the CIPP API. It supports various actions such as reading WHOIS records, NS records, MX records, SPF records, DMARC policies, DKIM records, testing DNSSEC, and testing MTA-STS. .PARAMETER DomainName Specifies the name of the domain for which to retrieve the health information. .PARAMETER Action Specifies the action to perform for retrieving the domain health information. Valid values are: - ReadWhoisRecord: Retrieves the WHOIS record for the domain. - ReadNSRecord: Retrieves the NS record for the domain. - ReadMXRecord: Retrieves the MX record for the domain. - ReadSpfRecord: Retrieves the SPF record for the domain. - ReadDmarcPolicy: Retrieves the DMARC policy for the domain. - ReadDkimRecord: Retrieves the DKIM record for the domain. - TestDNSSEC: Tests DNSSEC for the domain. - TestMtaSts: Tests MTA-STS for the domain. .EXAMPLE PS> Get-CIPPDomainHealth -DomainName "contoso.onmicrosoft.com" -Action "ReadWhoisRecord" Retrieves the WHOIS record for the domain "contoso.onmicrosoft.com". .EXAMPLE PS> Get-CIPPDomainHealth -DomainName "contoso.onmicrosoft.com" -Action "TestDNSSEC" Tests DNSSEC for the domain "contoso.onmicrosoft.com". #> function Get-CIPPDomainHealth { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$DomainName, [Parameter(Mandatory = $true)] [ValidateSet("ReadWhoisRecord", "ReadNSRecord", "ReadMXRecord", "ReadSpfRecord", "ReadDmarcPolicy", "ReadDkimRecord", "TestDNSSEC", "TestMtaSts")] [string]$Action ) Write-Verbose "Getting Domain Health for $DomainName with action $Action" $endpoint = "/api/listdomainhealth" $params = @{ Domain = $DomainName Action = $action } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Standards/Get-CIPPDomainHealth.ps1' 52 #Region './public/Tenant/Standards/Get-CIPPStandards.ps1' -1 <# .SYNOPSIS Retrieves the CIPP standards for a specific customer tenant. .DESCRIPTION The Get-CIPPStandards function retrieves the CIPP standards for a specific customer tenant by making a REST API call to the "/api/liststandards" endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which to retrieve the standards. .EXAMPLE Get-CIPPStandards -CustomerTenantID "7ced1621-b8f7-4231-868c-bc6b1a2f1778" Retrieves the CIPP standards for the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPStandards -CustomerTenantID "test.onmicrosoft.com" Retrieves the CIPP standards for the customer tenant with ID "test.onmicrosoft.com". #> function Get-CIPPStandards { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Getting standards for $CustomerTenantID" $endpoint = "/api/liststandards" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Standards/Get-CIPPStandards.ps1' 34 #Region './public/Tenant/Standards/Set-CIPPStandardsRun.ps1' -1 <# .SYNOPSIS Runs standards for a specific customer tenant. .DESCRIPTION The Set-CIPPStandardsRun function runs standards for a specific customer tenant by invoking a REST API endpoint. .PARAMETER CustomerTenantID The ID of the customer tenant for which the standards should be run. .EXAMPLE Set-CIPPStandardsRun -CustomerTenantID "contoso.onmicrosoft.com" Runs standards for the customer tenant with ID "contoso.onmicrosoft.com". #> function Set-CIPPStandardsRun { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantID ) Write-Verbose "Running standards for $CustomerTenantID" $endpoint = "/api/execstandardsrun" $params = @{ tenantfilter = $CustomerTenantID } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Standards/Set-CIPPStandardsRun.ps1' 30 #Region './public/Tenant/Tools/Get-CIPPAuditLogTest.ps1' -1 <# .SYNOPSIS Retrieves audit logs for a specified customer tenant. .DESCRIPTION The Get-CIPPAuditLogTest function retrieves audit logs for a specified customer tenant based on the log type. .PARAMETER CustomerTenantId Specifies the ID of the customer tenant for which to retrieve audit logs. .PARAMETER LogType Specifies the type of audit logs to retrieve. Valid values