v4.5.0 - The William

Welcome to the next release of CIPP - 4.5.0. The William. This release is named after my father whom passed away on this date in 2020. The cocktail is simple. You go to the fridge, and grab the coldest, nearly iced up bottle of Grolsch you can find. It has to be a swing-top bracket-bottle for that amazing "plop" sound when you open it. You then sit back, and enjoy.

In this release we've focused on extending the templating side of things, and we've worked a lot on quality of life improvements, solving minor bugs or weird quirks left and right.

Assign to...anything?!

We've added the capabilities to our templating engine to assign applications and policies to pretty much anything. You can enter the name of the group you'd like to assign something to and CIPP goes and find the group or groups, the great thing is that you can use wildcards too. Want to assign an app to both the Marketing group, and the Marketing Managers group? Just use Marketing* and it gets assigned to both!

GDAP Auto-extend

Microsoft has announced that GDAP can be automatically extended, as long as you do not use the Company Administrator(Global Admin) role. We've prepared this release to allow you to enable Auto-extend. If you hit the button today it won't do much as Microsoft is enabling this API in 3 days.

Large template support

Templates tend to get large, and CIPP sometimes stopped you from creating the template you always dreamed about because it got too big to store. We've changed how we store this and now you can create templates 1000x as big as before.

Feature request galore

We can't write about every single feature we've added, because that would swamp these release notes, but here's some other notable things we've added;

• Fixed a bug where CPV consent sometimes was too fast.
• Introduced the management of Out of Office(Thanks @jack)
• Changed how some standards apply, allowing to leave your customisations in place.
• massively improved the access check and permissions check (Thanks @JohnDuprey)
• Removed a bug that the logbook would not reload after changing dates
• Fixed a bug with audit log standards not applying
• Added a standard to disable SafeSenders to prevent spam/SPF bypass
• Added a standard to require MFA for Intune join.
• Fixed a bug where universal search didn't find the correct user
• Fixed a bug with the global Admins not going to the right page
• Improved bug where actions button would not appear for GDAP relationships
• And so many more.

Fully automated updates

Don't want to manually update your CIPP anymore? We've setup Pull. Pull is a Github application that automatically updates your fork when required. Go to https://github.com/apps/pull to install the tool, select the repositories and you're done! automatic updates forever.

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/. and the MSP Net Friends(netfriends.com)

What's Changed

• Advanced Out of Office Editor by @Jr7468 in #1804
• Fixed spacing by @Jr7468 in #1811
• Used regex to eliminate HTML elements in output by @Jr7468 in #1813
• Permission Checks by @JohnDuprey in #1815
• Add an Edit Mailbox Permissions button when viewing a user by @kris6673 in #1821
• Transport rules page fix by @BNWEIN in #1820
• Tenant Access Check by @JohnDuprey in #1824
• CippTable / Access Check Tweaks by @JohnDuprey in #1830
• Fix various small inconsistencies by @kris6673 in #1829
• Make Universal search remember the user you clicked on by @kris6673 in #1831
• Update ListAppliedStandards.js by @BNWEIN in #1832
• Dev to release by @KelvinTegelaar in #1834

New Contributors

• @kris6673 made their first contribution in #1821

Full Changelog: v4.4.0...v4.5.0

v4.4.0 - My Way

Welcome to the next release of CIPP - 4.4.0 "My Way" - In this release we focused on something everyone can agree with. I want it my way ;)

So I chose that this release was going to have you in the limelight. We tackled almost all feature requests, revamped our settings and allow offboarding defaults, but also looked at some of your most asked for features outside of feature requests and added them.

This release will allow you to save settings for you, and all of yours users from one single location. We also added the ability to add any custom attribute when creating a user, oh and we are giving you the ability to add *any app to any tenant with any permission. Need to add one our of sponsors apps such as HaloPSA or Immybot to every single tenant? Use our automated wizard for that.

We also worked on Quality improvements; we revamped the interface a little to make stuff like the logbook easier to find under the settings header. We also improved the CPV approval process for CIPP making it much faster.

