Merge pull request #313 from KelvinTegelaar/dev

pull[bot] · web-flow · commit 21647f87b33f · 2025-06-17T18:41:05.000Z
[pull] dev from KelvinTegelaar:dev
diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-NormalizedError.ps1
@@ -3,6 +3,7 @@ function Get-NormalizedError {
     .FUNCTIONALITY
     Internal
     #>
+    [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingEmptyCatchBlock', '', Justification = 'CIPP does not use this function to catch errors')]
     [CmdletBinding()]
     param (
         [string]$message
@@ -21,16 +22,16 @@ function Get-NormalizedError {
 
     #We need to check if the message is in one of these fields, and if so, return it.
     if ($JSONMsg.error.innererror.message) {
-        Write-Host "innererror.message found: $($JSONMsg.error.innererror.message)"
+        Write-Information "innererror.message found: $($JSONMsg.error.innererror.message)"
         $message = $JSONMsg.error.innererror.message
     } elseif ($JSONMsg.error.message) {
-        Write-Host "error.message found: $($JSONMsg.error.message)"
+        Write-Information "error.message found: $($JSONMsg.error.message)"
         $message = $JSONMsg.error.message
     } elseif ($JSONMsg.error.details.message) {
-        Write-Host "error.details.message found: $($JSONMsg.error.details.message)"
+        Write-Information "error.details.message found: $($JSONMsg.error.details.message)"
         $message = $JSONMsg.error.details.message
     } elseif ($JSONMsg.error.innererror.internalException.message) {
-        Write-Host "error.innererror.internalException.message found: $($JSONMsg.error.innererror.internalException.message)"
+        Write-Information "error.innererror.internalException.message found: $($JSONMsg.error.innererror.internalException.message)"
         $message = $JSONMsg.error.innererror.internalException.message
     }
 
@@ -46,7 +47,7 @@ function Get-NormalizedError {
         '*User was not found.*' { 'The relationship between this tenant and the partner has been dissolved from the tenant side.' }
         '*AADSTS50020*' { 'AADSTS50020: The user you have used for your Secure Application Model is a guest in this tenant, or your are using GDAP and have not added the user to the correct group. Please delete the guest user to gain access to this tenant' }
         '*AADSTS50177' { 'AADSTS50177: The user you have used for your Secure Application Model is a guest in this tenant, or your are using GDAP and have not added the user to the correct group. Please delete the guest user to gain access to this tenant' }
-        '*invalid or malformed*' { 'The request is malformed. Have you finished the SAM Setup?' }
+        '*invalid or malformed*' { 'The request is malformed. Have you finished the Setup Wizard' }
         '*Windows Store repository apps feature is not supported for this tenant*' { 'This tenant does not have WinGet support available' }
         '*AADSTS650051*' { 'The application does not exist yet. Try again in 30 seconds.' }
         '*AppLifecycle_2210*' { 'Failed to call Intune APIs: Does the tenant have a license available?' }
@@ -58,15 +59,15 @@ function Get-NormalizedError {
         '*Authentication failed. MFA required*' { 'Authentication failed. MFA required' }
         '*Your tenant is not licensed for this feature.*' { 'Required license not available for this tenant' }
         '*AADSTS65001*' { 'We cannot access this tenant as consent has not been given, please try refreshing the CPV permissions in the application settings menu.' }
-        '*AADSTS700082*' { 'The CIPP user access token has expired. Run the SAM Setup wizard to refresh your tokens.' }
+        '*AADSTS700082*' { 'The CIPP user access token has expired. Run the Setup Wizard to refresh your tokens.' }
         '*Account is not provisioned.' { 'The account is not provisioned. You do not the correct M365 license to access this information..' }
         '*AADSTS5000224*' { 'This resource is not available - Has this tenant been deleted?' }
         '*AADSTS53003*' { 'Access has been blocked by Conditional Access policies. Please check the Conditional Access configuration documentation' }
         '*AADSTS900023*' { 'This tenant is not available for this operation. Please check the selected tenant and try again.' }
         '*AADSTS9002313*' { 'The credentials used to connect to the Graph API are not available, please retry. If this issue persists you may need to execute the SAM wizard.' }
         '*One or more platform(s) is/are not configured for the customer. Please configure the platform before trying to purchase a SKU.*' { 'One or more platform(s) is/are not configured for the customer. Please configure the platform before trying to purchase a SKU.' }
         "One or more added object references already exist for the following modified properties: 'members'." { 'This user is already a member of the selected group.' }
-        Default { $message }
+        default { $message }
 
