dynamic tenant group orchestrator

JohnDuprey · JohnDuprey · commit ae230e9a4bed · 2025-10-22T22:13:19.000-04:00
diff --git a/CIPPTimers.json b/CIPPTimers.json
@@ -105,6 +105,14 @@
     "Priority": 5,
     "RunOnProcessor": true
   },
+  {
+    "Id": "0967c860-3a57-4860-8f33-e5136eae7b4e",
+    "Command": "Start-TenantDynamicGroupOrchestrator",
+    "Description": "Orchestrator to update dynamic tenant groups",
+    "Cron": "0 0 */4 * * *",
+    "Priority": 6,
+    "RunOnProcessor": true
+  },
   {
     "Id": "4ca242d0-8dc8-4256-b0ed-186599f4233f",
     "Command": "Start-UpdateTokensTimer",
@@ -206,4 +214,4 @@
     "RunOnProcessor": true,
     "IsSystem": true
   }
-]
+]
diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Tenant Groups/Push-UpdateDynamicTenantGroup.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Tenant Groups/Push-UpdateDynamicTenantGroup.ps1
@@ -0,0 +1,14 @@
+function Push-UpdateDynamicTenantGroup {
+    <#
+    .SYNOPSIS
+    Push an update to a Dynamic Tenant Group
+    .FUNCTIONALITY
+    Entrypoint
+    #>
+
+    [CmdletBinding()]
+    param ($Item)
+
+    Write-Information "Pushing update to Dynamic Tenant Group: $($Item.Name) (ID: $($Item.Id))"
+    Update-CIPPDynamicTenantGroups -GroupId $Item.Id
+}
diff --git a/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-TenantDynamicGroupOrchestrator.ps1 b/Modules/CIPPCore/Public/Entrypoints/Orchestrator Functions/Start-TenantDynamicGroupOrchestrator.ps1
@@ -0,0 +1,39 @@
+function Start-TenantDynamicGroupOrchestrator {
+    <#
+    .SYNOPSIS
+    Start the Tenant Dynamic Group Orchestrator
+
+    .FUNCTIONALITY
+    Entrypoint
+    #>
+    [CmdletBinding(SupportsShouldProcess = $true)]
+    param(
+        [string]$GroupId = 'All'
+    )
+
+    try {
+        Write-Information 'Updating Dynamic Tenant Groups'
+        $TenantGroups = @{
+            Dynamic = $true
+        }
+        $TenantGroups = Get-TenantGroups @TenantGroups
+        if ($GroupId -ne 'All') {
+            $TenantGroups = $TenantGroups | Where-Object { $_.Id -eq $GroupId }
+        }
+
+        if ($TenantGroups.Count -gt 0) {
+            Write-Information "Found $($TenantGroups.Count) dynamic tenant groups"
+            $Queue = New-CippQueueEntry -Name 'Dynamic Tenant Groups' -TotalTasks $TenantGroups.Count
+            $TenantBatch = $TenantGroups | Select-Object Name, Id, @{n = 'FunctionName'; exp = { 'UpdateDynamicTenantGroup' } }, @{n = 'QueueId'; exp = { $Queue.RowKey } }
+            $InputObject = [PSCustomObject]@{
+                OrchestratorName = 'UpdateDynamicTenantGroups'
+                Batch            = @($TenantBatch)
+            }
+            if ($PSCmdlet.ShouldProcess('Start-TenantDynamicGroupOrchestrator', 'Starting Tenant Dynamic Group Orchestrator')) {
+                Start-NewOrchestration -FunctionName 'CIPPOrchestrator' -InputObject ($InputObject | ConvertTo-Json -Depth 5 -Compress)
+            }
+        } else {
+            Write-Information 'No tenants require permissions update'
+        }
+    } catch {}
+}
