standards

KelvinTegelaar · KelvinTegelaar · commit ff33992b6770 · 2025-03-21T12:08:30.000+01:00
diff --git a/Modules/CIPPCore/Public/Set-StandardCompareField.ps1 b/Modules/CIPPCore/Public/Set-StandardCompareField.ps1
@@ -6,6 +6,10 @@ function Set-CIPPStandardsCompareField {
     )
     $Table = Get-CippTable -tablename 'CippStandardsReports'
     $TenantName = Get-Tenants | Where-Object -Property defaultDomainName -EQ $Tenant
+    #if the fieldname does not contain standards. prepend it.
+    if ($FieldName -notlike 'standards.*') {
+        $FieldName = "standards.$FieldName"
+    }
     if ($FieldValue -is [System.Boolean]) {
         $fieldValue = [bool]$FieldValue
     } elseif ($FieldValue -is [string]) {
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEXODisableAutoForwarding.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEXODisableAutoForwarding.ps1
@@ -66,7 +66,7 @@ function Invoke-CIPPStandardEXODisableAutoForwarding {
 
     if ($Settings.report -eq $true) {
         $state = $StateIsCorrect ? $true : $CurrentInfo.AutoForwardingMode
-        Set-CIPPStandardsCompareField -FieldName 'AutoForwardingDisabled' -FieldValue $state -TenantFilter $Tenant
+        Set-CIPPStandardsCompareField -FieldName 'standards.AutoForwardingDisabled' -FieldValue $state -TenantFilter $Tenant
         Add-CIPPBPAField -FieldName 'AutoForwardingDisabled' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $tenant
     }
 
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExternalMFATrusted.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExternalMFATrusted.ps1
@@ -66,7 +66,7 @@ function Invoke-CIPPStandardExternalMFATrusted {
     }
     if ($Settings.report -eq $true) {
         $state = $ExternalMFATrusted.inboundTrust.isMfaAccepted ? $true : $ExternalMFATrusted.inboundTrust
-        Set-CIPPStandardsCompareField -FieldName 'ExternalMFATrusted' -FieldValue $ExternalMFATrusted.inboundTrust.isMfaAccepted -TenantFilter $Tenant
+        Set-CIPPStandardsCompareField -FieldName 'standards.ExternalMFATrusted' -FieldValue $ExternalMFATrusted.inboundTrust.isMfaAccepted -TenantFilter $Tenant
         Add-CIPPBPAField -FieldName 'ExternalMFATrusted' -FieldValue $ExternalMFATrusted.inboundTrust.isMfaAccepted -StoreAs bool -Tenant $Tenant
     }
 
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardFocusedInbox.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardFocusedInbox.ps1
@@ -72,7 +72,7 @@ function Invoke-CIPPStandardFocusedInbox {
     }
 
     if ($Settings.report -eq $true) {
-        Set-CIPPStandardsCompareField -FieldName 'FocusedInboxCorrectState' -FieldValue $StateIsCorrect -TenantFilter $Tenant
+        Set-CIPPStandardsCompareField -FieldName 'standards.FocusedInboxCorrectState' -FieldValue $StateIsCorrect -TenantFilter $Tenant
         Add-CIPPBPAField -FieldName 'FocusedInboxCorrectState' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $Tenant
     }
 }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGlobalQuarantineNotifications.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGlobalQuarantineNotifications.ps1
@@ -45,7 +45,7 @@ function Invoke-CIPPStandardGlobalQuarantineNotifications {
 
     if ($Settings.report -eq $true) {
         $ReportState = $CurrentState.EndUserSpamNotificationFrequency -eq $WantedState ? $true : $CurrentState.EndUserSpamNotificationFrequency
-        Set-CIPPStandardsCompareField -FieldName 'GlobalQuarantineNotificationsSet' -FieldValue $ReportState -Tenant $Tenant
+        Set-CIPPStandardsCompareField -FieldName 'standards.GlobalQuarantineNotificationsSet' -FieldValue $ReportState -Tenant $Tenant
         Add-CIPPBPAField -FieldName 'GlobalQuarantineNotificationsSet' -FieldValue [string]$CurrentState.EndUserSpamNotificationFrequency -StoreAs string -Tenant $Tenant
     }
     # Get notification interval using null-coalescing operator
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGuestInvite.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGuestInvite.ps1
@@ -74,7 +74,7 @@ function Invoke-CIPPStandardGuestInvite {
     }
 