So sit down, put on some smooth jazz and have it my way

App Approvals

Under our Tenant Administration -> Tools menu you'll now find the Application Approval wizard which has the ability to add any application you make to all of your tenants. It doesn't matter whether they need Delegate or Application permissions. You can just select them all and add the app. Need to see it? Check the video below.

CIPP_Apps.mp4

User Attributes

Some of you asked how to add things like "OfficeLocation" or "Department" when adding new users. Instead of adding an infinite list of fields we decided to empower you; You can now add any field you'd like to any new user. Wanna see it to believe it? Check out the other video here:

Recording.2023-10-13.130832.mp4

User Settings

You can now save all your user settings in the API, allowing you to easily move across devices without worrying if you are getting the experience you want. We've also added a button to allow you to save the settings for all users at the same time. This means you can make sure everybody is using the same defaults.

Feature request galore

We can't write about every single feature we've added, because that would swamp these release notes, but here's some other notable things we've added;

• We've added an option to allow you to select a ticket type for the HaloPSA integration
• We've fixed a delivery bug on webhooks to HaloPSA
• We added the ability to add a TenantId to your alerts (thanks @Yoshify!)
• We've added a notification if a new tenant becomes available inside of CIPP
• You can now add guests to groups
• We've added the ability to add parameter sets to the scheduler, making it easier to schedule jobs with optional params.
• We've added a warning when adding company administrator to the GDAP groups.
• We've fixed a bug that would prevent the Tenant Selector from loading when switching pages quickly.
• Table exports now comply with your current filter - only exporting filtered data when one is applied.
• And so many more.

Fully automated updates

Don't want to manually update your CIPP anymore? We've setup Pull. Pull is a Github application that automatically updates your fork when required. Go to https://github.com/apps/pull to install the tool, select the repositories and you're done! automatic updates forever.

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/. and the MSP Net Friends(netfriends.com)

What's Changed

• Wording by @rvdwegen in #1766
• CippTable tweaks and bug fixes by @JohnDuprey in #1767
• Dev to hotfix by @KelvinTegelaar in #1769
• Shipped groupName by @Jr7468 in #1771
• Add compliance portal by @rvdwegen in #1775
• Changed MFA Reregister - User Offcanvas by @Jr7468 in #1783
• CippTable Updates by @JohnDuprey in #1776
• Tenant ID in Alerts by @Yoshify in #1794
• CippDatatable.js by @JohnDuprey in #1796
• Azure AD to Entra ID name change in Standards by @rvdwegen in #1797
• GDAP Wizards and Scheduler by @JohnDuprey in #1798
• RFF ArrayFields by @JohnDuprey in #1801
• Dev to release by @KelvinTegelaar in #1802

New Contributors

• @Jr7468 made their first contribution in #1771
• @Yoshify made their first contribution in #1794

Full Changelog: v4.3.0...v4.4.0

v4.3.0 - It's About Thyme

A couple of days later than usual, but we are proud to introduce to you the next version of CIPP. v4.3.0 - It's about Thyme. This release introduces not one, but two of the most requested features, a new scheduling engine, and better filters for our tables.

Now that's not all of course, because what use is releasing a new version if you don't pack it to the brim with new features? We've done some interface work on the Exchange Management pages for mailboxes, and we've made some improvements to our dashboard where you can now directly click on cards to find the data that powers them.

We've also added a question mark icon on each page, that brings you to that relevant documentation page, so you don't have to look around for the docs when you need them.

So get ready for the It's about Thyme release to knock your socks off. It's a doozy!

Scheduler engine

Under the CIPP menu you'll now find our very own scheduler. This gives you access to CIPPs backend commands to run on a schedule. You'll be able to ship those results to your PSA, email, or a webhook so you can use the data in your own system.

The scheduler has recurrence, the ability to list the results of jobs, and can be scheduled for AllTenants or just some tenants. Of course I know you're wondering how that looks, so check out the screenshot down here.

The scheduler engine code has been made by @ashley-mspgeek. Super thankful for that contribution Ashley!

Better filters for all tables

Previously our tables had one simple filter; you typed text and poof, the data you wanted appeared, but we've had some questions by Power Users that wanted to have more fun with the data. We've added two types of text filters; Complex filters that allow you to query any data, and Graph filters that allow you to ask specifically which data gets returned from the API. Of course, as always we have the documentation for this ready. Go here and filter till your hearts content.

