feat: add Allow On Access Protection and Disable Local Admin Merge settings to Invoke-AddDefenderDeployment function

Author: kris6673

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-AddDefenderDeployment.ps1

@@ -98,19 +98,22 @@ function Invoke-AddDefenderDeployment {
                     } { $_.LowCPU } {
                         @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_enablelowcpupriority' ; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_policy_config_defender_enablelowcpupriority_1' ; settingValueTemplateReference = @{settingValueTemplateId = '045a4a13-deee-4e24-9fe4-985c9357680d' } } ; settingInstanceTemplateReference = @{settingInstanceTemplateId = 'cdeb96cf-18f5-4477-a710-0ea9ecc618af' } } }
                     } { $_.CloudBlockLevel } {
-                        @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_cloudblocklevel'; settingInstanceTemplateReference = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference'; settingInstanceTemplateId = 'c7a37009-c16e-4145-84c8-89a8c121fb15' }; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = "device_vendor_msft_policy_config_defender_cloudblocklevel_$($_.CloudBlockLevel.value)"; settingValueTemplateReference = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference'; settingValueTemplateId = '517b4e84-e933-42b9-b92f-00e640b1a82d' }; children = @() } } }
+                        @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_cloudblocklevel'; settingInstanceTemplateReference = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference'; settingInstanceTemplateId = 'c7a37009-c16e-4145-84c8-89a8c121fb15' }; choiceSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = "device_vendor_msft_policy_config_defender_cloudblocklevel_$($_.CloudBlockLevel.value ?? '0')"; settingValueTemplateReference = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference'; settingValueTemplateId = '517b4e84-e933-42b9-b92f-00e640b1a82d' } } } }
                     } { $_.AvgCPULoadFactor } {
                         @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance' ; settingDefinitionId = 'device_vendor_msft_policy_config_defender_avgcpuloadfactor' ; settingInstanceTemplateReference = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference' ; settingInstanceTemplateId = '816cc03e-8f96-4cba-b14f-2658d031a79a' } ; simpleSettingValue = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationIntegerSettingValue'; value = ($_.AvgCPULoadFactor ?? 50); settingValueTemplateReference = @{'@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference'; settingValueTemplateId = '37195fb1-3743-4c8e-a0ce-b6fae6fa3acd' } } } }
                     } { $_.CloudExtendedTimeout } {
                         @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting' ; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_cloudextendedtimeout'; settingInstanceTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference'; settingInstanceTemplateId = 'f61c2788-14e4-4e80-a5a7-bf2ff5052f63' }; simpleSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationIntegerSettingValue'; value = ($_.CloudExtendedTimeout ?? 50); settingValueTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference'; settingValueTemplateId = '608f1561-b603-46bd-bf5f-0b9872002f75' } } } }
                     } { $_.SignatureUpdateInterval } {
                         @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_signatureupdateinterval'; settingInstanceTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference'; settingInstanceTemplateId = '89879f27-6b7d-44d4-a08e-0a0de3e9663d' }; simpleSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationIntegerSettingValue'; value = ($_.SignatureUpdateInterval ?? 8); settingValueTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference'; settingValueTemplateId = '0af6bbed-a74a-4d08-8587-b16b10b774cb' } } } }
                     } { $_.MeteredConnectionUpdates } {
-                        @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_defender_configuration_meteredconnectionupdates'; settingInstanceTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference'; settingInstanceTemplateId = '7e3aaffb-309f-46de-8cd7-25c1a3b19e5b' }; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_defender_configuration_meteredconnectionupdates_1'; settingValueTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference'; settingValueTemplateId = '20cf972c-be3f-4bc1-93d3-781829d55233' }; children = @() } } }
+                        @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_defender_configuration_meteredconnectionupdates'; settingInstanceTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference'; settingInstanceTemplateId = '7e3aaffb-309f-46de-8cd7-25c1a3b19e5b' }; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_defender_configuration_meteredconnectionupdates_1'; settingValueTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference'; settingValueTemplateId = '20cf972c-be3f-4bc1-93d3-781829d55233' } } } }
+                    } { $_.AllowOnAccessProtection } {
+                        @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_policy_config_defender_allowonaccessprotection'; settingInstanceTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference'; settingInstanceTemplateId = 'afbc322b-083c-4281-8242-ebbb91398b41' }; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = "device_vendor_msft_policy_config_defender_allowonaccessprotection_$($_.AllowOnAccessProtection.value ?? '1')"; settingValueTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference'; settingValueTemplateId = 'ed077fee-9803-44f3-b045-aab34d8e6d52' } } } }
+                    } { $_.DisableLocalAdminMerge } {
+                        @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSetting'; settingInstance = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance'; settingDefinitionId = 'device_vendor_msft_defender_configuration_disablelocaladminmerge'; settingInstanceTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingInstanceTemplateReference'; settingInstanceTemplateId = '5f9a9c65-dea7-4987-a5f5-b28cfd9762ba' }; choiceSettingValue = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingValue'; value = 'device_vendor_msft_defender_configuration_disablelocaladminmerge_1'; settingValueTemplateReference = @{ '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSettingValueTemplateReference'; settingValueTemplateId = '3a9774b2-3143-47eb-bbca-d73c0ace2b7e' } } } }
                     }
 
                     # TODO: Add more settings
-                    # Allow On Access Protection
                     # Disable Local Admin Merge
                     # Submit Samples Consent
                     # Remediation actions