are 'Audit.Exchange' and 'Audit.AzureActiveDirectory'. .EXAMPLE Get-CIPPAuditLogTest -CustomerTenantId "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -LogType "Audit.Exchange" Retrieves Exchange audit logs for the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPAuditLogTest -CustomerTenantId "7ced1621-b8f7-4231-868c-bc6b1a2f1778" -LogType "Audit.AzureActiveDirectory" Retrieves Azure Active Directory audit logs for the customer tenant with ID "7ced1621-b8f7-4231-868c-bc6b1a2f1778". .EXAMPLE Get-CIPPAuditLogTest -CustomerTenantId "test.onmicrosoft.com" -LogType "Audit.Exchange" Retrieves Azure Active Directory audit logs for the customer tenant "test.onmicrosoft.com". #> function Get-CIPPAuditLogTest { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$CustomerTenantId, [Parameter(Mandatory = $true)] [validateset('Audit.Exchange','Audit.AzureActiveDirectory')] [string]$LogType ) Write-Verbose "Looking up $LogType logs for tenant $CustomerTenantId" $endpoint = "/api/ListAuditLogTest" $params = @{ TenantFilter = $CustomerTenantId LogType = $LogType } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Tools/Get-CIPPAuditLogTest.ps1' 46 #Region './public/Tenant/Tools/Get-CIPPExternalGEOIPLookup.ps1' -1 <# .SYNOPSIS Performs a Geo IP lookup for a given IP address. .DESCRIPTION The Get-CIPPExternalGEOIPLookup function performs a Geo IP lookup for a given IP address using a REST API. It retrieves information about the geographical location of the IP address. .PARAMETER IP Specifies the IP address for which the Geo IP lookup needs to be performed. The IP address can be in IPv4 or IPv6 format. .EXAMPLE Get-CIPPExternalGEOIPLookup -IP "8.8.8.8" Performs a Geo IP lookup for the IP address "8.8.8.8". .EXAMPLE Get-CIPPExternalGEOIPLookup -IP "2001:0db8:85a3:0000:0000:8a2e:0370:7334" Performs a Geo IP lookup for the IP address "2001:0db8:85a3:0000:0000:8a2e:0370:7334". .INPUTS None. You cannot pipe input to this function. .OUTPUTS System.Object. The function returns the result of the Geo IP lookup as an object. .NOTES This function requires the Invoke-CIPPRestMethod function to be available in the current session. .LINK Invoke-CIPPRestMethod #> function Get-CIPPExternalGEOIPLookup { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [ValidatePattern('^(?:(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$|^((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){1,7}:)|(([0-9A-Fa-f]{1,4}:){1,6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,5}(:[0-9A-Fa-f]{1,4}){1,2})|(([0-9A-Fa-f]{1,4}:){1,4}(:[0-9A-Fa-f]{1,4}){1,3})|(([0-9A-Fa-f]{1,4}:){1,3}(:[0-9A-Fa-f]{1,4}){1,4})|(([0-9A-Fa-f]{1,4}:){1,2}(:[0-9A-Fa-f]{1,4}){1,5})|(([0-9A-Fa-f]{1,4}:):(:[0-9A-Fa-f]{1,4}){1,6})|(::([0-9A-Fa-f]{1,4}:){1,7}))$')] [string]$IP ) Write-Verbose "Looking up $ip in Geo DB" $endpoint = "/api/execgeoiplookup" $params = @{ ip = $IP } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Tools/Get-CIPPExternalGEOIPLookup.ps1' 47 #Region './public/Tenant/Tools/Get-CIPPExternalTenantInfo.ps1' -1 <# .SYNOPSIS Retrieves external tenant information for a specified tenant. .DESCRIPTION The Get-CIPPExternalTenantInfo function retrieves external tenant information for a specified tenant by making a REST API call to the "/api/ListExternalTenantInfo" endpoint. .PARAMETER Tenant Specifies the name of the tenant for which to retrieve the external tenant information. .EXAMPLE Get-CIPPExternalTenantInfo -Tenant "Contoso.com" Retrieves the external tenant information for the "Contoso" tenant. #> function Get-CIPPExternalTenantInfo { [CmdletBinding()] Param( [Parameter(Mandatory = $true)] [string]$Tenant ) Write-Verbose "Getting Tenant info for $Tenant" $endpoint = "/api/ListExternalTenantInfo" $params = @{ tenant = $Tenant } Invoke-CIPPRestMethod -Endpoint $endpoint -Params $params } #EndRegion './public/Tenant/Tools/Get-CIPPExternalTenantInfo.ps1' 31 |