Merge pull request #169 from KelvinTegelaar/dev

pull[bot] · web-flow · commit 682579de6fa3 · 2025-03-25T20:49:12.000Z
[pull] dev from KelvinTegelaar:dev
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardActivityBasedTimeout.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardActivityBasedTimeout.ps1
@@ -81,7 +81,7 @@ function Invoke-CIPPStandardActivityBasedTimeout {
         if ($StateIsCorrect -eq $true) {
             Write-LogMessage -API 'Standards' -tenant $Tenant -message "Activity Based Timeout is enabled and set to $timeout" -sev Info
         } else {
-            Write-StandardsAlert -message "Activity Based Timeout is not set to $timeout" -object $CurrentState -tenant $Tenant -standardName 'ActivityBasedTimeout' -standardId $Settings.standardId
+            Write-StandardsAlert -message "Activity Based Timeout is not set to $timeout" -object ($CurrentState.definition | ConvertFrom-Json -ErrorAction SilentlyContinue).activitybasedtimeoutpolicy.ApplicationPolicies -tenant $Tenant -standardName 'ActivityBasedTimeout' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $Tenant -message "Activity Based Timeout is not set to $timeout" -sev Info
         }
     }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAppDeploy.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAppDeploy.ps1
@@ -61,7 +61,7 @@ function Invoke-CIPPStandardAppDeploy {
         }
 
         if ($MissingApps.Count -gt 0) {
-            Write-StandardsAlert -message "The following applications are not deployed: $($MissingApps -join ', ')" -object $MissingApps -tenant $Tenant -standardName 'AppDeploy' -standardId $Settings.standardId
+            Write-StandardsAlert -message "The following applications are not deployed: $($MissingApps -join ', ')" -object (@{ 'Missing Apps' = $MissingApps -join ',' }) -tenant $Tenant -standardName 'AppDeploy' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message "The following applications are not deployed: $($MissingApps -join ', ')" -sev Info
         } else {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'All applications are deployed' -sev Info
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardBranding.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardBranding.ps1
@@ -94,7 +94,7 @@ function Invoke-CIPPStandardBranding {
         if ($StateIsCorrect -eq $true) {
             Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Branding is correctly set.' -Sev Info
         } else {
-            Write-StandardsAlert -message 'Branding is incorrectly set.' -object $CurrentState -tenant $Tenant -standardName 'Branding' -standardId $Settings.standardId
+            Write-StandardsAlert -message 'Branding is incorrectly set.' -object ($CurrentState | Select-Object -Property signInPageText, usernameHintText, loginPageTextVisibilitySettings, loginPageLayoutConfiguration) -tenant $Tenant -standardName 'Branding' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Branding is incorrectly set.' -Sev Info
         }
     }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAdditionalStorageProviders.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAdditionalStorageProviders.ps1
@@ -54,7 +54,8 @@ function Invoke-CIPPStandardDisableAdditionalStorageProviders {
 
     if ($Settings.alert -eq $true) {
         if ($AdditionalStorageProvidersState.AdditionalStorageProvidersAvailable) {
-            Write-StandardsAlert -message 'OWA additional storage providers are enabled' -object $AdditionalStorageProvidersState -tenant $tenant -standardName 'DisableAdditionalStorageProviders' -standardId $Settings.standardId
+            $Object = $AdditionalStorageProvidersState | Select-Object -Property AdditionalStorageProvidersAvailable
+            Write-StandardsAlert -message 'OWA additional storage providers are enabled' -object $Object -tenant $tenant -standardName 'DisableAdditionalStorageProviders' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'OWA additional storage providers are enabled' -sev Info
         } else {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'OWA additional storage providers are disabled' -sev Info
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableExternalCalendarSharing.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableExternalCalendarSharing.ps1
@@ -55,7 +55,7 @@ function Invoke-CIPPStandardDisableExternalCalendarSharing {
 
     if ($Settings.alert -eq $true) {
         if ($CurrentInfo.Enabled) {
-            Write-StandardsAlert -message 'External calendar sharing is enabled' -object $CurrentInfo -tenant $tenant -standardName 'DisableExternalCalendarSharing' -standardId $Settings.standardId
+            Write-StandardsAlert -message 'External calendar sharing is enabled' -object ($CurrentInfo | Select-Object enabled) -tenant $tenant -standardName 'DisableExternalCalendarSharing' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'External calendar sharing is enabled' -sev Info
         } else {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'External calendar sharing is not enabled' -sev Info
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableGuests.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableGuests.ps1
@@ -33,10 +33,18 @@ function Invoke-CIPPStandardDisableGuests {
     ##$Rerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableGuests'
 