The Graph Filter code was made by @JohnDuprey, great work John!

Feature request galore

We can't write about every single feature we've added, because that would swamp these release notes, but here's some other notable things we've added;

• We've added a dropdown to the Standards on the dashboard with a "see more" button, to keep that screen condensed.
• We've fixed an issue where MS made some fields mandatory for application deployment
• We revisted the Exchange management screen and made it prettier
• We've improved our Halo Mapping and are working on adding more functionality to the Halo Sync.
• We've fixed an issue where the standard to apply the Microsoft Audit log did not apply for older tenants(Thanks for the help Microsoft!)
• We've solved an interface bug there the profile would overlay incorrectly.
• And so many more.

Fully automated updates

Don't want to manually update your CIPP anymore? We've setup Pull. Pull is a Github application that automatically updates your fork when required. Go to https://github.com/apps/pull to install the tool, select the repositories and you're done! automatic updates forever.

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/. and the MSP Net Friends(netfriends.com)

What's Changed

• Dev to hotfix by @KelvinTegelaar in #1733
• Refactor to support new extensions in the future by @lwhitelock in #1735
• Fixed a missed function rename for Halo by @lwhitelock in #1741
• Added Username to top of the BEC page by @BNWEIN in #1751
• Fixed action menu API calls by @rvdwegen in #1755
• Webhook Alerts by @JohnDuprey in #1758
• Make user count cards on dashboard interactable by @rvdwegen in #1740
• Scheduler: Update text and filters by @JohnDuprey in #1760
• CippTable - Graph filter rewrite by @JohnDuprey in #1761
• Dev to release by @KelvinTegelaar in #1765

Full Changelog: v4.2.0...v4.3.0

v4.2.0 - The California Painkiller

Friday release day! Today we're releasing CIPP version 4.2.0 and we've worked hard on bringing you new features and squashing bugs. One of the cool new features in my opinion can be found in the user menu to add shortcuts to OneDrive programmatically. We also built a new report creator for BPA reports, We've also tried to implement quality of life improvements for those little things that could bother you during your day to day, and of course we've tackled about 10 feature requests and reported issues.

Grab your cocktail, sit down, and strap in. We're going for a ride.

BPA Report building

Our trusty @JohnDuprey took a moment(or more, a couple of moments) to create our new BPA report builder that you can find under the tools menu. This report builder allows you to easily compile a report instead of having to work with JSON data. You just click on the fields you want, copy it to your Github and you're off to the races.

Template editing

We've implemented Monaco, which is a Visual Studio code plugin into CIPP. Monaco allows you to edit all templates inside of CIPP. Made a mistake copy and pasting? want to change a template 'true' to 'false'? Change a group name? all possible using the Template editor and viewer. This also allows you to add IPs to Conditional Access, or create an entirely new template by simply changing the IDs.

OneDrive Shortcuts

In the user menu you'll find a new method to add a shortcut to a user's OneDrive. This is the same method as a user pressing "Add Shortcut to OneDrive" from the menu in SharePoint. you can use this to move your users over from the classic syncing, to using shortcuts. Shortcuts use the new OneDrive syncing engine so aren't troubled by file limits and sync issues as much as classically added sites.

To use the new feature, you do need to add a permission and run the CPV Refresh. Make sure you do that beforehand!

Other new features and bug fixes

We can't write about every single feature we've added, because that would swamp these release notes, but here's some other notable things we've added;

• We've added multi-select to the Offboarding wizard. Allowing you to easily give access to multiple mailbox/onedrives/etc in one go.
• The Dashboard now shows you're on All Tenants and does not try to retrieve data
• We fixed an issue with deploying group templates
• We've added the ability to make dropdowns for bulk actions
• We've fixed an issue with deploying CA without any locations.
• We've fixed an issue with the tenant search not always finding results when you don't use an exact match.
• We've fixed an issue with spacing on some pages
• We've added tooltips in a bunch of locations, making texts a little clearer
• We've resolved an issue with OutBoundSpamAlerts not always clearing.
• And so many more.

