Skip to content

Commit e912e55

Browse files
JohnDupreyJohnDuprey
committed
fix license check
1 parent 608c867 commit e912e55

File tree

1 file changed

+11
-13
lines changed

1 file changed

+11
-13
lines changed

Modules/CIPPCore/Public/Alerts/Get-CIPPAlertNewRiskyUsers.ps1

Lines changed: 11 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ function Get-CIPPAlertNewRiskyUsers {
44
Entrypoint
55
#>
66
[CmdletBinding()]
7-
Param (
7+
param (
88
[Parameter(Mandatory = $false)]
99
[Alias('input')]
1010
$TenantFilter
@@ -13,17 +13,17 @@ function Get-CIPPAlertNewRiskyUsers {
1313
try {
1414
# Check if tenant has P2 capabilities
1515
$Capabilities = Get-CIPPTenantCapabilities -TenantFilter $TenantFilter
16-
if (-not $Capabilities.AADPremiumService) {
16+
if (-not ($Capabilities.AAD_PREMIUM_P2 -eq $true)) {
1717
Write-AlertMessage -tenant $($TenantFilter) -message 'Tenant does not have Azure AD Premium P2 licensing required for risky users detection'
1818
return
1919
}
2020

2121
$Filter = "PartitionKey eq 'RiskyUsersDelta' and RowKey eq '{0}'" -f $TenantFilter
2222
$RiskyUsersDelta = (Get-CIPPAzDataTableEntity @Deltatable -Filter $Filter).delta | ConvertFrom-Json -ErrorAction SilentlyContinue
23-
23+
2424
# Get current risky users with more detailed information
2525
$NewDelta = (New-GraphGetRequest -uri 'https://graph.microsoft.com/v1.0/identityProtection/riskyUsers' -tenantid $TenantFilter) | Select-Object userPrincipalName, riskLevel, riskState, riskDetail, riskLastUpdatedDateTime, isProcessing, history
26-
26+
2727
$NewDeltatoSave = $NewDelta | ConvertTo-Json -Depth 10 -Compress -ErrorAction SilentlyContinue | Out-String
2828
$DeltaEntity = @{
2929
PartitionKey = 'RiskyUsersDelta'
@@ -33,25 +33,24 @@ function Get-CIPPAlertNewRiskyUsers {
3333
Add-CIPPAzDataTableEntity @DeltaTable -Entity $DeltaEntity -Force
3434

3535
if ($RiskyUsersDelta) {
36-
$AlertData = $NewDelta | Where-Object {
37-
$_.userPrincipalName -notin $RiskyUsersDelta.userPrincipalName
36+
$AlertData = $NewDelta | Where-Object {
37+
$_.userPrincipalName -notin $RiskyUsersDelta.userPrincipalName
3838
} | ForEach-Object {
3939
$riskHistory = if ($_.history) {
4040
$latestHistory = $_.history | Sort-Object -Property riskLastUpdatedDateTime -Descending | Select-Object -First 1
4141
"Previous Risk Level: $($latestHistory.riskLevel), Last Updated: $($latestHistory.riskLastUpdatedDateTime)"
42-
}
43-
else {
42+
} else {
4443
'No previous risk history'
4544
}
46-
45+
4746
# Map risk level to severity
4847
$severity = switch ($_.riskLevel) {
4948
'high' { 'Critical' }
5049
'medium' { 'Warning' }
5150
'low' { 'Info' }
5251
default { 'Info' }
5352
}
54-
53+
5554
@{
5655
Message = "New risky user detected: $($_.userPrincipalName)"
5756
Details = @{
@@ -65,13 +64,12 @@ function Get-CIPPAlertNewRiskyUsers {
6564
}
6665
}
6766
}
68-
67+
6968
if ($AlertData) {
7069
Write-AlertTrace -cmdletName $MyInvocation.MyCommand -tenantFilter $TenantFilter -data $AlertData
7170
}
7271
}
73-
}
74-
catch {
72+
} catch {
7573
Write-AlertMessage -tenant $($TenantFilter) -message "Could not get risky users for $($TenantFilter): $(Get-NormalizedError -message $_.Exception.message)"
7674
}
7775
}

0 commit comments

Comments
 (0)