     }
 }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAutopilotProfile.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAutopilotProfile.ps1
@@ -43,42 +43,44 @@ function Invoke-CIPPStandardAutopilotProfile {
 
     # Get the current configuration
     try {
+        # Replace variables in displayname to prevent duplicates
+        $DisplayName = Get-CIPPTextReplacement -Text $Settings.DisplayName -TenantFilter $Tenant
+
         $CurrentConfig = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/windowsAutopilotDeploymentProfiles' -tenantid $Tenant |
-        Where-Object { $_.displayName -eq $Settings.DisplayName } |
-        Select-Object -Property displayName, description, deviceNameTemplate, language, enableWhiteGlove, extractHardwareHash, outOfBoxExperienceSetting, preprovisioningAllowed
+            Where-Object { $_.displayName -eq $DisplayName } |
+            Select-Object -Property displayName, description, deviceNameTemplate, language, enableWhiteGlove, extractHardwareHash, outOfBoxExperienceSetting, preprovisioningAllowed
 
         if ($Settings.NotLocalAdmin -eq $true) { $userType = 'Standard' } else { $userType = 'Administrator' }
         if ($Settings.SelfDeployingMode -eq $true) { $DeploymentMode = 'shared' } else { $DeploymentMode = 'singleUser' }
-        if ($Settings.AllowWhiteGlove -eq $true) {$Settings.HideChangeAccount = $true}
+        if ($Settings.AllowWhiteGlove -eq $true) { $Settings.HideChangeAccount = $true }
 
-        $StateIsCorrect = ($CurrentConfig.displayName -eq $Settings.DisplayName) -and
-            ($CurrentConfig.description -eq $Settings.Description) -and
-            ($CurrentConfig.deviceNameTemplate -eq $Settings.DeviceNameTemplate) -and
-            ([string]::IsNullOrWhiteSpace($CurrentConfig.language) -and [string]::IsNullOrWhiteSpace($Settings.Languages.value) -or $CurrentConfig.language -eq $Settings.Languages.value) -and
-            ($CurrentConfig.enableWhiteGlove -eq $Settings.AllowWhiteGlove) -and
-            ($CurrentConfig.extractHardwareHash -eq $Settings.CollectHash) -and
-            ($CurrentConfig.outOfBoxExperienceSetting.deviceUsageType -eq $DeploymentMode) -and
-            ($CurrentConfig.outOfBoxExperienceSetting.escapeLinkHidden -eq $Settings.HideChangeAccount) -and
-            ($CurrentConfig.outOfBoxExperienceSetting.privacySettingsHidden -eq $Settings.HidePrivacy) -and
-            ($CurrentConfig.outOfBoxExperienceSetting.eulaHidden -eq $Settings.HideTerms) -and
-            ($CurrentConfig.outOfBoxExperienceSetting.userType -eq $userType) -and
-            ($CurrentConfig.outOfBoxExperienceSetting.keyboardSelectionPageSkipped -eq $Settings.AutoKeyboard)
-    }
-    catch {
+        $StateIsCorrect = ($CurrentConfig.displayName -eq $DisplayName) -and
+        ($CurrentConfig.description -eq $Settings.Description) -and
+        ($CurrentConfig.deviceNameTemplate -eq $Settings.DeviceNameTemplate) -and
+        ([string]::IsNullOrWhiteSpace($CurrentConfig.language) -and [string]::IsNullOrWhiteSpace($Settings.Languages.value) -or $CurrentConfig.language -eq $Settings.Languages.value) -and
+        ($CurrentConfig.enableWhiteGlove -eq $Settings.AllowWhiteGlove) -and
+        ($CurrentConfig.extractHardwareHash -eq $Settings.CollectHash) -and
+        ($CurrentConfig.outOfBoxExperienceSetting.deviceUsageType -eq $DeploymentMode) -and
+        ($CurrentConfig.outOfBoxExperienceSetting.escapeLinkHidden -eq $Settings.HideChangeAccount) -and
+        ($CurrentConfig.outOfBoxExperienceSetting.privacySettingsHidden -eq $Settings.HidePrivacy) -and
+        ($CurrentConfig.outOfBoxExperienceSetting.eulaHidden -eq $Settings.HideTerms) -and
+        ($CurrentConfig.outOfBoxExperienceSetting.userType -eq $userType) -and
+        ($CurrentConfig.outOfBoxExperienceSetting.keyboardSelectionPageSkipped -eq $Settings.AutoKeyboard)
+    } catch {
         $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
         Write-LogMessage -API 'Standards' -tenant $Tenant -message "Failed to check Autopilot profile: $ErrorMessage" -sev Error
         $StateIsCorrect = $false
     }
 