     $Lookup = (Get-Date).AddDays(-90).ToUniversalTime().ToString('o')
-    $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users?`$filter=(signInActivity/lastSuccessfulSignInDateTime le $Lookup)&`$select=id,UserPrincipalName,signInActivity,mail,userType,accountEnabled" -scope 'https://graph.microsoft.com/.default' -tenantid $Tenant | Where-Object { $_.userType -EQ 'Guest' -and $_.AccountEnabled -EQ $true }
+    $AuditLookup = (Get-Date).AddDays(-7).ToUniversalTime().ToString('o')
+
+    $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users?`$filter=(signInActivity/lastSuccessfulSignInDateTime le $Lookup)&`$select=id,UserPrincipalName,signInActivity,mail,userType,accountEnabled" -scope 'https://graph.microsoft.com/.default' -tenantid $Tenant |
+        Where-Object { $_.userType -eq 'Guest' -and $_.AccountEnabled -eq $true }
+
+    $RecentlyReactivatedUsers = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/auditLogs/directoryAudits?`$filter=activityDisplayName eq 'Enable account' and activityDateTime ge $AuditLookup" -scope 'https://graph.microsoft.com/.default' -tenantid $Tenant |
+        ForEach-Object { $_.targetResources[0].id } | Select-Object -Unique)
+
+    $GraphRequest = $GraphRequest | Where-Object { -not ($RecentlyReactivatedUsers -contains $_.id) }
 
     If ($Settings.remediate -eq $true) {
-        if ($GraphRequest) {
+        if ($GraphRequest.Count -gt 0) {
             foreach ($guest in $GraphRequest) {
                 try {
                     New-GraphPostRequest -type Patch -tenantid $tenant -uri "https://graph.microsoft.com/beta/users/$($guest.id)" -body '{"accountEnabled":"false"}'
@@ -53,7 +61,7 @@ function Invoke-CIPPStandardDisableGuests {
     }
     if ($Settings.alert -eq $true) {
 
-        if ($GraphRequest) {
+        if ($GraphRequest.Count -gt 0) {
             Write-StandardsAlert -message "Guests accounts with a login longer than 90 days ago: $($GraphRequest.count)" -object $GraphRequest -tenant $tenant -standardName 'DisableGuests' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message "Guests accounts with a login longer than 90 days ago: $($GraphRequest.count)" -sev Info
         } else {
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableOutlookAddins.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableOutlookAddins.ps1
@@ -71,7 +71,7 @@ function Invoke-CIPPStandardDisableOutlookAddins {
 
     if ($Settings.alert -eq $true) {
         if ($RolesToRemove) {
-            Write-StandardsAlert -message 'Users are not disabled from installing Outlook add-ins.' -object @{RolesToRemove = $RolesToRemove } -tenant $tenant -standardName 'DisableOutlookAddins' -standardId $Settings.standardId
+            Write-StandardsAlert -message 'Users are not disabled from installing Outlook add-ins.' -object @{ AllowedApps = $RolesToRemove -join ',' } -tenant $tenant -standardName 'DisableOutlookAddins' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Users are not disabled from installing Outlook add-ins.' -sev Info
         } else {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Users are disabled from installing Outlook add-ins.' -sev Info
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSharedMailbox.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSharedMailbox.ps1
@@ -33,7 +33,7 @@ function Invoke-CIPPStandardDisableSharedMailbox {
     param($Tenant, $Settings)
     ##$Rerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableSharedMailbox'
 