     if ($Settings.report -eq $true) {
-        Set-CIPPStandardsCompareField -FieldName 'GuestInvite' -FieldValue $StateIsCorrect -TenantFilter $Tenant
+        Set-CIPPStandardsCompareField -FieldName 'standards.GuestInvite' -FieldValue $StateIsCorrect -TenantFilter $Tenant
         Add-CIPPBPAField -FieldName 'GuestInvite' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $tenant
     }
 }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneComplianceSettings.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneComplianceSettings.ps1
@@ -69,12 +69,14 @@ function Invoke-CIPPStandardIntuneComplianceSettings {
         if ($StateIsCorrect -eq $true) {
             Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Intune Compliance settings is enabled.' -Sev Info
         } else {
-            Write-StandardsAlert -message "Intune Compliance settings is not enabled" -object $CurrentState -tenant $Tenant -standardName 'IntuneComplianceSettings' -standardId $Settings.standardId
+            Write-StandardsAlert -message 'Intune Compliance settings is not enabled' -object $CurrentState -tenant $Tenant -standardName 'IntuneComplianceSettings' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Intune Compliance settings is not enabled.' -Sev Info
         }
     }
 
     if ($Settings.report -eq $true) {
+        $state = $StateIsCorrect ? $true : $CurrentState
+        Set-CIPPStandardsCompareField -FieldName 'standards.IntuneComplianceSettings' -FieldValue $state -Tenant $Tenant
         Add-CIPPBPAField -FieldName 'IntuneComplianceSettings' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $Tenant
     }
 }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneTemplate.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneTemplate.ps1
@@ -116,7 +116,12 @@ function Invoke-CIPPStandardIntuneTemplate {
     }
 
     if ($Settings.report) {
-        #think about how to store this. Consideration: standards are stored seperately from BPA so they can be stored in the same format as the input.
-        Add-CIPPBPAField -FieldName "policy-$displayname" -FieldValue $Compare -StoreAs bool -Tenant $tenant
+        foreach ($Template in $CompareList) {
+            $id = $Template.body.RowKey
+            $Compare = $Template.compare
+            $state = $Compare ? $Compare : $true
+            Set-CIPPStandardsCompareField -FieldName "standards.IntuneTemplate.$id" -FieldValue $state -TenantFilter $Tenant
+        }
+        Add-CIPPBPAField -FieldName "policy-$id" -FieldValue $Compare -StoreAs bool -Tenant $tenant
     }
 }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMDMScope.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMDMScope.ps1
@@ -33,7 +33,7 @@ function Invoke-CIPPStandardMDMScope {
 
     $CurrentInfo = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/policies/mobileDeviceManagementPolicies/0000000a-0000-0000-c000-000000000000?$expand=includedGroups' -tenantid $Tenant
 
