[pull] master from KelvinTegelaar:master

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Core/Invoke-ListGraphBulkRequest.ps1

@@ -13,8 +13,8 @@ function Invoke-ListGraphBulkRequest {
     $NoPaginateIds = $Request.Body.noPaginateIds
 
     $GraphRequestParams = @{
-        tenantid = $TenantFilter
-        Requests = @()
+        tenantid      = $TenantFilter
+        Requests      = @()
         NoPaginateIds = $NoPaginateIds ?? @()
     }
 
@@ -53,5 +53,5 @@ function Invoke-ListGraphBulkRequest {
         }
     }
 
-    return $Results
+    return [HttpResponseContext]$Results
 }

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Email-Exchange/Transport/Invoke-ListExConnectorTemplates.ps1

@@ -17,17 +17,19 @@ function Invoke-ListExConnectorTemplates {
         $Filter += " and RowKey eq '$($Request.Query.ID)'"
     }
 
-    $Templates = (Get-CIPPAzDataTableEntity @Table -Filter $Filter)
+    $TemplateRows = (Get-CIPPAzDataTableEntity @Table -Filter $Filter)
 
-    if ($Templates) {
-        $Templates | ForEach-Object {
+    if ($TemplateRows) {
+        $Templates = $TemplateRows | ForEach-Object {
             $GUID = $_.RowKey
             $Direction = $_.direction
             $data = $_.JSON | ConvertFrom-Json
             $data | Add-Member -NotePropertyName 'GUID' -NotePropertyValue $GUID -Force
             $data | Add-Member -NotePropertyName 'cippconnectortype' -NotePropertyValue $Direction -Force
             $data
         } | Sort-Object -Property displayName
+    } else {
+        $Templates = @()
     }
     if ($Request.query.ID) { $Templates = $Templates | Where-Object -Property RowKey -EQ $Request.query.id }
 

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/Autopilot/Invoke-AddAutopilotConfig.ps1

@@ -12,14 +12,18 @@ function Invoke-AddAutopilotConfig {
     $Profbod = [pscustomobject]$Request.Body
     $UserType = if ($Profbod.NotLocalAdmin -eq 'true') { 'standard' } else { 'administrator' }
     $DeploymentMode = if ($Profbod.DeploymentMode -eq 'true') { 'shared' } else { 'singleUser' }
+
+    # If deployment mode is shared, disable white glove (pre-provisioning) as it's not supported
+    $AllowWhiteGlove = if ($DeploymentMode -eq 'shared') { $false } else { $Profbod.allowWhiteGlove }
+
     $profileParams = @{
         DisplayName        = $Request.Body.DisplayName
         Description        = $Request.Body.Description
         UserType           = $UserType
         DeploymentMode     = $DeploymentMode
         AssignTo           = $Request.Body.Assignto
         DeviceNameTemplate = $Profbod.DeviceNameTemplate
-        AllowWhiteGlove    = $Profbod.allowWhiteGlove
+        AllowWhiteGlove    = $AllowWhiteGlove
         CollectHash        = $Profbod.CollectHash
         HideChangeAccount  = $Profbod.HideChangeAccount
         HidePrivacy        = $Profbod.HidePrivacy

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Identity/Administration/Users/Invoke-ListUserCounts.ps1

@@ -56,12 +56,26 @@ Function Invoke-ListUserCounts {
             # Execute bulk request
             $BulkResults = New-GraphBulkRequest -Requests @($BulkRequests) -tenantid $TenantFilter @('Users', 'LicUsers', 'GAs', 'Guests')
 
+            # Check if any requests failed
+            $FailedRequests = $BulkResults | Where-Object { $_.status -ne 200 }
+
+            if ($FailedRequests) {
+                # If any requests failed, return an error response
+                $FailedIds = ($FailedRequests | ForEach-Object { $_.id }) -join ', '
+                $ErrorMessage = "Failed to retrieve counts for: $FailedIds"
+
+                return ([HttpResponseContext]@{
+                    StatusCode = [HttpStatusCode]::InternalServerError
+                    Body       = @{
+                        Error   = $ErrorMessage
+                        Details = $FailedRequests
+                    }
+                })
+            }
+
+            # All requests succeeded, extract the counts
             $BulkResults | ForEach-Object {
-                $Count = if ($_.status -eq 200) {
-                    $_.body.'@odata.count'
-                } else {
-                    'Not available'
-                }
+                $Count = $_.body.'@odata.count'
 
                 switch ($_.id) {
                     'Users' { $Users = $Count }
@@ -72,10 +86,13 @@ Function Invoke-ListUserCounts {
             }
 