Fully automated updates

Don't want to manually update your CIPP anymore? We've setup Pull. Pull is a Github application that automatically updates your fork when required. Go to https://github.com/apps/pull to install the tool, select the repositories and you're done! automatic updates forever.

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/. and the MSP Net Friends(netfriends.com)

What's Changed

• Frontend tweaks by @JohnDuprey in #1721
• BPA Field Builder by @JohnDuprey in #1723
• Switch to BPA Report schema for builder by @JohnDuprey in #1725
• BPA Report Builder - Load/Publish by @JohnDuprey in #1727
• Add stretched-link to collapses by @JohnDuprey in #1728
• Dev to release by @KelvinTegelaar in #1732

Full Changelog: v4.1.0...v4.2.0

v4.1.0

We interrupt our regular release schedule to bring you a regular release!

I'm trying to get my calendar synced up again to allow for our normal release schedule every Friday, so this is the last release you can expect on a non-Friday for a good long time ago. Our next releases will be following our cadence of every Friday, every two weeks again.

Now, onto the actual details of this release, because this release is especially cool for those that were deployment shy, or worried about the setup of CIPP.

New way of handling token authentication

This release removes the entire need for clearing your token cache, an issue that most people struggled with as it required you to go into the Azure backend to restart applications, change variables, and change them back. It was a little bit annoying to us too; Azure Function Apps has a caching mechanism for tokens that lasts 24 hours or until a configuration change. We've decided to no longer rely on the Azure Function app to give us our tokens, but to retrieve them ourselves. Now that's some technical babble but for you it means a couple of things;

• You never need to clear your token cache again
• Your token is instantly updated the moment you run the SAM wizard.
• You can easily test and change accounts or entire tenants without needing to change the configuration too much.

Conditional Access Templates updates

Conditional Access Templates have gotten an overhaul; we now include named locations inside of the templates. If you created templates before you'll have to re-template them to include the named location information. If you deploy a Conditional Access Template that has a named locations, the named location will automatically be added to the Tenant. If a named location with the same name already exists, it'll use the existing one!

This improvement is going to be implemented in a lot more locations - Group templates, Users, and other unique identifiers will start being translated to their named equivalents, so that'll allow you to easily deploy any type of template to any template and retain the relationships!

Special thanks to Ashley Cooper for the feedback on this.

Other new features and bug fixes

We can't write about every single feature we've added, because that would swamp these release notes, but here's some other notable things we've added;

• The All Tenant Reports should now run a little smoother and faster thanks to @JohnDuprey.
• The All Tenants license report now reports failures directly inside of the table, so it's easier to filter out failed requests.
• We've fixed a bug with the automatic mapping for tenants when inviting them using the GDAP wizard.
• We've added a standard to disable Basic SMTP Authentication
• We resolved an issue that occurred when loading results from multi-selected objects.
• We've improved webhook performance by adding prefiltering.

Fully automated updates

Don't want to manually update your CIPP anymore? We've setup Pull. Pull is a Github application that automatically updates your fork when required. Go to https://github.com/apps/pull to install the tool, select the repositories and you're done! automatic updates forever.

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/. and the MSP Net Friends(netfriends.com)

What's Changed

• BPA - Single Tenant/Table Refresh by @JohnDuprey in #1694
• Dev to release by @KelvinTegelaar in #1697
• Footer spacing fix by @rvdwegen in #1699
• Remove repoUrl variable from deployment templates by @rvdwegen in #1702
• Autopilot import by @JohnDuprey in #1704
• Dev to release by @KelvinTegelaar in #1711

Full Changelog: v4.0.0...v4.1.0

v4.0.0 - The Vesper Martini

It has been a while since I wrote these release notes, almost 3.5 weeks! I am use to writing them each week but for this release we took some extra time, put all of our love into it and created the masterpiece of CIPP v4.0.0 - The Vesper Martini.

We're calling this the Vesper Martini because this release might just make you feel a little bit like James Bond, it brings clarity, spycraft, and gadgets together and wraps it up in one cool package.

