JyskIT.Automation

0.9.1

Public/TenantConfiguration/Baseline/Add-BaselineConfiguration.ps1

                                function Add-BaselineConfiguration {

    param(

        [Parameter(Mandatory)]

        [string]$TenantId

    )

    try {

        Connect-CustomerGraph -CustomerTenantId $TenantId

        # These are dependent on each other, so we need to run them in a specific order

        $BaselineItems = @(

            @{command="Add-BaselineGroups";Description="Baseline groups (Device/User)"},    

            @{command="Add-AuthenticationMethodPolicy";Description="Authentication method policy"},

            @{command="Add-AuthenticationStrengths";Description="Authentication strengths"},

            @{command="Add-NamedLocations";Description="Named locations"},

            @{command="Add-ConditionalAccessPolicies";Description="Conditional access policies"},

            @{command="Add-AuthorizationPolicies";Description="Authorization policies"},

            @{command="Add-DeviceRegistrationPolicy";Description="Device registration policy"},

            @{command="Add-AppProtectionPolicies";Description="App protection policies"},

            @{command="Add-DeviceEnrollmentConfiguration";Description="Device enrollment configuration"}

            @{command="Add-ConfigurationPolicies";Description="Configuration policies"},

            @{command="Add-WUFBConfiguration";Description="Windows Update for Business configuration"},

            @{command="Add-WindowsHelloForBusinessPINReset";Description="Windows Hello for Business PIN reset"},

            @{command="Add-CompliancePolicies";Description="Compliance policies"},

            @{command="Add-EOPPolicies";Description="Exchange Online Protection policies"}

        )

        $SelectedBaselineItems = $BaselineItems | Select-Object -Property command, Description | Out-ConsoleGridView -Title "Baseline items to be added" -OutputMode Multiple

        $Hybrid = (Read-Host "Is this a hybrid tenant? (Y/N)").ToLower() -eq "y"

        # Loop the selected baseline items and add them dynamically inserting the command name and percentage, add the hybrid parameter if needed (some items require it)

        foreach($SelectedBaselineItem in $SelectedBaselineItems) {

            Write-Progress -Activity "Creating baseline configuration for tenant '$TenantId'.." -Status "Adding $($SelectedBaselineItem.description)" -PercentComplete 0

            if($SelectedBaselineItem.name -eq "DeviceEnrollmentConfiguration") {

                & $($SelectedBaselineItem.command) -TenantId $TenantId -Hybrid $Hybrid

            } else {

                & $($SelectedBaselineItem.command) -TenantId $TenantId

            }

        }

        Write-Host "Baseline configuration sucessfully created for tenant '$TenantId'." -ForegroundColor Green

        Write-Host "Please visit https://bit.ly/m365baseline to see the next steps, and to complete the configuration." -ForegroundColor Yellow

    }

    catch {

        throw "Failed to create baseline configuration: $_"

    }

}