-    $StateIsCorrect =   ($CurrentInfo.termsOfUseUrl -eq 'https://portal.manage.microsoft.com/TermsofUse.aspx') -and
+    $StateIsCorrect = ($CurrentInfo.termsOfUseUrl -eq 'https://portal.manage.microsoft.com/TermsofUse.aspx') -and
                         ($CurrentInfo.discoveryUrl -eq 'https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc') -and
                         ($CurrentInfo.complianceUrl -eq 'https://portal.manage.microsoft.com/?portalAction=Compliance') -and
                         ($CurrentInfo.appliesTo -eq $Settings.appliesTo) -and
@@ -44,15 +44,15 @@ function Invoke-CIPPStandardMDMScope {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'MDM Scope already correctly configured' -sev Info
         } else {
             $GraphParam = @{
-                tenantid = $tenant
-                Uri = 'https://graph.microsoft.com/beta/policies/mobileDeviceManagementPolicies/0000000a-0000-0000-c000-000000000000'
-                ContentType = 'application/json; charset=utf-8'
-                asApp = $false
-                type = 'PATCH'
+                tenantid     = $tenant
+                Uri          = 'https://graph.microsoft.com/beta/policies/mobileDeviceManagementPolicies/0000000a-0000-0000-c000-000000000000'
+                ContentType  = 'application/json; charset=utf-8'
+                asApp        = $false
+                type         = 'PATCH'
                 AddedHeaders = @{'Accept-Language' = 0 }
-                Body = @{
+                Body         = @{
                     'termsOfUseUrl' = 'https://portal.manage.microsoft.com/TermsofUse.aspx'
-                    'discoveryUrl' = 'https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc'
+                    'discoveryUrl'  = 'https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc'
                     'complianceUrl' = 'https://portal.manage.microsoft.com/?portalAction=Compliance'
                 } | ConvertTo-Json
             }
@@ -62,19 +62,19 @@ function Invoke-CIPPStandardMDMScope {
                 Write-LogMessage -API 'Standards' -tenant $tenant -message 'Successfully configured MDM Scope' -sev Info
             } catch {
                 $ErrorMessage = Get-NormalizedError -Message $_.Exception.Message
-                Write-LogMessage -API 'Standards' -tenant $tenant -message "Failed to configure MDM Scope." -sev Error -LogData $ErrorMessage
+                Write-LogMessage -API 'Standards' -tenant $tenant -message 'Failed to configure MDM Scope.' -sev Error -LogData $ErrorMessage
             }
 
             # Workaround for MDM Scope Assignment error: "Could not set MDM Scope for [TENANT]: Simultaneous patch requests on both the appliesTo and URL properties are currently not supported."
             if ($Settings.appliesTo -ne 'selected') {
                 $GraphParam = @{
-                    tenantid = $tenant
-                    Uri = 'https://graph.microsoft.com/beta/policies/mobileDeviceManagementPolicies/0000000a-0000-0000-c000-000000000000'
-                    ContentType = 'application/json; charset=utf-8'
-                    asApp = $false
-                    type = 'PATCH'
+                    tenantid     = $tenant
+                    Uri          = 'https://graph.microsoft.com/beta/policies/mobileDeviceManagementPolicies/0000000a-0000-0000-c000-000000000000'
+                    ContentType  = 'application/json; charset=utf-8'
+                    asApp        = $false
+                    type         = 'PATCH'
                     AddedHeaders = @{'Accept-Language' = 0 }
-                    Body = @{
+                    Body         = @{
                         'appliesTo' = $Settings.appliesTo
                     } | ConvertTo-Json
                 }
@@ -89,13 +89,13 @@ function Invoke-CIPPStandardMDMScope {
             } else {
                 $GroupID = (New-GraphGetRequest -Uri "https://graph.microsoft.com/beta/groups?`$top=999&`$select=id,displayName&`$filter=displayName eq '$($Settings.customGroup)'" -tenantid $tenant -asApp $true).id
                 $GraphParam = @{
-                    tenantid = $tenant
-                    Uri = 'https://graph.microsoft.com/beta/policies/mobileDeviceManagementPolicies/0000000a-0000-0000-c000-000000000000/includedGroups/$ref'
-                    ContentType = 'application/json; charset=utf-8'
-                    asApp = $false
-                    type = 'POST'
+                    tenantid     = $tenant
+                    Uri          = 'https://graph.microsoft.com/beta/policies/mobileDeviceManagementPolicies/0000000a-0000-0000-c000-000000000000/includedGroups/$ref'
+                    ContentType  = 'application/json; charset=utf-8'
+                    asApp        = $false
+                    type         = 'POST'
                     AddedHeaders = @{'Accept-Language' = 0 }
-                    Body = @{
+                    Body         = @{
                         '@odata.id' = "https://graph.microsoft.com/odata/groups('$GroupID')"
                     } | ConvertTo-Json
                 }
@@ -115,12 +115,14 @@ function Invoke-CIPPStandardMDMScope {
         if ($StateIsCorrect) {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'MDM Scope is correctly configured' -sev Info
         } else {
-            Write-StandardsAlert -message "MDM Scope is not correctly configured" -object $CurrentInfo -tenant $tenant -standardName 'MDMScope' -standardId $Settings.standardId
+            Write-StandardsAlert -message 'MDM Scope is not correctly configured' -object $CurrentInfo -tenant $tenant -standardName 'MDMScope' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'MDM Scope is not correctly configured' -sev Info
         }
     }
 
     if ($Settings.report -eq $true) {
+        $state = $StateIsCorrect ? $true : $CurrentInfo
+        Set-CIPPStandardsCompareField -FieldName 'standards.MDMScope' -FieldValue $state -TenantFilter $Tenant
         Add-CIPPBPAField -FieldName 'MDMScope' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $tenant
     }
 