     # Remediate if the state is not correct
-    If ($Settings.remediate -eq $true) {
+    if ($Settings.remediate -eq $true) {
         if ($StateIsCorrect -eq $true) {
-            Write-LogMessage -API 'Standards' -tenant $Tenant -message "Autopilot profile '$($Settings.DisplayName)' already exists" -sev Info
+            Write-LogMessage -API 'Standards' -tenant $Tenant -message "Autopilot profile '$($DisplayName)' already exists" -sev Info
         } else {
             try {
                 $Parameters = @{
                     tenantFilter       = $Tenant
-                    displayName        = $Settings.DisplayName
+                    displayName        = $DisplayName
                     description        = $Settings.Description
                     userType           = $userType
                     DeploymentMode     = $DeploymentMode
@@ -95,9 +97,9 @@ function Invoke-CIPPStandardAutopilotProfile {
 
                 Set-CIPPDefaultAPDeploymentProfile @Parameters
                 if ($null -eq $CurrentConfig) {
-                    Write-LogMessage -API 'Standards' -tenant $Tenant -message "Created Autopilot profile '$($Settings.DisplayName)'" -sev Info
+                    Write-LogMessage -API 'Standards' -tenant $Tenant -message "Created Autopilot profile '$($DisplayName)'" -sev Info
                 } else {
-                    Write-LogMessage -API 'Standards' -tenant $Tenant -message "Updated Autopilot profile '$($Settings.DisplayName)'" -sev Info
+                    Write-LogMessage -API 'Standards' -tenant $Tenant -message "Updated Autopilot profile '$($DisplayName)'" -sev Info
                 }
             } catch {
                 $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
@@ -108,19 +110,19 @@ function Invoke-CIPPStandardAutopilotProfile {
     }
 
     # Report
-    If ($Settings.report -eq $true) {
+    if ($Settings.report -eq $true) {
         $FieldValue = $StateIsCorrect -eq $true ? $true : $CurrentConfig
         Set-CIPPStandardsCompareField -FieldName 'standards.AutopilotProfile' -FieldValue $FieldValue -TenantFilter $Tenant
         Add-CIPPBPAField -FieldName 'AutopilotProfile' -FieldValue [bool]$StateIsCorrect -StoreAs bool -Tenant $Tenant
     }
 
     # Alert
-    If ($Settings.alert -eq $true) {
-        If ($StateIsCorrect -eq $true) {
-            Write-LogMessage -API 'Standards' -tenant $Tenant -message "Autopilot profile '$($Settings.DisplayName)' exists" -sev Info
+    if ($Settings.alert -eq $true) {
+        if ($StateIsCorrect -eq $true) {
+            Write-LogMessage -API 'Standards' -tenant $Tenant -message "Autopilot profile '$($DisplayName)' exists" -sev Info
         } else {
-            Write-StandardsAlert -message "Autopilot profile '$($Settings.DisplayName)' do not match expected configuration" -object $CurrentConfig -tenant $Tenant -standardName 'AutopilotProfile' -standardId $Settings.standardId
-            Write-LogMessage -API 'Standards' -tenant $Tenant -message "Autopilot profile '$($Settings.DisplayName)' do not match expected configuration" -sev Info
+            Write-StandardsAlert -message "Autopilot profile '$($DisplayName)' do not match expected configuration" -object $CurrentConfig -tenant $Tenant -standardName 'AutopilotProfile' -standardId $Settings.standardId
+            Write-LogMessage -API 'Standards' -tenant $Tenant -message "Autopilot profile '$($DisplayName)' do not match expected configuration" -sev Info
         }
     }
 }
