Merge pull request #397 from KelvinTegelaar/dev

[pull] dev from KelvinTegelaar:dev

Author: pull[bot]

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Administration/Invoke-ExecModifyMBPerms.ps1

@@ -20,8 +20,10 @@ Function Invoke-ExecGDAPRoleTemplate {
     if ($Request.Query.TemplateId) {
         $Template = $Templates | Where-Object -Property RowKey -EQ $Request.Query.TemplateId
         if (!$Template) {
+            Write-LogMessage -headers $Headers -API $APIName -message "GDAP role template '$($Request.Query.TemplateId)' not found" -Sev 'Warning'
             $Body = @{}
         } else {
+            Write-LogMessage -headers $Headers -API $APIName -message "Retrieved GDAP role template '$($Request.Query.TemplateId)'" -Sev 'Info'
             $Body = @{
                 TemplateId   = $Template.RowKey
                 RoleMappings = @($Template.RoleMappings | ConvertFrom-Json)
@@ -38,6 +40,7 @@ Function Invoke-ExecGDAPRoleTemplate {
                 }
                 Write-Information ($RoleMappings | ConvertTo-Json)
                 Add-CIPPGDAPRoleTemplate -TemplateId $RowKey -RoleMappings $RoleMappings
+                Write-LogMessage -headers $Headers -API $APIName -message "Added role mappings to GDAP template '$RowKey'" -Sev 'Info'
                 $Body = @{
                     Results = "Added role mappings to template $RowKey"
                 }
@@ -48,10 +51,12 @@ Function Invoke-ExecGDAPRoleTemplate {
                 if ($Template) {
                     $RoleMappings = $Request.Body.RoleMappings
                     Add-CIPPGDAPRoleTemplate -TemplateId $RowKey -RoleMappings $RoleMappings -Overwrite
+                    Write-LogMessage -headers $Headers -API $APIName -message "Updated role mappings for GDAP template '$RowKey'" -Sev 'Info'
                     $Body = @{
                         Results = "Updated role mappings for template $RowKey"
                     }
                 } else {
+                    Write-LogMessage -headers $Headers -API $APIName -message "GDAP role template '$RowKey' not found for editing" -Sev 'Warning'
                     $Body = @{
                         Results = "Template $RowKey not found"
                     }
@@ -62,16 +67,19 @@ Function Invoke-ExecGDAPRoleTemplate {
                 $Template = $Templates | Where-Object -Property RowKey -EQ $RowKey
                 if ($Template) {
                     Remove-AzDataTableEntity -Force @Table -Entity $Template
+                    Write-LogMessage -headers $Headers -API $APIName -message "Deleted GDAP role template '$RowKey'" -Sev 'Info'
                     $Body = @{
                         Results = "Deleted template $RowKey"
                     }
                 } else {
+                    Write-LogMessage -headers $Headers -API $APIName -message "GDAP role template '$RowKey' not found for deletion" -Sev 'Warning'
                     $Body = @{
                         Results = "Template $RowKey not found"
                     }
                 }
             }
             default {
+                Write-LogMessage -headers $Headers -API $APIName -message "Retrieved $($Templates.Count) GDAP role templates" -Sev 'Info'
                 $Results = foreach ($Template in $Templates) {
                     [PSCustomObject]@{
                         TemplateId   = $Template.RowKey

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Tenant/GDAP/Invoke-ExecGDAPRoleTemplate.ps1

@@ -26,6 +26,7 @@ function Get-CIPPTextReplacement {
         '%temp%',
         '%tenantid%',
         '%tenantfilter%',
+        '%initialdomain%',
         '%tenantname%',
         '%partnertenantid%',
         '%samappid%',
@@ -37,7 +38,7 @@ function Get-CIPPTextReplacement {
         '%programfiles(x86)%',
         '%programdata%'
     )
-    
+
     $Tenant = Get-Tenants -TenantFilter $TenantFilter
     $CustomerId = $Tenant.customerId
 