         } catch {
-            $Users = 'Not available'
-            $LicUsers = 'Not available'
-            $GAs = 'Not available'
-            $Guests = 'Not available'
+            # Return error status on exception
+            return ([HttpResponseContext]@{
+                StatusCode = [HttpStatusCode]::InternalServerError
+                Body       = @{
+                    Error = "Failed to retrieve user counts: $($_.Exception.Message)"
+                }
+            })
         }
     }
 

Modules/CIPPCore/Public/New-CIPPGroup.ps1

@@ -85,7 +85,7 @@ function New-CIPPGroup {
                 'displayName'        = $GroupObject.displayName
                 'description'        = $GroupObject.description
                 'mailNickname'       = $GroupObject.username
-                'mailEnabled'        = $false
+                'mailEnabled'        = ($NormalizedGroupType -in @('Security', 'M365'))
                 'securityEnabled'    = $true
                 'isAssignableToRole' = ($NormalizedGroupType -eq 'AzureRole')
             }

Modules/CIPPCore/Public/Set-CIPPDefaultAPDeploymentProfile.ps1

@@ -9,7 +9,7 @@ function Set-CIPPDefaultAPDeploymentProfile {
         $CollectHash,
         $UserType,
         $DeploymentMode,
-        $HideChangeAccount,
+        $HideChangeAccount = $true,
         $AssignTo,
         $HidePrivacy,
         $HideTerms,
@@ -23,26 +23,27 @@ function Set-CIPPDefaultAPDeploymentProfile {
 
     try {
         $ObjBody = [pscustomobject]@{
-            '@odata.type'                            = '#microsoft.graph.azureADWindowsAutopilotDeploymentProfile'
-            'displayName'                            = "$($DisplayName)"
-            'description'                            = "$($Description)"
-            'deviceNameTemplate'                     = "$($DeviceNameTemplate)"
-            'language'                               = "$($Language)"
-            'enableWhiteGlove'                       = $([bool]($AllowWhiteGlove))
-            'deviceType'                             = 'windowsPc'
-            'extractHardwareHash'                    = $([bool]($CollectHash))
-            'roleScopeTagIds'                        = @()
-            'hybridAzureADJoinSkipConnectivityCheck' = $false
-            'outOfBoxExperienceSetting'              = @{
+            '@odata.type'                   = '#microsoft.graph.azureADWindowsAutopilotDeploymentProfile'
+            'displayName'                   = "$($DisplayName)"
+            'description'                   = "$($Description)"
+            'deviceNameTemplate'            = "$($DeviceNameTemplate)"
+            'locale'                        = "$($Language ?? 'os-default')"
+            'preprovisioningAllowed'        = $([bool]($AllowWhiteGlove))
+            'deviceType'                    = 'windowsPc'
+            'hardwareHashExtractionEnabled' = $([bool]($CollectHash))
+            'roleScopeTagIds'               = @()
+            'outOfBoxExperienceSetting'     = @{
                 'deviceUsageType'              = "$DeploymentMode"
-                'escapeLinkHidden'             = $([bool]($HideChangeAccount))
+                'escapeLinkHidden'             = $([bool]($true))
                 'privacySettingsHidden'        = $([bool]($HidePrivacy))
                 'eulaHidden'                   = $([bool]($HideTerms))
                 'userType'                     = "$UserType"
                 'keyboardSelectionPageSkipped' = $([bool]($AutoKeyboard))
             }
         }
-        $Body = ConvertTo-Json -InputObject $ObjBody
+        $Body = ConvertTo-Json -InputObject $ObjBody -Depth 10
+
+        Write-Information $Body
 
         $Profiles = New-GraphGETRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/windowsAutopilotDeploymentProfiles' -tenantid $TenantFilter | Where-Object -Property displayName -EQ $DisplayName
         if ($Profiles.count -gt 1) {

Modules/CIPPCore/Public/Set-CIPPPerUserMFA.ps1

@@ -53,15 +53,6 @@ function Set-CIPPPerUserMFA {
         $Requests = New-GraphBulkRequest -tenantid $TenantFilter -scope 'https://graph.microsoft.com/.default' -Requests @($Requests) -asapp $true
         "Successfully set Per user MFA State for $userId"
 
-        $Users = foreach ($id in $userId) {
-            @{
-                userId     = $id
-                Properties = @{
-                    perUserMfaState = $State
-                }
-            }
-        }
-        Set-CIPPUserSchemaProperties -TenantFilter $TenantFilter -Users $Users
         Write-LogMessage -headers $Headers -API $APIName -message "Successfully set Per user MFA State to $State for $id" -Sev Info -tenant $TenantFilter
     } catch {
         $ErrorMessage = Get-CippException -Exception $_