This version contains so many cool new features that it's hard for me to pick out specific ones to talk about. First we've consulted closely with Microsoft and they have confirmed that they are allowing all tenants, no matter the license level access to the Management API for Audit logs. This is huge news for CIPP as the only reason we held off on this is because we didn't want to impede on MS's license terms.

So, let's get started on the new features shall we?

Audit Log API and Webhook Alerts

This release has the ability to ingest webhook alerts from the audit log API, we receive the audit logs, store the IPs in a special database, and compare the IPs against our central Geo-IP database.

This means you can alert on new Mailbox rules, New Admins that are added to tenants, logons from non-allowed locations, all without the requirement of a P1/P2 subscription. When these events happen, you either receive a PSA ticket, or a email/webhook if configured that looks something like the one below;

You'll be able to immediately jump to the right page using the button and take action if required. These alerts are sent as soon as they come in from Microsoft so you'll be able to react so much faster than ever before.

Required Actions

As always, perform a permission check after release. You'll have to add some permissions to your CIPP environment to make this all work.

Best Practice Analyser - Custom Reports

The entire Best Practice Analyser has gotten an overhaul, not only is reporting more accurate now, but we're also giving you the ability to create your own reports.

You read that right. You can now use our JSON templating engine to write your own reports. Take a look at the existing templates to start creating your own, or saunter over to our docs at docs.cipp.app to get some more help on customizing these reports.

Because we give you the ability to call any Graph or Exchange API, this also means it become simple to add reports for specific compliance standards, CIS, ISO, Cyber Essentials+, all of these can be added easily and reported on.

But that's not all we've done to BPA, because we also heard your ask about overview reports for a single tenant. That's been added too where you can even add description fields and expected results to overviews:

Other new features

We can't write about every single feature we've added, because that would swamp these release notes, but here's some other notable things we've added;

• There is now a Geo-ip lookup tool under Tools
• The Tenant Access Checker now checks the GDAP permissions and roles if you are in the required groups.
• We've added the ability to remove GDAP roles (Thanks @JohnDuprey)
• The alerts can now be filtered by severity, no more receiving Info level alerts
• The Tenant Lookup tool under tools now supports the ID too, instead of just domain names.
• We've added the Azure Cloud Shell under the backend options, so you can easily jump to that environment with some templated information
• We've added a new standard for disabling OneDrive shortcuts(Thanks @redanthrax!)
• We've added a new standard for oauth phising while leaving low-level permissions allowed.
• We've added the ability to deploy templates in a specific state for Conditional Access, not having to rely on the state inside of the template.
• And so so much more, many bug fixes, many QoL improvements.

Fully automated updates

Don't want to manually update your CIPP anymore? We've setup Pull. Pull is a Github application that automatically updates your fork when required. Go to https://github.com/apps/pull to install the tool, select the repositories and you're done! automatic updates forever.

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/, Gradient at https://www.meetgradient.com/ and Rewst at https://rewst.io/.

We also welcome a new sponsor today! The MSP NetFriends(netfriends.com) is now a logo sponsor! this is the first MSP to achieve this level of sponsorship and we are super thankful that they have decided to sponsor us at this level.

What's Changed

• Correct client Azure portal link by @PeakeIT in #1647
• fix launch settings for https node 18 enforcement by @redanthrax in #1645
• standards tooltip added onedrive shortcut standard by @redanthrax in #1649
• Update ListLicences.js by @DChorn-ANS in #1659
• Update MEMListPolicyTemplates.js by @DChorn-ANS in #1657
• Dev by @BNWEIN in #1656
• removed ssl, fixed ws hotreload, azurite location by @redanthrax in #1664
• added chrome debug launch, task casing/formatting by @redanthrax in #1668
• Azure Cloud Shell by @JohnDuprey in #1671
• Fix input validation to support both domain and GUID by @rvdwegen in #1670
• CellBooleanformatter fix by @DChorn-ANS in #1675
• Added Functionality to CIPP Notifications so you can filter by severity by @BNWEIN in #1665
• M365 Portal Change by @JohnDuprey in #1679
• Add Delete GDAP Role Mapping by @JohnDuprey in #1677
• Update M365Licenses.json by @STG-Tanner in #1678
• BPA - Set report template in state for tenant change by @JohnDuprey in #1690
• Dev to release by @KelvinTegelaar in #1692

New Contributors

• @PeakeIT made their first contribution in #1647
• @STG-Tanner made their first contribution in #1678

Full Changelog: v3.8.0...v4.0.0

v3.8.0 - The Elephant in the Room

Today I am excited to announce version v3.8.0 - The Elephant in the Room. This version is packed with new features and bug fixes - We've cleared almost all of our feature requests lists and would like to thank our sponsors for some wonderful ideas!