@@ -70,6 +71,7 @@ function Get-CIPPTextReplacement {
     #default replacements for all tenants: %tenantid% becomes $tenant.customerId, %tenantfilter% becomes $tenant.defaultDomainName, %tenantname% becomes $tenant.displayName
     $Text = $Text -replace '%tenantid%', $Tenant.customerId
     $Text = $Text -replace '%tenantfilter%', $Tenant.defaultDomainName
+    $Text = $Text -replace '%initialdomain%', $Tenant.initialDomainName
     $Text = $Text -replace '%tenantname%', $Tenant.displayName
 
     # Partner specific replacements

Modules/CIPPCore/Public/Get-CIPPTextReplacement.ps1

@@ -43,6 +43,7 @@ function New-ExoBulkRequest {
 
             # Initialize the ID to Cmdlet Name mapping
             $IdToCmdletName = @{}
+            $IdToOperationGuid = @{}  # Track operation GUIDs when provided
 
             # Split the cmdletArray into batches of 10
             $batches = [System.Collections.Generic.List[object]]::new()
@@ -69,19 +70,32 @@ function New-ExoBulkRequest {
                     $Headers['Accept'] = 'application/json; odata.metadata=minimal'
                     $Headers['Accept-Encoding'] = 'gzip'
 
-                    # Generate a unique ID for each request
-                    $RequestId = [Guid]::NewGuid().ToString()
+                    # Use provided OperationGuid if available, otherwise generate one
+                    $RequestId = if ($cmd.OperationGuid) {
+                        $cmd.OperationGuid
+                    } else {
+                        [Guid]::NewGuid().ToString()
+                    }
+
+                    # Create clean cmdlet object for API (without OperationGuid)
+                    $CleanCmd = @{
+                        CmdletInput = $cmd.CmdletInput
+                    }
+
                     $BatchRequest = @{
                         url     = $URL
                         method  = 'POST'
-                        body    = $cmd
+                        body    = $CleanCmd
                         headers = $Headers.Clone()
                         id      = $RequestId
                     }
                     $BatchBodyObj['requests'] = $BatchBodyObj['requests'] + $BatchRequest
 
-                    # Map the Request ID to the Cmdlet Name
+                    # Map the Request ID to the Cmdlet Name and Operation GUID (if provided)
                     $IdToCmdletName[$RequestId] = $cmd.CmdletInput.CmdletName
+                    if ($cmd.OperationGuid) {
+                        $IdToOperationGuid[$RequestId] = $cmd.OperationGuid
+                    }
                 }
                 $BatchBodyJson = ConvertTo-Json -InputObject $BatchBodyObj -Depth 10
                 $BatchBodyJson = Get-CIPPTextReplacement -TenantFilter $tenantid -Text $BatchBodyJson
@@ -104,6 +118,7 @@ function New-ExoBulkRequest {
             foreach ($item in $ReturnedData) {
                 $itemId = $item.id
                 $CmdletName = $IdToCmdletName[$itemId]
+                $OperationGuid = $IdToOperationGuid[$itemId]  # Will be $null if not provided
                 $body = $item.body.PSObject.Copy()
 
                 if ($body.'@adminapi.warnings') {
@@ -115,20 +130,50 @@ function New-ExoBulkRequest {
                     } else {
                         $msg = [pscustomobject]@{ error = $body.error.message; target = $body.error.details.target }
                     }
+
+                    # Add OperationGuid to error if it was provided
+                    if ($OperationGuid) {
+                        $msg | Add-Member -MemberType NoteProperty -Name 'OperationGuid' -Value $OperationGuid -Force
+                    }
+
                     $body | Add-Member -MemberType NoteProperty -Name 'value' -Value $msg -Force
+                } else {
+                    # Handle successful operations - add OperationGuid if provided
+                    if ($body.value) {
+                        # Add GUID to existing results if provided
+                        if ($OperationGuid) {
+                            if ($body.value -is [array]) {
+                                foreach ($val in $body.value) {
+                                    $val | Add-Member -MemberType NoteProperty -Name 'OperationGuid' -Value $OperationGuid -Force
+                                }
+                            } else {
+                                $body.value | Add-Member -MemberType NoteProperty -Name 'OperationGuid' -Value $OperationGuid -Force
+                            }
+                        }
+                    } else {
+                        # Create success indicators when GUID was provided (caller wants tracking)
+                        if ($OperationGuid) {
+                            $body | Add-Member -MemberType NoteProperty -Name 'value' -Value ([pscustomobject]@{
+                                Success = $true
+                                OperationGuid = $OperationGuid
+                            }) -Force
+                        }
+                    }
                 }
+
                 $resultValues = $body.value
                 foreach ($resultValue in $resultValues) {
                     if (-not $FinalData.ContainsKey($CmdletName)) {
                         $FinalData[$CmdletName] = [System.Collections.Generic.List[object]]::new()
-                        $FinalData.$CmdletName.Add($resultValue)
+                        $FinalData[$CmdletName].Add($resultValue)
                     } else {
-                        $FinalData.$CmdletName.Add($resultValue)
+                        $FinalData[$CmdletName].Add($resultValue)
                     }
                 }
             }
         } else {
             $FinalData = foreach ($item in $ReturnedData) {
+                $OperationGuid = $IdToOperationGuid[$item.id]  # Will be $null if not provided
                 $body = $item.body.PSObject.Copy()
 
