bug fixes for tests

Author: KelvinTegelaar

Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Push-CIPPDBCacheData.ps1

@@ -18,6 +18,14 @@ function Push-CIPPDBCacheData {
     try {
         Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message 'Starting database cache collection for tenant' -sev Info
 
+        # Check tenant capabilities for license-specific features
+        $IntuneCapable = Test-CIPPStandardLicense -StandardName 'IntuneLicenseCheck' -TenantFilter $TenantFilter -RequiredCapabilities @('INTUNE_A', 'MDM_Services', 'EMS', 'SCCM', 'MICROSOFTINTUNEPLAN1') -SkipLog
+        $ConditionalAccessCapable = Test-CIPPStandardLicense -StandardName 'ConditionalAccessLicenseCheck' -TenantFilter $TenantFilter -RequiredCapabilities @('AAD_PREMIUM', 'AAD_PREMIUM_P2') -SkipLog
+        $AzureADPremiumP2Capable = Test-CIPPStandardLicense -StandardName 'AzureADPremiumP2LicenseCheck' -TenantFilter $TenantFilter -RequiredCapabilities @('AAD_PREMIUM_P2') -SkipLog
+
+        Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "License capabilities - Intune: $IntuneCapable, Conditional Access: $ConditionalAccessCapable, Azure AD Premium P2: $AzureADPremiumP2Capable" -sev Info
+
+        #region All Licenses - Basic tenant data collection
         Write-Host 'Getting cache for Users'
         try { Set-CIPPDBCacheUsers -TenantFilter $TenantFilter } catch {
             Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Users collection failed: $($_.Exception.Message)" -sev Error
@@ -48,11 +56,6 @@ function Push-CIPPDBCacheData {
             Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Devices collection failed: $($_.Exception.Message)" -sev Error
         }
 
-        Write-Host 'Getting cache for ManagedDevices'
-        try { Set-CIPPDBCacheManagedDevices -TenantFilter $TenantFilter } catch {
-            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ManagedDevices collection failed: $($_.Exception.Message)" -sev Error
-        }
-
         Write-Host 'Getting cache for Organization'
         try { Set-CIPPDBCacheOrganization -TenantFilter $TenantFilter } catch {
             Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "Organization collection failed: $($_.Exception.Message)" -sev Error
@@ -108,16 +111,6 @@ function Push-CIPPDBCacheData {
             Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "SecureScore collection failed: $($_.Exception.Message)" -sev Error
         }
 
-        Write-Host 'Getting cache for IntunePolicies'
-        try { Set-CIPPDBCacheIntunePolicies -TenantFilter $TenantFilter } catch {
-            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "IntunePolicies collection failed: $($_.Exception.Message)" -sev Error
-        }
-
-        Write-Host 'Getting cache for ConditionalAccessPolicies'
-        try { Set-CIPPDBCacheConditionalAccessPolicies -TenantFilter $TenantFilter } catch {
-            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ConditionalAccessPolicies collection failed: $($_.Exception.Message)" -sev Error
-        }
-
         Write-Host 'Getting cache for PIMSettings'
         try { Set-CIPPDBCachePIMSettings -TenantFilter $TenantFilter } catch {
             Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "PIMSettings collection failed: $($_.Exception.Message)" -sev Error
@@ -153,26 +146,6 @@ function Push-CIPPDBCacheData {
             Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "AuthenticationFlowsPolicy collection failed: $($_.Exception.Message)" -sev Error
         }
 
-        Write-Host 'Getting cache for RiskyUsers'
-        try { Set-CIPPDBCacheRiskyUsers -TenantFilter $TenantFilter } catch {
-            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "RiskyUsers collection failed: $($_.Exception.Message)" -sev Error
-        }
-
-        Write-Host 'Getting cache for RiskyServicePrincipals'
-        try { Set-CIPPDBCacheRiskyServicePrincipals -TenantFilter $TenantFilter } catch {
-            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "RiskyServicePrincipals collection failed: $($_.Exception.Message)" -sev Error
-        }
-
-        Write-Host 'Getting cache for ServicePrincipalRiskDetections'
-        try { Set-CIPPDBCacheServicePrincipalRiskDetections -TenantFilter $TenantFilter } catch {
-            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ServicePrincipalRiskDetections collection failed: $($_.Exception.Message)" -sev Error
-        }
-
-        Write-Host 'Getting cache for RiskDetections'
-        try { Set-CIPPDBCacheRiskDetections -TenantFilter $TenantFilter } catch {
-            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "RiskDetections collection failed: $($_.Exception.Message)" -sev Error
-        }
-
         Write-Host 'Getting cache for DeviceRegistrationPolicy'
         try { Set-CIPPDBCacheDeviceRegistrationPolicy -TenantFilter $TenantFilter } catch {
             Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "DeviceRegistrationPolicy collection failed: $($_.Exception.Message)" -sev Error
@@ -188,11 +161,6 @@ function Push-CIPPDBCacheData {
             Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "UserRegistrationDetails collection failed: $($_.Exception.Message)" -sev Error
         }
 
