Merge pull request #5438 from microsoft/Dev

Release 1.24.1120.1

.github/PULL_REQUEST_TEMPLATE.md

@@ -11,3 +11,23 @@
     - Fixes #123
     - Fixes #124
 -->
+
+#### Task list
+
+<!--
+    To aid community reviewers in reviewing and merging your PR, please take the time to run
+    through the below checklist and make sure your PR has everything updated as required.
+
+    Change to [x] for each task in the task list that applies to your PR. For those task that
+    don't apply to you PR, leave those as is.
+-->
+
+- [ ] Added an entry to the change log under the Unreleased section of the file CHANGELOG.md.
+      Entry should say what was changed and how that affects users (if applicable), and
+      reference the issue being resolved (if applicable).
+- [ ] Resource parameter descriptions added/updated in the schema.mof.
+- [ ] Resource documentation added/updated in README.md.
+- [ ] Resource settings.json file contains all required permissions.
+- [ ] Examples appropriately added/updated.
+- [ ] Unit tests added/updated.
+- [ ] New/changed code adheres to [DSC Community Style Guidelines](https://dsccommunity.org/styleguidelines).

CHANGELOG.md

@@ -1,6 +1,86 @@
 # Change log for Microsoft365DSC
 
-# UNRELEASED
+# 1.24.1120.1
+
+* AADAdminConsentRequestPolicy
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADAuthenticationMethodPolicyAuthenticator
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADAuthenticationMethodPolicyEmail
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADAuthenticationMethodPolicyExternal
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADAuthenticationMethodPolicyFido2
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADAuthenticationMethodPolicyHardware
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADAuthenticationMethodPolicySms
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADAuthenticationMethodPolicySoftware
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADAuthenticationMethodPolicyTemporary
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADAuthenticationMethodPolicyVoice
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADAuthenticationMethodPolicyX509
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADConditionalAccessPolicy
+  * Fixed bug where a null value was passed in the request for the
+    excludePlatforms parameter when just values were assigned to includePlatforms, which throws an error.
+  * Fixed bug where a null value was passed in the request for the
+    sessionControl parameter when there are no session controls, which throws an error.
+  * Fixed bug where a null value was passed in the request for the
+    applicationEnforcedRestrictions parameter when value was set to false, which throws an error.
+* AADDeviceRegistrationPolicy
+  * Added error handling to Group display name retrieval to prevent errors
+    when an assigned group no longer exists.
+* AADRoleAssignmentScheduleRequest
+  * Initial release.
+* AADRoleEligibilityScheduleRequest
+  * Adds support for custom role assignments at app scope.
+* AADRoleSettings
+  * Fixing issue where the ActivateApprover parameter isn't processed correctly
+    when an approver does not exist.
+    FIXES [#5423](https://github.com/microsoft/Microsoft365DSC/issues/5423)
+    FIXES [#5415](https://github.com/microsoft/Microsoft365DSC/issues/5415)
+* ADOSecurityPolicy
+  * Fixed an error in the export when using a Service Principal to authenticate.
+* AzureBillingAccountPolicy
+  * Initial release.
+* IntuneDeviceConfigurationPolicyAndroidDeviceOwner
+  * Fixed issue when properties `DetailedHelpText`,
+    `DeviceOwnerLockScreenMessage` or `ShortHelpText` were defined but the
+    request was not being sent correctly
+    FIXES [#5411](https://github.com/microsoft/Microsoft365DSC/issues/5411)
+* IntuneDiskEncryptionPDEPolicyWindows10
+  * Initial release.
+* IntuneFirewallRulesHyperVPolicyWindows10
+  * Initial release.
+* IntuneFirewallRulesPolicyWindows10ConfigMgr
+  * Initial release.
+* IntuneMobileAppConfigurationPolicyIOS
+  * Initial release.
+* SCPolicyConfig
+  * Fixed an issue extracting empty groups properties.
+* TeamsUpdateManagementPolicy
+  * Added conversion of the UpdateTimeOfDay parameter to the local culture format
+    so that the comparison will work consistently.
+    FIXES [#5424](https://github.com/microsoft/Microsoft365DSC/issues/5424)
+* M365DSCDRGUtil
+  * Improve CIM instance detection for specific Intune resources.
+
+# 1.24.1113.1
 
 * AADConditionalAccessPolicy
   * Fixed bug where an empty value was passed in the request for the
@@ -30,8 +110,7 @@
     FIXES [#5384](https://github.com/microsoft/Microsoft365DSC/issues/5384)
 * IntuneEndpointDetectionAndResponsePolicyWindows10
   * Remove changed property name from export.
-    FIXES [#5300](https://github.com/microsoft/Microsoft365DSC/issues/5300)
-* IntuneSecurityBaselineMicrosoftEdge
+    FIXES [#5300](https://github.com/microsoft/Microsoft365DSC/issues/5300)* IntuneSecurityBaselineMicrosoftEdge
   * Deprecate property `authschemes` and replace with `AuthSchemes_AuthSchemes`
 * M365DSCDRGUtil
   * Restrict CIM instance access to properties that appear multiple times.

Modules/Microsoft365DSC/DSCResources/MSFT_AADAdminConsentRequestPolicy/MSFT_AADAdminConsentRequestPolicy.psm1

@@ -97,10 +97,22 @@ function Get-TargetResource
             elseif ($reviewer.Query.Contains('/groups/'))
             {
                 $groupId = $reviewer.Query.Split('/')[3]
-                $groupInfo = Get-MgGroup -GroupId $groupId
-                $entry = @{
-                    ReviewerType = 'Group'
-                    ReviewerId   = $groupInfo.DisplayName
+                try
+                {
+                    $groupInfo = Get-MgGroup -GroupId $groupId -ErrorAction SilentlyContinue
+                    $entry = @{
+                        ReviewerType = 'Group'
+                        ReviewerId   = $groupInfo.DisplayName
+                    }
+                }
+                catch
+                {
+                    $message = "Group with ID $groupId specified in Reviewers not found"
+                    New-M365DSCLogEntry -Message $message `
+                        -Source $($MyInvocation.MyCommand.Source) `
+                        -TenantId $TenantId `
+                        -Credential $Credential
+                    continue
                 }
             }
             elseif ($reviewer.Query.Contains('directory/roleAssignments?$'))

Modules/Microsoft365DSC/DSCResources/MSFT_AADApplication/MSFT_AADApplication.psm1

@@ -457,13 +457,19 @@ function Get-TargetResource
             }
             #endregion
 
+            $IdentifierUrisValue = @()
+            if ($null -ne $AADApp.IdentifierUris)
+            {
+                $IdentifierUrisValue = $AADApp.IdentifierUris
+            }
+
             $result = @{
                 DisplayName             = $AADApp.DisplayName
                 AvailableToOtherTenants = $AvailableToOtherTenantsValue
                 Description             = $AADApp.Description
                 GroupMembershipClaims   = $AADApp.GroupMembershipClaims
                 Homepage                = $AADApp.web.HomepageUrl
-                IdentifierUris          = $AADApp.IdentifierUris
+                IdentifierUris          = $IdentifierUrisValue
                 IsFallbackPublicClient  = $IsFallbackPublicClientValue
                 KnownClientApplications = $AADApp.Api.KnownClientApplications
                 LogoutURL               = $AADApp.web.LogoutURL