                 if ($body.'@adminapi.warnings') {
@@ -140,7 +185,35 @@ function New-ExoBulkRequest {
                     } else {
                         $msg = [pscustomobject]@{ error = $body.error.message; target = $body.error.details.target }
                     }
+
+                    # Add OperationGuid to error if it was provided
+                    if ($OperationGuid) {
+                        $msg | Add-Member -MemberType NoteProperty -Name 'OperationGuid' -Value $OperationGuid -Force
+                    }
+
                     $body | Add-Member -MemberType NoteProperty -Name 'value' -Value $msg -Force
+                } else {
+                    # Handle successful operations
+                    if ($body.value) {
+                        # Add GUID to existing results if provided
+                        if ($OperationGuid) {
+                            if ($body.value -is [array]) {
+                                foreach ($val in $body.value) {
+                                    $val | Add-Member -MemberType NoteProperty -Name 'OperationGuid' -Value $OperationGuid -Force
+                                }
+                            } else {
+                                $body.value | Add-Member -MemberType NoteProperty -Name 'OperationGuid' -Value $OperationGuid -Force
+                            }
+                        }
+                    } else {
+                        # Create success indicators when GUID was provided (caller wants tracking)
+                        if ($OperationGuid) {
+                            $body | Add-Member -MemberType NoteProperty -Name 'value' -Value ([pscustomobject]@{
+                                Success = $true
+                                OperationGuid = $OperationGuid
+                            }) -Force
+                        }
+                    }
                 }
                 $body.value
             }

Modules/CIPPCore/Public/GraphHelper/New-ExoBulkRequest.ps1

@@ -43,7 +43,14 @@ function Invoke-CIPPStandardActivityBasedTimeout {
         Return
     }
 
-    $CurrentState = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/activityBasedTimeoutPolicies' -tenantid $Tenant
+    try {
+        $CurrentState = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/activityBasedTimeoutPolicies' -tenantid $Tenant
+    }
+    catch {
+        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
+        Write-LogMessage -API 'Standards' -Tenant $Tenant -Message "Could not get the ActivityBasedTimeout state for $Tenant. Error: $ErrorMessage" -Sev Error
+        return
+    }
     $StateIsCorrect = if ($CurrentState.definition -like "*$timeout*") { $true } else { $false }
 
     If ($Settings.remediate -eq $true) {

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardActivityBasedTimeout.ps1

@@ -31,7 +31,14 @@ function Invoke-CIPPStandardAnonReportDisable {
     param($Tenant, $Settings)
     #$Rerun -Type Standard -Tenant $Tenant -API 'allowOTPTokens' -Settings $Settings
 
-    $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/reportSettings' -tenantid $Tenant -AsApp $true
+    try {
+        $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/reportSettings' -tenantid $Tenant -AsApp $true
+    }
+    catch {
+        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
+        Write-LogMessage -API 'Standards' -Tenant $Tenant -Message "Could not get the AnonReportDisable state for $Tenant. Error: $ErrorMessage" -Sev Error
+        return
+    }
 