This release has backend changes that allow us to gain easier flexibility in some of the ways we execute actions, but you're not looking for the backend fixes are you? You want to know what we've done to improve this release.

In the last two weeks we've focused on bringing you what you want. We've added 15 feature requests. Next to our GDAP migration wizard we now have the GDAP setup wizard too. No need to mess around adding the roles and waiting in the portal. You generate the request and after accepting, the rest just happens on it's own.

We've added the ability to copy all groups a user is in, that includes Teams, but also distribution groups, allowing you to easily copy a templated user to another. We've also solved a bunch of QoL things such as jumping to the offboarding wizard directly from a user, fixing the tenant selector, resolving an issue with our invite script.

But all of that pales in the awesome new features we're bringing you this time around. Let's talk about those new features.

API Access

Yup! you're reading that right. From now on you'll be able to use the CIPP-API directly in your own scripts. Now this is still in preview, but you can activate the API and have fun. Our API documentation can be found here: https://docs.cipp.app/api-documentation/setup-and-authentication

NCE Reporting and alerting

We've been in direct contact with MS to get some new APIs, and boy have they delivered. There are still some minor bugs in the API but most of them are in a state where we can use them! We've added a new alert that can send you an email when your licenses are reaching the end of their term, but that's not all. We've also upgraded our License reporting to show you what the estimated term is for a license, when it was created, when it will expire, and so much more information!

Fully automated updates

Don't want to manually update your CIPP anymore? We've setup Pull. Pull is a Github application that automatically updates your fork when required. Go to https://github.com/apps/pull to install the tool, select the repositories and you're done! automatic updates forever.

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/, Gradient at https://www.meetgradient.com/ and Rewst at https://rewst.io/.

Cocktail recipe

3/4 oz Scotch (Cutty Sark Prohibition)
3/4 oz Smith & Cross Rum
3/4 oz Aperol
1/2 oz Cynar
1/4 oz Maraschino (Luxardo)

Stir with ice, strain into a double old fashioned glass with a large ice cube, and garnish with an orange twist.

What's Changed

• version update by @KelvinTegelaar in #1590
• Fixed issue with archive values by @BNWEIN in #1623
• Pull - Automatic updates by @JohnDuprey in #1627
• Adding CellTip to CoverbyCA and Licensed Users Filter by @DChorn-ANS in #1631
• GDAP Invites by @JohnDuprey in #1636
• Initial portal centralization by @rvdwegen in #1635
• Connector and Transport Fixes by @DChorn-ANS in #1638
• New standard and padding adjustments by @DChorn-ANS in #1639
• Dev to release by @KelvinTegelaar in #1640
• Tenant Selector bug fix
• Hide from GAL bugfix
• Bulk operations bug fix
• Standards bug fixes

New Contributors

@ashley-mspgeek has added a scheduling engine we'll be using the future. Give a hand to our new contributors.

Full Changelog: v3.7.0...v3.8.0

v3.7.0

Today I am excited to announce version v3.7.0 of CIPP! It's been a bit longer than expected to generate this release due to some unforeseen business, but we're back on track. This release also contains some solutions for that.

This release has mostly backend fixes, including dashboard alerts. From now on your CIPP will show a clear alert if there is a misconfiguration active. This will also include a link to try and resolve this, such as alerts for Run From Package mode. This release also contains a fix for licenses not showing up in reports, and fixes an issue with the MFA reports not working for older DAP clients.

