Modules/M365DSCCheckProperties.psm1
|
<#
.Description This function checks if properties of existing resources are up to date. Creates a report about missing or outdated properties of existing resources and a list of missing resources. .Functionality Internal #> function Get-PropertyReport { param ( [Parameter(Mandatory = $true)] [System.String] $DestinationFolder, [Parameter()] [System.Management.Automation.PSCredential] $Credential ) # list of cmdlet parameters to be ignored $invalidParameters = @('ErrorVariable', ` 'ErrorAction', ` 'InformationVariable', ` 'InformationAction', ` 'WarningVariable', ` 'WarningAction', ` 'OutVariable', ` 'OutBuffer', ` 'PipelineVariable', ` 'Verbose', ` 'WhatIf', ` 'Debug', 'Confirm', 'AsJob') # list of M365 DSC resource properties to be ignored $invalidProperties = @('ErrorVariable', ` 'ErrorAction', ` 'InformationVariable', ` 'InformationAction', ` 'WarningVariable', ` 'WarningAction', ` 'OutVariable', ` 'OutBuffer', ` 'PipelineVariable', ` 'Verbose', ` 'WhatIf', ` 'Debug', 'Credential', 'ApplicationId', 'Ensure', 'TenantId', 'CertificateThumbprint', 'CertificatePath', 'CertificatePassword', 'IsSingleInstance') # list of M365 workloads to check $workloads = @( @{Name = 'ExchangeOnline'; ModuleName = 'ExchangeOnlineManagement'; CommandName = 'Get-Mailbox'; Prefix = 'EXO'; } @{Name = 'MicrosoftTeams'; ModuleName = 'MicrosoftTeams'; Prefix = 'Teams'; } @{Name = 'SecurityComplianceCenter'; ModuleName = 'ExchangeOnlineManagement'; CommandName = 'Set-ComplianceCase'; Prefix = 'SC'; } ) # mapping table for resources with names different from cmdlet name $cmdletMapping = @{ CasMailbox = 'CASMailboxSettings' Mailbox = 'SharedMailbox' MailboxRegionalConfiguration = 'MailboxSettings' EXOPerimeterConfig = 'PerimeterConfiguration' } $missingResources = @() $report = @() if ($null -eq $Credential) { $Credential = Get-Credential $PSBoundParameters.Add('Credential', $Credential) } $folderPath = Join-Path $PSScriptRoot -ChildPath '../DSCResources' Write-Verbose "Folderpath of DSC resources: $folderPath" foreach ($module in $workloads) { Write-Verbose "Connecting to {$($Module.Name)}" $ConnectionMode = New-M365DSCConnection -Workload ($Module.Name) -InboundParameters $PSBoundParameters Write-Verbose "Getting list of cmdlets of {$($Module.ModuleName)}..." $CurrentModuleName = $Module.ModuleName if ($null -eq $CurrentModuleName -or $Module.CommandName) { Write-Verbose "Loading proxy for $($Module.ModuleName)" $foundModule = Get-Module | Where-Object -FilterScript { $_.ExportedCommands.Values.Name -ccontains $Module.CommandName } $CurrentModuleName = $foundModule.Name Import-Module $CurrentModuleName -Force -Global -ErrorAction SilentlyContinue } else { Import-Module $CurrentModuleName -Force -Global -ErrorAction SilentlyContinue $ConnectionMode = New-M365DSCConnection -Workload $Module.Name -InboundParameters $PSBoundParameters } $cmdlets = Get-Command -CommandType 'Function' -Module $CurrentModuleName $setCmdlets = $cmdlets | Where-Object { $_.Name -like 'Set-*' } Write-Verbose "Found $($setCmdlets.Count) Set-* cmdlets for $($Module.ModuleName) ($($cmdlets.Count) in total)" $i = 1 foreach ($cmdlet in $setCmdlets) { Write-Progress -Activity 'Checking resources' -Status $cmdlet.Name -PercentComplete (($i / $setCmdlets.Length) * 100) $resourceExists = $false $resourceName = 'MSFT_' + $module.Prefix + $cmdlet.Name.split('-')[1] if ($module.ModuleName -eq 'MicrosoftTeams' -and $resourceName -like '*TeamsCsTeams*') { $resourceName = $resourceName -replace ('TeamsCsTeams', 'Teams') } if ($module.ModuleName -eq 'MicrosoftTeams' -and $resourceName -like '*TeamsCs*') { $resourceName = $resourceName -replace ('TeamsCs', 'Teams') } $foundInFiles = Get-ChildItem -Path $folderPath | Where-Object { $_.Name -like $resourceName } if ($null -eq $foundInFiles) { $resourceNameFromMapping = $cmdletMapping[$cmdlet.Name.split('-')[1]] if ($null -ne $resourceNameFromMapping) { $resourceName = 'MSFT_' + $module.Prefix + $resourceNameFromMapping $foundInFiles = Get-ChildItem -Path $folderPath | Where-Object { $_.Name -like $resourceName } if ($null -ne $foundInFiles) { $resourceExists = $true } } } else { $resourceExists = $true } if ($resourceExists) { # Get parameter of cmdlet Write-Verbose "Get parameters of cmdlet $($cmdlet.Name)" $targetParameters = @() $resourceParamters = @() $cmdletParameters = (Get-Command $cmdlet.Name).Parameters foreach ($parameter in $cmdletParameters.Keys) { if ($parameter -notin $invalidParameters) { $targetParameters += $parameter } } # Get properties of DSC resource Write-Verbose "Get properties of resource $resourceName" Import-Module $($folderPath + '\' + $resourceName) -Force $resourceProperties = (Get-Command Set-TargetResource -Module $resourceName).Parameters foreach ($property in $resourceProperties.Keys) { if ($property -notin $invalidProperties) { $resourceParamters += $property } } Remove-Module -Name $resourceName -Force -Confirm:$false # Compare properties Write-Verbose "Compare parameters of $resourceName" $difference = Compare-Object -ReferenceObject @($targetParameters | Select-Object) -DifferenceObject @($resourceParamters | Select-Object) -IncludeEqual $missingProperties = ($difference | Where-Object { $_.SideIndicator -eq '<=' }).InputObject $addtionalProperties = ($difference | Where-Object { $_.SideIndicator -eq '=>' }).InputObject # Add to report $cmdletResult = [PSCustomObject]@{ 'M365DSCResource' = $resourceName 'Cmdlet' = $cmdlet.Name 'Service' = $module.Name 'MissingProperties' = $missingProperties -join ('; ') 'AdditionalProperties' = $addtionalProperties -join ('; ') } $report += $cmdletResult } else { $missingResources += $resourceName Write-Verbose "Resource $resourceName not found." } $i++ } } # Export reports Write-Verbose 'Export reports' $report | Export-Csv -NoTypeInformation -Path "$DestinationFolder\M365DSC-Properties-Report.csv" -Delimiter ',' $missingResources | Out-File "$DestinationFolder\MissingDSCResources.csv" } Export-ModuleMember -Function @( 'Get-PropertyReport' ) |