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAutopilotProfile.ps1

@@ -53,21 +53,24 @@ function Invoke-CIPPStandardAutopilotProfile {
         $DisplayName = Get-CIPPTextReplacement -Text $Settings.DisplayName -TenantFilter $Tenant
 
         $CurrentConfig = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/windowsAutopilotDeploymentProfiles' -tenantid $Tenant |
-        Where-Object { $_.displayName -eq $DisplayName } |
-        Select-Object -Property displayName, description, deviceNameTemplate, language, enableWhiteGlove, extractHardwareHash, outOfBoxExperienceSetting, preprovisioningAllowed
+            Where-Object { $_.displayName -eq $DisplayName } |
+            Select-Object -Property displayName, description, deviceNameTemplate, locale, preprovisioningAllowed, hardwareHashExtractionEnabled, outOfBoxExperienceSetting
 
         if ($Settings.NotLocalAdmin -eq $true) { $userType = 'Standard' } else { $userType = 'Administrator' }
-        if ($Settings.SelfDeployingMode -eq $true) { $DeploymentMode = 'shared' } else { $DeploymentMode = 'singleUser' }
-        if ($Settings.AllowWhiteGlove -eq $true) { $Settings.HideChangeAccount = $true }
+        if ($Settings.SelfDeployingMode -eq $true) {
+            $DeploymentMode = 'shared'
+            $Setings.AllowWhiteGlove = $false
+        } else {
+            $DeploymentMode = 'singleUser'
+        }
 
         $StateIsCorrect = ($CurrentConfig.displayName -eq $DisplayName) -and
         ($CurrentConfig.description -eq $Settings.Description) -and
         ($CurrentConfig.deviceNameTemplate -eq $Settings.DeviceNameTemplate) -and
-        ([string]::IsNullOrWhiteSpace($CurrentConfig.language) -and [string]::IsNullOrWhiteSpace($Settings.Languages.value) -or $CurrentConfig.language -eq $Settings.Languages.value) -and
-        ($CurrentConfig.enableWhiteGlove -eq $Settings.AllowWhiteGlove) -and
-        ($CurrentConfig.extractHardwareHash -eq $Settings.CollectHash) -and
+        ([string]::IsNullOrWhiteSpace($CurrentConfig.locale) -and [string]::IsNullOrWhiteSpace($Settings.Languages.value) -or $CurrentConfig.locale -eq $Settings.Languages.value) -and
+        ($CurrentConfig.preprovisioningAllowed -eq $Settings.AllowWhiteGlove) -and
+        ($CurrentConfig.hardwareHashExtractionEnabled -eq $Settings.CollectHash) -and
         ($CurrentConfig.outOfBoxExperienceSetting.deviceUsageType -eq $DeploymentMode) -and
-        ($CurrentConfig.outOfBoxExperienceSetting.escapeLinkHidden -eq $Settings.HideChangeAccount) -and
         ($CurrentConfig.outOfBoxExperienceSetting.privacySettingsHidden -eq $Settings.HidePrivacy) -and
         ($CurrentConfig.outOfBoxExperienceSetting.eulaHidden -eq $Settings.HideTerms) -and
         ($CurrentConfig.outOfBoxExperienceSetting.userType -eq $userType) -and
@@ -94,7 +97,7 @@ function Invoke-CIPPStandardAutopilotProfile {
                     devicenameTemplate = $Settings.DeviceNameTemplate
                     allowWhiteGlove    = $Settings.AllowWhiteGlove
                     CollectHash        = $Settings.CollectHash
-                    hideChangeAccount  = $Settings.HideChangeAccount
+                    hideChangeAccount  = $true
                     hidePrivacy        = $Settings.HidePrivacy
                     hideTerms          = $Settings.HideTerms
                     AutoKeyboard       = $Settings.AutoKeyboard

profile.ps1

@@ -43,7 +43,7 @@ if (!$LastStartup -or $CurrentVersion -ne $LastStartup.Version) {
     Write-Information "Version has changed from $($LastStartup.Version ?? 'None') to $CurrentVersion"
     if ($LastStartup) {
         $LastStartup.Version = $CurrentVersion
-        $LastStartup | Add-Member -MemberType NoteProperty -Name 'PSVersion' -Value $PSVersionTable.PSVersion.ToString()
+        $LastStartup | Add-Member -MemberType NoteProperty -Name 'PSVersion' -Value $PSVersionTable.PSVersion.ToString() -Force
     } else {
         $LastStartup = [PSCustomObject]@{
             PartitionKey = 'Version'

version_latest.txt

@@ -1 +1 @@
-8.5.0
+8.5.1