-        Write-Host 'Getting cache for ManagedDeviceEncryptionStates'
-        try { Set-CIPPDBCacheManagedDeviceEncryptionStates -TenantFilter $TenantFilter } catch {
-            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ManagedDeviceEncryptionStates collection failed: $($_.Exception.Message)" -sev Error
-        }
-
         Write-Host 'Getting cache for OAuth2PermissionGrants'
         try { Set-CIPPDBCacheOAuth2PermissionGrants -TenantFilter $TenantFilter } catch {
             Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "OAuth2PermissionGrants collection failed: $($_.Exception.Message)" -sev Error
@@ -242,11 +210,70 @@ function Push-CIPPDBCacheData {
         try { Set-CIPPDBCacheExoAcceptedDomains -TenantFilter $TenantFilter } catch {
             Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ExoAcceptedDomains collection failed: $($_.Exception.Message)" -sev Error
         }
-
-        Write-Host 'Getting cache for IntuneAppProtectionPolicies'
-        try { Set-CIPPDBCacheIntuneAppProtectionPolicies -TenantFilter $TenantFilter } catch {
-            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "IntuneAppProtectionPolicies collection failed: $($_.Exception.Message)" -sev Error
-        }
+        #endregion All Licenses
+
+        #region Conditional Access Licensed - Azure AD Premium features
+        if ($ConditionalAccessCapable) {
+            Write-Host 'Getting cache for ConditionalAccessPolicies'
+            try { Set-CIPPDBCacheConditionalAccessPolicies -TenantFilter $TenantFilter } catch {
+                Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ConditionalAccessPolicies collection failed: $($_.Exception.Message)" -sev Error
+            }
+        } else {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message 'Skipping Conditional Access data collection - tenant does not have required license' -sev Info
+        }
+        #endregion Conditional Access Licensed
+
+        #region Azure AD Premium P2 - Identity Protection features
+        if ($AzureADPremiumP2Capable) {
+            Write-Host 'Getting cache for RiskyUsers'
+            try { Set-CIPPDBCacheRiskyUsers -TenantFilter $TenantFilter } catch {
+                Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "RiskyUsers collection failed: $($_.Exception.Message)" -sev Error
+            }
+
+            Write-Host 'Getting cache for RiskyServicePrincipals'
+            try { Set-CIPPDBCacheRiskyServicePrincipals -TenantFilter $TenantFilter } catch {
+                Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "RiskyServicePrincipals collection failed: $($_.Exception.Message)" -sev Error
+            }
+
+            Write-Host 'Getting cache for ServicePrincipalRiskDetections'
+            try { Set-CIPPDBCacheServicePrincipalRiskDetections -TenantFilter $TenantFilter } catch {
+                Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ServicePrincipalRiskDetections collection failed: $($_.Exception.Message)" -sev Error
+            }
+
+            Write-Host 'Getting cache for RiskDetections'
+            try { Set-CIPPDBCacheRiskDetections -TenantFilter $TenantFilter } catch {
+                Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "RiskDetections collection failed: $($_.Exception.Message)" -sev Error
+            }
+        } else {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message 'Skipping Azure AD Premium P2 Identity Protection data collection - tenant does not have required license' -sev Info
+        }
+        #endregion Azure AD Premium P2
+
+        #region Intune Licensed - Intune management features
+        if ($IntuneCapable) {
+            Write-Host 'Getting cache for ManagedDevices'
+            try { Set-CIPPDBCacheManagedDevices -TenantFilter $TenantFilter } catch {
+                Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ManagedDevices collection failed: $($_.Exception.Message)" -sev Error
+            }
+
+            Write-Host 'Getting cache for IntunePolicies'
+            try { Set-CIPPDBCacheIntunePolicies -TenantFilter $TenantFilter } catch {
+                Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "IntunePolicies collection failed: $($_.Exception.Message)" -sev Error
+            }
+
+            Write-Host 'Getting cache for ManagedDeviceEncryptionStates'
+            try { Set-CIPPDBCacheManagedDeviceEncryptionStates -TenantFilter $TenantFilter } catch {
+                Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "ManagedDeviceEncryptionStates collection failed: $($_.Exception.Message)" -sev Error
+            }
+
+            Write-Host 'Getting cache for IntuneAppProtectionPolicies'
+            try { Set-CIPPDBCacheIntuneAppProtectionPolicies -TenantFilter $TenantFilter } catch {
+                Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message "IntuneAppProtectionPolicies collection failed: $($_.Exception.Message)" -sev Error
+            }
+        } else {
+            Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message 'Skipping Intune data collection - tenant does not have required license' -sev Info
+        }
+        #endregion Intune Licensed
 
         Write-LogMessage -API 'CIPPDBCache' -tenant $TenantFilter -message 'Completed database cache collection for tenant' -sev Info
 

Modules/CIPPCore/Public/Tests/Invoke-CippTestZTNA21837.ps1

@@ -5,7 +5,7 @@ function Invoke-CippTestZTNA21837 {
     #Tested
     try {
         # Get device registration policy
-        $DeviceSettings = New-CIPPDbRequest -TenantFilter $Tenant -Type 'deviceRegistrationPolicy'
+        $DeviceSettings = New-CIPPDbRequest -TenantFilter $Tenant -Type 'DeviceRegistrationPolicy'
 
         if (-not $DeviceSettings) {
             Add-CippTestResult -TenantFilter $Tenant -TestId $TestId -TestType 'Identity' -Status 'Investigate' -ResultMarkdown 'Device settings not found in database' -Risk 'High' -Name 'Limit the maximum number of devices per user to 10' -UserImpact 'Medium' -ImplementationEffort 'Low' -Category 'Devices'

Test-AllZTNATests.ps1

@@ -1,2 +1,9 @@
 $Tenant = '7ngn50.onmicrosoft.com'
-Get-ChildItem "C:\Github\CIPP-API\Modules\CIPPCore\Public\Tests\Invoke-CippTest*.ps1" | ForEach-Object { . $_.FullName; & $_.BaseName -Tenant $Tenant }
+$item =0
+Get-ChildItem "C:\Github\CIPP-API\Modules\CIPPCore\Public\Tests\Invoke-CippTest*.ps1" | ForEach-Object {
+    $item++
+
+    write-host "performing test $($_.BaseName) - $($item)"
+    . $_.FullName; & $_.BaseName -Tenant $Tenant
+
+}