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMailContacts.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMailContacts.ps1
@@ -40,11 +40,11 @@ function Invoke-CIPPStandardMailContacts {
     $TechAndSecurityContacts = @($Contacts.SecurityContact, $Contacts.TechContact)
 
     If ($Settings.remediate -eq $true) {
-
-        if ($CurrentInfo.marketingNotificationEmails -eq $Contacts.MarketingContact -and `
-            ($CurrentInfo.securityComplianceNotificationMails -in $TechAndSecurityContacts -or
-                $CurrentInfo.technicalNotificationMails -in $TechAndSecurityContacts) -and `
-                $CurrentInfo.privacyProfile.contactEmail -eq $Contacts.GeneralContact) {
+        $state = $CurrentInfo.marketingNotificationEmails -eq $Contacts.MarketingContact -and `
+        ($CurrentInfo.securityComplianceNotificationMails -in $TechAndSecurityContacts -or
+            $CurrentInfo.technicalNotificationMails -in $TechAndSecurityContacts) -and `
+            $CurrentInfo.privacyProfile.contactEmail -eq $Contacts.GeneralContact
+        if ($state) {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Contact emails are already set.' -sev Info
         } else {
             try {
@@ -94,6 +94,8 @@ function Invoke-CIPPStandardMailContacts {
 
     }
     if ($Settings.report -eq $true) {
+        $ReportState = $state ? $true : $CurrentInfo
+        Set-CIPPStandardsCompareField -FieldName 'standards.MailContacts' -FieldValue $ReportState -Tenant $tenant
         Add-CIPPBPAField -FieldName 'MailContacts' -FieldValue $CurrentInfo -StoreAs json -Tenant $tenant
     }
 }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMalwareFilterPolicy.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMalwareFilterPolicy.ps1
@@ -42,14 +42,14 @@ function Invoke-CIPPStandardMalwareFilterPolicy {
     param($Tenant, $Settings)
     ##$Rerun -Type Standard -Tenant $Tenant -Settings $Settings 'MalwareFilterPolicy'
 
-    $PolicyList = @('CIPP Default Malware Policy','Default Malware Policy')
+    $PolicyList = @('CIPP Default Malware Policy', 'Default Malware Policy')
     $ExistingPolicy = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-MalwareFilterPolicy' | Where-Object -Property Name -In $PolicyList
     if ($null -eq $ExistingPolicy.Name) {
         $PolicyName = $PolicyList[0]
     } else {
         $PolicyName = $ExistingPolicy.Name
     }
-    $RuleList = @( 'CIPP Default Malware Rule','CIPP Default Malware Policy')
+    $RuleList = @( 'CIPP Default Malware Rule', 'CIPP Default Malware Policy')
     $ExistingRule = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-MalwareFilterRule' | Where-Object -Property Name -In $RuleList
     if ($null -eq $ExistingRule.Name) {
         $RuleName = $RuleList[0]
@@ -58,8 +58,8 @@ function Invoke-CIPPStandardMalwareFilterPolicy {
     }
 
     $CurrentState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-MalwareFilterPolicy' |
-        Where-Object -Property Name -EQ $PolicyName |
-        Select-Object Name, EnableFileFilter, FileTypeAction, FileTypes, ZapEnabled, QuarantineTag, EnableInternalSenderAdminNotifications, InternalSenderAdminAddress, EnableExternalSenderAdminNotifications, ExternalSenderAdminAddress
+    Where-Object -Property Name -EQ $PolicyName |
+    Select-Object Name, EnableFileFilter, FileTypeAction, FileTypes, ZapEnabled, QuarantineTag, EnableInternalSenderAdminNotifications, InternalSenderAdminAddress, EnableExternalSenderAdminNotifications, ExternalSenderAdminAddress
 