     If ($Settings.remediate -eq $true) {
 

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAnonReportDisable.ps1

@@ -28,7 +28,14 @@ function Invoke-CIPPStandardAuthMethodsPolicyMigration {
     #>
 
     param($Tenant, $Settings)
-    $CurrentInfo = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy' -tenantid $Tenant
+    try {
+        $CurrentInfo = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy' -tenantid $Tenant
+    }
+    catch {
+        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
+        Write-LogMessage -API 'Standards' -Tenant $Tenant -Message "Could not get the AuthMethodsPolicyMigration state for $Tenant. Error: $ErrorMessage" -Sev Error
+        return
+    }
 
     if ($null -eq $CurrentInfo) {
         throw "Failed to retrieve current authentication methods policy information"

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAuthMethodsPolicyMigration.ps1

@@ -35,9 +35,16 @@ function Invoke-CIPPStandardAutoAddProxy {
         $QueueItem
     )
 
-    $Domains = New-ExoRequest -TenantId $Tenant -Cmdlet 'Get-AcceptedDomain' | Select-Object -ExpandProperty DomainName
-    $AllMailboxes = New-ExoRequest -TenantId $Tenant -Cmdlet 'Get-Mailbox'
-    
+    try {
+        $Domains = New-ExoRequest -TenantId $Tenant -Cmdlet 'Get-AcceptedDomain' | Select-Object -ExpandProperty DomainName
+        $AllMailboxes = New-ExoRequest -TenantId $Tenant -Cmdlet 'Get-Mailbox'
+    }
+    catch {
+        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
+        Write-LogMessage -API 'Standards' -Tenant $Tenant -Message "Could not get the AutoAddProxy state for $Tenant. Error: $ErrorMessage" -Sev Error
+        return
+    }
+
     $MissingProxies = 0
     foreach ($Domain in $Domains) {
         $ProcessMailboxes = $AllMailboxes | Where-Object {
@@ -47,15 +54,15 @@ function Invoke-CIPPStandardAutoAddProxy {
         }
         $MissingProxies += $ProcessMailboxes.Count
     }
-    
+
     $StateIsCorrect = $MissingProxies -eq 0
-    
+
     if ($Settings.report -eq $true) {
         $state = $StateIsCorrect ? $true : $MissingProxies
         Set-CIPPStandardsCompareField -FieldName 'standards.AutoAddProxy' -FieldValue $state -TenantFilter $Tenant
         Add-CIPPBPAField -FieldName 'AutoAddProxy' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $Tenant
     }
-    
+
     if ($Settings.alert -eq $true) {
         if ($StateIsCorrect -eq $true) {
             Write-LogMessage -API 'Standards' -tenant $Tenant -message 'All mailboxes have proxy addresses for all domains' -sev Info

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAutoAddProxy.ps1

@@ -36,7 +36,14 @@ function Invoke-CIPPStandardAutoExpandArchive {
     } #we're done.
     ##$Rerun -Type Standard -Tenant $Tenant -Settings $Settings 'AutoExpandArchive'
 
-    $CurrentState = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig').AutoExpandingArchiveEnabled
+    try {
+        $CurrentState = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig').AutoExpandingArchiveEnabled
+    }
+    catch {
+        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
+        Write-LogMessage -API 'Standards' -Tenant $Tenant -Message "Could not get the AutoExpandArchive state for $Tenant. Error: $ErrorMessage" -Sev Error
+        return
+    }
 
     If ($Settings.remediate -eq $true) {
         Write-Host 'Time to remediate'

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAutoExpandArchive.ps1

@@ -40,7 +40,14 @@ function Invoke-CIPPStandardBookings {
     # Get state value using null-coalescing operator
     $state = $Settings.state.value ?? $Settings.state
 
-    $CurrentState = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig').BookingsEnabled
+    try {
+        $CurrentState = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig').BookingsEnabled
+    }
+    catch {
+        $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
+        Write-LogMessage -API 'Standards' -Tenant $Tenant -Message "Could not get the Bookings state for $Tenant. Error: $ErrorMessage" -Sev Error
+        return
+    }
     $WantedState = if ($state -eq 'true') { $true } else { $false }
     $StateIsCorrect = if ($CurrentState -eq $WantedState) { $true } else { $false }