-    $UserList = New-GraphGetRequest -uri 'https://graph.microsoft.com/v1.0/users?$top=999&$filter=accountEnabled eq true' -Tenantid $tenant -scope 'https://graph.microsoft.com/.default'
+    $UserList = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/users?$top=999&$filter=accountEnabled eq true and onPremisesSyncEnabled ne true&$count=true' -Tenantid $tenant -scope 'https://graph.microsoft.com/.default' -ComplexFilter
     $SharedMailboxList = (New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($Tenant)/Mailbox" -Tenantid $tenant -scope ExchangeOnline | Where-Object { $_.RecipientTypeDetails -EQ 'SharedMailbox' -or $_.RecipientTypeDetails -eq 'SchedulingMailbox' -and $_.UserPrincipalName -in $UserList.UserPrincipalName })
 
     If ($Settings.remediate -eq $true) {
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableTNEF.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableTNEF.ps1
@@ -53,7 +53,8 @@ function Invoke-CIPPStandardDisableTNEF {
         if ($CurrentState.TNEFEnabled -eq $false) {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'TNEF is disabled for Default Remote Domain' -sev Info
         } else {
-            Write-StandardsAlert -message 'TNEF is not disabled for Default Remote Domain' -object $CurrentState -tenant $tenant -standardName 'DisableTNEF' -standardId $Settings.standardId
+            $Object = $CurrentState | Select-Object -Property TNEFEnabled
+            Write-StandardsAlert -message 'TNEF is not disabled for Default Remote Domain' -object $Object -tenant $tenant -standardName 'DisableTNEF' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'TNEF is not disabled for Default Remote Domain' -sev Info
         }
     }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEXODisableAutoForwarding.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEXODisableAutoForwarding.ps1
@@ -54,7 +54,7 @@ function Invoke-CIPPStandardEXODisableAutoForwarding {
         if ($StateIsCorrect -eq $true) {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Auto forwarding is disabled.' -sev Info
         } else {
-            Write-StandardsAlert -message 'Auto forwarding is not disabled' -object $CurrentInfo -tenant $tenant -standardName 'EXODisableAutoForwarding' -standardId $Settings.standardId
+            Write-StandardsAlert -message 'Auto forwarding is not disabled' -object ($CurrentInfo | Select-Object AutoForwardingMode) -tenant $tenant -standardName 'EXODisableAutoForwarding' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Auto forwarding is not disabled.' -sev Info
         }
     }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExternalMFATrusted.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExternalMFATrusted.ps1
@@ -75,7 +75,7 @@ function Invoke-CIPPStandardExternalMFATrusted {
         if ($ExternalMFATrusted.inboundTrust.isMfaAccepted -eq $WantedState) {
             Write-LogMessage -API 'Standards' -tenant $Tenant -message "External MFA Trusted is $StateMessage." -sev Info
         } else {
-            Write-StandardsAlert -message "External MFA Trusted is not $StateMessage" -object $ExternalMFATrusted -tenant $Tenant -standardName 'ExternalMFATrusted' -standardId $Settings.standardId
+            Write-StandardsAlert -message "External MFA Trusted is not $StateMessage" -object $ExternalMFATrusted.inboundTrust -tenant $Tenant -standardName 'ExternalMFATrusted' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $Tenant -message "External MFA Trusted is not $StateMessage." -sev Info
         }
     }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGlobalQuarantineNotifications.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGlobalQuarantineNotifications.ps1
@@ -40,7 +40,7 @@ function Invoke-CIPPStandardGlobalQuarantineNotifications {
         'PT4H' { New-TimeSpan -Hours 4 }
         'P1D' { New-TimeSpan -Days 1 }
         'P7D' { New-TimeSpan -Days 7 }
-        Default { $null }
+        default { $null }
     }
 