     $DefaultFileTypes = @('ace', 'ani', 'apk', 'app', 'appx', 'arj', 'bat', 'cab', 'cmd', 'com', 'deb', 'dex', 'dll', 'docm', 'elf', 'exe', 'hta', 'img', 'iso', 'jar', 'jnlp', 'kext', 'lha', 'lib', 'library', 'lnk', 'lzh', 'macho', 'msc', 'msi', 'msix', 'msp', 'mst', 'pif', 'ppa', 'ppam', 'reg', 'rev', 'scf', 'scr', 'sct', 'sys', 'uif', 'vb', 'vbe', 'vbs', 'vxd', 'wsc', 'wsf', 'wsh', 'xll', 'xz', 'z')
 
@@ -83,8 +83,8 @@ function Invoke-CIPPStandardMalwareFilterPolicy {
     $AcceptedDomains = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-AcceptedDomain'
 
     $RuleState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-MalwareFilterRule' |
-        Where-Object -Property Name -EQ $RuleName |
-        Select-Object Name, MalwareFilterPolicy, Priority, RecipientDomainIs
+    Where-Object -Property Name -EQ $RuleName |
+    Select-Object Name, MalwareFilterPolicy, Priority, RecipientDomainIs
 
     $RuleStateIsCorrect = ($RuleState.Name -eq $RuleName) -and
                           ($RuleState.MalwareFilterPolicy -eq $PolicyName) -and
@@ -129,8 +129,8 @@ function Invoke-CIPPStandardMalwareFilterPolicy {
 
         if ($RuleStateIsCorrect -eq $false) {
             $cmdparams = @{
-                Priority            = 0
-                RecipientDomainIs   = $AcceptedDomains.Name
+                Priority          = 0
+                RecipientDomainIs = $AcceptedDomains.Name
             }
 
             if ($RuleState.MalwareFilterPolicy -ne $PolicyName) {
@@ -162,12 +162,14 @@ function Invoke-CIPPStandardMalwareFilterPolicy {
         if ($StateIsCorrect -eq $true) {
             Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Malware Filter Policy is enabled' -sev Info
         } else {
-            Write-StandardsAlert -message "Malware Filter Policy is not enabled" -object $CurrentState -tenant $Tenant -standardName 'MalwareFilterPolicy' -standardId $Settings.standardId
+            Write-StandardsAlert -message 'Malware Filter Policy is not enabled' -object $CurrentState -tenant $Tenant -standardName 'MalwareFilterPolicy' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $Tenant -message 'Malware Filter Policy is not enabled' -sev Info
         }
     }
 
     if ($Settings.report -eq $true) {
+        $state = $StateIsCorrect ? $true : $CurrentState
+        Set-CIPPStandardsCompareField -FieldName 'standards.MalwareFilterPolicy' -FieldValue $state -TenantFilter $Tenant
         Add-CIPPBPAField -FieldName 'MalwareFilterPolicy' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $tenant
     }
 
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMessageExpiration.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMessageExpiration.ps1
@@ -51,12 +51,13 @@ function Invoke-CIPPStandardMessageExpiration {
         if ($MessageExpiration -eq '12:00:00') {
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Transport configuration message expiration is set to 12 hours' -sev Info
         } else {
-            Write-StandardsAlert -message "Transport configuration message expiration is not set to 12 hours" -object $MessageExpiration -tenant $tenant -standardName 'MessageExpiration' -standardId $Settings.standardId
+            Write-StandardsAlert -message 'Transport configuration message expiration is not set to 12 hours' -object $MessageExpiration -tenant $tenant -standardName 'MessageExpiration' -standardId $Settings.standardId
             Write-LogMessage -API 'Standards' -tenant $tenant -message 'Transport configuration message expiration is not set to 12 hours' -sev Info
         }
     }
     if ($Settings.report -eq $true) {
         if ($MessageExpiration -ne '12:00:00') { $MessageExpiration = $false } else { $MessageExpiration = $true }
+        Set-CIPPStandardsCompareField -FieldName 'standards.messageExpiration' -FieldValue $MessageExpiration -TenantFilter $Tenant
         Add-CIPPBPAField -FieldName 'messageExpiration' -FieldValue $MessageExpiration -StoreAs bool -Tenant $tenant
     }
 }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1
@@ -46,6 +46,8 @@ function Invoke-CIPPStandardNudgeMFA {
     }
 