 
@@ -53,7 +53,7 @@ function Invoke-CIPPStandardGlobalQuarantineNotifications {
     } catch {
         $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
         Write-LogMessage -API 'Standards' -tenant $Tenant -message "GlobalQuarantineNotifications: Invalid NotificationInterval parameter set. Error: $ErrorMessage" -sev Error
-        Return
+        return
     }
 
     if ($Settings.remediate -eq $true) {
@@ -77,7 +77,8 @@ function Invoke-CIPPStandardGlobalQuarantineNotifications {
         if ($CurrentState.EndUserSpamNotificationFrequency -eq $WantedState) {
             Write-LogMessage -API 'Standards' -tenant $Tenant -message "Global Quarantine Notifications are set to the desired value of $WantedState" -sev Info
         } else {
-            Write-StandardsAlert -message "Global Quarantine Notifications are not set to the desired value of $WantedState" -object $CurrentState -tenant $Tenant -standardName 'GlobalQuarantineNotifications' -standardId $Settings.standardId
+            $Object = $CurrentState | Select-Object -Property * -ExcludeProperty '*@odata.type'
+            Write-StandardsAlert -message "Global Quarantine Notifications are not set to the desired value of $WantedState" -object $Object -tenant $Tenant -standardName 'GlobalQuarantineNotifications' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $Tenant -message "Global Quarantine Notifications are not set to the desired value of $WantedState" -sev Info
         }
     }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGuestInvite.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGuestInvite.ps1
@@ -68,7 +68,8 @@ function Invoke-CIPPStandardGuestInvite {
         if ($StateIsCorrect -eq $true) {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Guest Invite settings is enabled.' -sev Info
         } else {
-            Write-StandardsAlert -message 'Guest Invite settings is not enabled' -object $CurrentState -tenant $tenant -standardName 'GuestInvite' -standardId $Settings.standardId
+            $Object = $CurrentState | Select-Object -Property allowInvitesFrom
+            Write-StandardsAlert -message 'Guest Invite settings is not enabled' -object $Object -tenant $tenant -standardName 'GuestInvite' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Guest Invite settings is not enabled.' -sev Info
         }
     }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMailContacts.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMailContacts.ps1
@@ -39,7 +39,7 @@ function Invoke-CIPPStandardMailContacts {
     $contacts = $settings
     $TechAndSecurityContacts = @($Contacts.SecurityContact, $Contacts.TechContact)
 
-    If ($Settings.remediate -eq $true) {
+    if ($Settings.remediate -eq $true) {
         $state = $CurrentInfo.marketingNotificationEmails -eq $Contacts.MarketingContact -and `
         ($CurrentInfo.securityComplianceNotificationMails -in $TechAndSecurityContacts -or
             $CurrentInfo.technicalNotificationMails -in $TechAndSecurityContacts) -and `
@@ -70,25 +70,29 @@ function Invoke-CIPPStandardMailContacts {
         if ($CurrentInfo.marketingNotificationEmails -eq $Contacts.MarketingContact) {
             Write-LogMessage -API 'Standards' -tenant $tenant -message "Marketing contact email is set to $($Contacts.MarketingContact)" -sev Info
         } else {
-            Write-StandardsAlert -message "Marketing contact email is not set to $($Contacts.MarketingContact)" -object $CurrentInfo -tenant $tenant -standardName 'MailContacts' -standardId $Settings.standardId
+            $Object = $CurrentInfo | Select-Object marketingNotificationEmails
+            Write-StandardsAlert -message "Marketing contact email is not set to $($Contacts.MarketingContact)" -object $Object -tenant $tenant -standardName 'MailContacts' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message "Marketing contact email is not set to $($Contacts.MarketingContact)" -sev Info
         }
         if ($CurrentInfo.securityComplianceNotificationMails -eq $Contacts.SecurityContact) {
             Write-LogMessage -API 'Standards' -tenant $tenant -message "Security contact email is set to $($Contacts.SecurityContact)" -sev Info
         } else {
-            Write-StandardsAlert -message "Security contact email is not set to $($Contacts.SecurityContact)" -object $CurrentInfo -tenant $tenant -standardName 'MailContacts' -standardId $Settings.standardId
+            $Object = $CurrentInfo | Select-Object securityComplianceNotificationMails
+            Write-StandardsAlert -message "Security contact email is not set to $($Contacts.SecurityContact)" -object $Object -tenant $tenant -standardName 'MailContacts' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message "Security contact email is not set to $($Contacts.SecurityContact)" -sev Info
         }
         if ($CurrentInfo.technicalNotificationMails -eq $Contacts.TechContact) {
             Write-LogMessage -API 'Standards' -tenant $tenant -message "Technical contact email is set to $($Contacts.TechContact)" -sev Info
         } else {
-            Write-StandardsAlert -message "Technical contact email is not set to $($Contacts.TechContact)" -object $CurrentInfo -tenant $tenant -standardName 'MailContacts' -standardId $Settings.standardId
+            $Object = $CurrentInfo | Select-Object technicalNotificationMails
+            Write-StandardsAlert -message "Technical contact email is not set to $($Contacts.TechContact)" -object $Object -tenant $tenant -standardName 'MailContacts' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message "Technical contact email is not set to $($Contacts.TechContact)" -sev Info
         }
         if ($CurrentInfo.privacyProfile.contactEmail -eq $Contacts.GeneralContact) {
             Write-LogMessage -API 'Standards' -tenant $tenant -message "General contact email is set to $($Contacts.GeneralContact)" -sev Info
         } else {
-            Write-StandardsAlert -message "General contact email is not set to $($Contacts.GeneralContact)" -object $CurrentInfo -tenant $tenant -standardName 'MailContacts' -standardId $Settings.standardId
+            $Object = $CurrentInfo | Select-Object privacyProfile
+            Write-StandardsAlert -message "General contact email is not set to $($Contacts.GeneralContact)" -object $Object -tenant $tenant -standardName 'MailContacts' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message "General contact email is not set to $($Contacts.GeneralContact)" -sev Info
         }
 
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMessageExpiration.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMessageExpiration.ps1
@@ -32,7 +32,7 @@ function Invoke-CIPPStandardMessageExpiration {
 
     $MessageExpiration = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-TransportConfig').messageExpiration
 
-    If ($Settings.remediate -eq $true) {
+    if ($Settings.remediate -eq $true) {
         Write-Host 'Time to remediate'
         if ($MessageExpiration -ne '12:00:00') {
             try {
@@ -51,7 +51,8 @@ function Invoke-CIPPStandardMessageExpiration {
         if ($MessageExpiration -eq '12:00:00') {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Transport configuration message expiration is set to 12 hours' -sev Info
         } else {
-            Write-StandardsAlert -message 'Transport configuration message expiration is not set to 12 hours' -object $MessageExpiration -tenant $tenant -standardName 'MessageExpiration' -standardId $Settings.standardId
+            $Object = [PSCustomObject]@{ MessageExpiration = $MessageExpiration }
+            Write-StandardsAlert -message 'Transport configuration message expiration is not set to 12 hours' -object $Object -tenant $tenant -standardName 'MessageExpiration' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Transport configuration message expiration is not set to 12 hours' -sev Info
         }
     }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsent.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsent.ps1
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOutBoundSpamAlert.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOutBoundSpamAlert.ps1
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSecurityDefaults.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSecurityDefaults.ps1
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTAP.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTAP.ps1
diff --git a/version_latest.txt b/version_latest.txt