     if ($Settings.report -eq $true) {
+        $state = $StateIsCorrect ? $true : $CurrentState.registrationEnforcement.authenticationMethodsRegistrationCampaign
+        Set-CIPPStandardsCompareField -FieldName 'standards.NudgeMFA' -FieldValue $state -Tenant $Tenant
         Add-CIPPBPAField -FieldName 'NudgeMFA' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $Tenant
     }
 
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsent.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsent.ps1
@@ -80,6 +80,7 @@ function Invoke-CIPPStandardOauthConsent {
         } else {
             $FieldValue = $State
         }
+
         Set-CIPPStandardsCompareField -FieldName 'standards.OauthConsent' -FieldValue $FieldValue -Tenant $tenant
     }
 }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneBrandingProfile.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneBrandingProfile.ps1
@@ -99,8 +99,7 @@ function Invoke-CIPPStandardintuneBrandingProfile {
 
     if ($Settings.report -eq $true) {
         $ReportState = $StateIsCorrect ? $true : $CurrentState
-        Set-CIPPStandardsCompareField -FieldName 'intuneBrandingProfile' -FieldValue $ReportState -TenantFilter $Tenant
+        Set-CIPPStandardsCompareField -FieldName 'standards.intuneBrandingProfile' -FieldValue $ReportState -TenantFilter $Tenant
         Add-CIPPBPAField -FieldName 'intuneBrandingProfile' -FieldValue [bool]$StateIsCorrect -StoreAs bool -Tenant $tenant
     }
 }
- 
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneDeviceReg.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneDeviceReg.ps1
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneRequireMFA.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneRequireMFA.ps1
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardlaps.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardlaps.ps1

Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ function Invoke-CIPPStandardEXODisableAutoForwarding {`
`66`	`66`
`67`	`67`	`if ($Settings.report -eq $true) {`
`68`	`68`	`$state = $StateIsCorrect ? $true : $CurrentInfo.AutoForwardingMode`
`69`		`- Set-CIPPStandardsCompareField -FieldName 'AutoForwardingDisabled' -FieldValue $state -TenantFilter $Tenant`
	`69`	`+ Set-CIPPStandardsCompareField -FieldName 'standards.AutoForwardingDisabled' -FieldValue $state -TenantFilter $Tenant`
`70`	`70`	`Add-CIPPBPAField -FieldName 'AutoForwardingDisabled' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $tenant`
`71`	`71`	`}`
`72`	`72`
Original file line number	Diff line number	Diff line change
`@@ -72,7 +72,7 @@ function Invoke-CIPPStandardFocusedInbox {`
`72`	`72`	`}`
`73`	`73`
`74`	`74`	`if ($Settings.report -eq $true) {`
`75`		`- Set-CIPPStandardsCompareField -FieldName 'FocusedInboxCorrectState' -FieldValue $StateIsCorrect -TenantFilter $Tenant`
	`75`	`+ Set-CIPPStandardsCompareField -FieldName 'standards.FocusedInboxCorrectState' -FieldValue $StateIsCorrect -TenantFilter $Tenant`
`76`	`76`	`Add-CIPPBPAField -FieldName 'FocusedInboxCorrectState' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $Tenant`
`77`	`77`	`}`
`78`	`78`	`}`
Original file line number	Diff line number	Diff line change
`@@ -45,7 +45,7 @@ function Invoke-CIPPStandardGlobalQuarantineNotifications {`
`45`	`45`
`46`	`46`	`if ($Settings.report -eq $true) {`
`47`	`47`	`$ReportState = $CurrentState.EndUserSpamNotificationFrequency -eq $WantedState ? $true : $CurrentState.EndUserSpamNotificationFrequency`
`48`		`- Set-CIPPStandardsCompareField -FieldName 'GlobalQuarantineNotificationsSet' -FieldValue $ReportState -Tenant $Tenant`
	`48`	`+ Set-CIPPStandardsCompareField -FieldName 'standards.GlobalQuarantineNotificationsSet' -FieldValue $ReportState -Tenant $Tenant`
`49`	`49`	`Add-CIPPBPAField -FieldName 'GlobalQuarantineNotificationsSet' -FieldValue [string]$CurrentState.EndUserSpamNotificationFrequency -StoreAs string -Tenant $Tenant`
`50`	`50`	`}`
`51`	`51`	`# Get notification interval using null-coalescing operator`
Original file line number	Diff line number	Diff line change
`@@ -74,7 +74,7 @@ function Invoke-CIPPStandardGuestInvite {`
`74`	`74`	`}`
`75`	`75`
`76`	`76`	`if ($Settings.report -eq $true) {`
`77`		`- Set-CIPPStandardsCompareField -FieldName 'GuestInvite' -FieldValue $StateIsCorrect -TenantFilter $Tenant`
	`77`	`+ Set-CIPPStandardsCompareField -FieldName 'standards.GuestInvite' -FieldValue $StateIsCorrect -TenantFilter $Tenant`
`78`	`78`	`Add-CIPPBPAField -FieldName 'GuestInvite' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $tenant`
`79`	`79`	`}`
`80`	`80`	`}`
Original file line number	Diff line number	Diff line change
`@@ -69,12 +69,14 @@ function Invoke-CIPPStandardIntuneComplianceSettings {`
`69`	`69`	`if ($StateIsCorrect -eq $true) {`
`70`	`70`	`Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Intune Compliance settings is enabled.' -Sev Info`
`71`	`71`	`} else {`
`72`		`- Write-StandardsAlert -message "Intune Compliance settings is not enabled" -object $CurrentState -tenant $Tenant -standardName 'IntuneComplianceSettings' -standardId $Settings.standardId`
	`72`	`+ Write-StandardsAlert -message 'Intune Compliance settings is not enabled' -object $CurrentState -tenant $Tenant -standardName 'IntuneComplianceSettings' -standardId $Settings.standardId`
`73`	`73`	`Write-LogMessage -API 'Standards' -Tenant $Tenant -Message 'Intune Compliance settings is not enabled.' -Sev Info`
`74`	`74`	`}`
`75`	`75`	`}`
`76`	`76`
`77`	`77`	`if ($Settings.report -eq $true) {`
	`78`	`+ $state = $StateIsCorrect ? $true : $CurrentState`
	`79`	`+ Set-CIPPStandardsCompareField -FieldName 'standards.IntuneComplianceSettings' -FieldValue $state -Tenant $Tenant`
`78`	`80`	`Add-CIPPBPAField -FieldName 'IntuneComplianceSettings' -FieldValue $StateIsCorrect -StoreAs bool -Tenant $Tenant`
`79`	`81`	`}`
`80`	`82`	`}`
Original file line number	Diff line number	Diff line change
`@@ -116,7 +116,12 @@ function Invoke-CIPPStandardIntuneTemplate {`
`116`	`116`	`}`
`117`	`117`
`118`	`118`	`if ($Settings.report) {`
`119`		`- #think about how to store this. Consideration: standards are stored seperately from BPA so they can be stored in the same format as the input.`
`120`		`- Add-CIPPBPAField -FieldName "policy-$displayname" -FieldValue $Compare -StoreAs bool -Tenant $tenant`
	`119`	`+ foreach ($Template in $CompareList) {`
	`120`	`+ $id = $Template.body.RowKey`
	`121`	`+ $Compare = $Template.compare`
	`122`	`+ $state = $Compare ? $Compare : $true`
	`123`	`+ Set-CIPPStandardsCompareField -FieldName "standards.IntuneTemplate.$id" -FieldValue $state -TenantFilter $Tenant`
	`124`	`+ }`
	`125`	`+ Add-CIPPBPAField -FieldName "policy-$id" -FieldValue $Compare -StoreAs bool -Tenant $tenant`
`121`	`126`	`}`
`122`	`127`	`}`