Original file line number	Diff line number	Diff line change
`@@ -81,7 +81,7 @@ function Invoke-CIPPStandardActivityBasedTimeout {`
`81`	`81`	`if ($StateIsCorrect -eq $true) {`
`82`	`82`	`Write-LogMessage -API 'Standards' -tenant $Tenant -message "Activity Based Timeout is enabled and set to $timeout" -sev Info`
`83`	`83`	`} else {`
`84`		`- Write-StandardsAlert -message "Activity Based Timeout is not set to $timeout" -object $CurrentState -tenant $Tenant -standardName 'ActivityBasedTimeout' -standardId $Settings.standardId`
	`84`	`+ Write-StandardsAlert -message "Activity Based Timeout is not set to $timeout" -object ($CurrentState.definition \| ConvertFrom-Json -ErrorAction SilentlyContinue).activitybasedtimeoutpolicy.ApplicationPolicies -tenant $Tenant -standardName 'ActivityBasedTimeout' -standardId $Settings.standardId`
`85`	`85`	`Write-LogMessage -API 'Standards' -tenant $Tenant -message "Activity Based Timeout is not set to $timeout" -sev Info`
`86`	`86`	`}`
`87`	`87`	`}`
Original file line number	Diff line number	Diff line change
`@@ -61,7 +61,7 @@ function Invoke-CIPPStandardAppDeploy {`
`61`	`61`	`}`
`62`	`62`
`63`	`63`	`if ($MissingApps.Count -gt 0) {`
`64`		`- Write-StandardsAlert -message "The following applications are not deployed: $($MissingApps -join ', ')" -object $MissingApps -tenant $Tenant -standardName 'AppDeploy' -standardId $Settings.standardId`
	`64`	`+ Write-StandardsAlert -message "The following applications are not deployed: $($MissingApps -join ', ')" -object (@{ 'Missing Apps' = $MissingApps -join ',' }) -tenant $Tenant -standardName 'AppDeploy' -standardId $Settings.standardId`
`65`	`65`	`Write-LogMessage -API 'Standards' -tenant $tenant -message "The following applications are not deployed: $($MissingApps -join ', ')" -sev Info`
`66`	`66`	`} else {`
`67`	`67`	`Write-LogMessage -API 'Standards' -tenant $tenant -message 'All applications are deployed' -sev Info`
Original file line number	Diff line number	Diff line change
`@@ -94,7 +94,7 @@ function Invoke-CIPPStandardBranding {`
`94`	`94`	`if ($StateIsCorrect -eq $true) {`
`95`	`95`	`Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Branding is correctly set.' -Sev Info`
`96`	`96`	`} else {`
`97`		`- Write-StandardsAlert -message 'Branding is incorrectly set.' -object $CurrentState -tenant $Tenant -standardName 'Branding' -standardId $Settings.standardId`
	`97`	`+ Write-StandardsAlert -message 'Branding is incorrectly set.' -object ($CurrentState \| Select-Object -Property signInPageText, usernameHintText, loginPageTextVisibilitySettings, loginPageLayoutConfiguration) -tenant $Tenant -standardName 'Branding' -standardId $Settings.standardId`
`98`	`98`	`Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Branding is incorrectly set.' -Sev Info`
`99`	`99`	`}`
`100`	`100`	`}`
Original file line number	Diff line number	Diff line change
`@@ -53,7 +53,8 @@ function Invoke-CIPPStandardDisableTNEF {`
`53`	`53`	`if ($CurrentState.TNEFEnabled -eq $false) {`
`54`	`54`	`Write-LogMessage -API 'Standards' -tenant $tenant -message 'TNEF is disabled for Default Remote Domain' -sev Info`
`55`	`55`	`} else {`
`56`		`- Write-StandardsAlert -message 'TNEF is not disabled for Default Remote Domain' -object $CurrentState -tenant $tenant -standardName 'DisableTNEF' -standardId $Settings.standardId`
	`56`	`+ $Object = $CurrentState \| Select-Object -Property TNEFEnabled`
	`57`	`+ Write-StandardsAlert -message 'TNEF is not disabled for Default Remote Domain' -object $Object -tenant $tenant -standardName 'DisableTNEF' -standardId $Settings.standardId`
`57`	`58`	`Write-LogMessage -API 'Standards' -tenant $tenant -message 'TNEF is not disabled for Default Remote Domain' -sev Info`
`58`	`59`	`}`
`59`	`60`	`}`
Original file line number	Diff line number	Diff line change
`@@ -54,7 +54,7 @@ function Invoke-CIPPStandardEXODisableAutoForwarding {`
`54`	`54`	`if ($StateIsCorrect -eq $true) {`
`55`	`55`	`Write-LogMessage -API 'Standards' -tenant $tenant -message 'Auto forwarding is disabled.' -sev Info`
`56`	`56`	`} else {`
`57`		`- Write-StandardsAlert -message 'Auto forwarding is not disabled' -object $CurrentInfo -tenant $tenant -standardName 'EXODisableAutoForwarding' -standardId $Settings.standardId`
	`57`	`+ Write-StandardsAlert -message 'Auto forwarding is not disabled' -object ($CurrentInfo \| Select-Object AutoForwardingMode) -tenant $tenant -standardName 'EXODisableAutoForwarding' -standardId $Settings.standardId`
`58`	`58`	`Write-LogMessage -API 'Standards' -tenant $tenant -message 'Auto forwarding is not disabled.' -sev Info`
`59`	`59`	`}`
`60`	`60`	`}`