At the heart of this release is the simplification and organization of our system. We've turned complex scripts into separate functions, akin to organizing a jumbled toolbox into neat sections, each containing a tool for a specific task like license removal or shared mailbox creation. This sets a strong groundwork for future updates, one of the most thrilling of which is the introduction of scheduling capabilities, giving you the ability to automate tasks.

This fix should potentially also clear up some issues with our offboarding wizard so test that out and report back!

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/, Gradient at https://www.meetgradient.com/ and Rewst at https://rewst.io.

We hope you enjoy this latest release!

What's Changed

• Replaced Endpoint portal link with Intune by @rvdwegen in #1570
• User license fix by @JohnDuprey in #1571
• Footer spacing fix by @rvdwegen in #1572
• Added List Devices link to dashboard by @rvdwegen in #1574
• Add Sharepoint Quota to dashboard by @rvdwegen in #1580
• Updated Intune Wipe Actions by @gigacodedev in #1584
• Update BestPracticeAnalyser.js by @BNWEIN in #1583
• GDAP Relationship tweak by @JohnDuprey in #1585
• Dev to release by @KelvinTegelaar in #1587
• Dev by @KelvinTegelaar in #1588

New Contributors

• @gigacodedev made their first contribution in #1584. We'd like to give special thanks to Giga and are glad he is contributing to our project!

Full Changelog: v3.6.0...v3.7.0

v3.6.0 - The Spoony

Hey there, CIPP'ers! Our CIPP crew has been shaking and stirring things up behind the scenes, and it's time to unveil our latest concoction: "The Spoony". This release is brimming with zesty new features, refreshing bug fixes, and a splash of fun to keep things lively.

Let's kick off with some major announcements. We're rolling out the red carpet to welcome our newest sponsors: Rewst and Gradient. Rewst is sponsoring at the logo level so be prepared to see them inside of the app you use ever day! Gradient has chosen to sponsor at the extension level, which allows us to create an extension specifically for each vendor.

With Gradient, we're integrating with their Synthesize Billing Reconciliation and Alerting product, which means alerts generated by CIPP and all license information from all your tenants are pushed to their platform automatically. To get set up, have a look at the setup manual: Setup

Our HaloPSA integration lets you map your clients to M365 accounts within CIPP, and have alerts delivered directly to HaloPSA for everything that CIPP can alert on. This ensures tickets are always created under the right client. Watch this space for more HaloPSA functionality coming to CIPP, as we're rapidly expanding this.

And we're just getting started. This release also comes with some serious upgrades to our Standards engine. We've added the ability to deploy templates as part of a standard, ensuring your tenants stay updated with the information in the template every 3 hours. From keeping Conditional Access policies in check to managing Intune Policies, Exchange Connectors, or Transport rules - we've got you covered.

Performance upgrades? We've got those too. Take a look at the Users page, which now loads faster than ever, or our new alert for when Microsoft starts enforcing Security Defaults for your tenant. There's so much content in this release it's getting hard to track!

We would like to express our appreciation to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/, Rewst at https://rewst.io and Gradient at https://www.meetgradient.com/

Enjoy the latest release!

About Extensions

Extensions are our specialty, we want CIPP to be usable with as many products as there are in the market, but we don't accept PRs for extensions and they're only added by the CIPP team. This makes sure we can keep them secure, always maintain them.

Vendors who want to have an extension in CIPP need to become sponsors. This extension level sponsorship allows us to keep serving up CIPP for free. More sponsors mean more innovative features, more products we integrate with, and less cost for you as an end-user.

So, if you want to see more Extensions for your PSA or RMM, or any other product, reach out to your PSA or RMM vendor account managers, tell them about CIPP and forward them these release notes. There's specialized start-up vendor sponsorships and if any vendor wants to talk about integrating into CIPP, we're always open to that. Vendors can find out more about joining the mix by visiting https://cipp.app/pricing/

Other News

Next to all the great CIPP news I also want to take the time to introduce to you a new open source resource created by Ashley Cooper and myself. The MSP KB: https://docs.themspkb.com/

The MSP KB is an Open Source Educational website for anyone entering the MSP market, or who needs to know more about how we work as MSPs. The greatest thing about it is that it's entirely free, and 100% collaborative. Feel free to edit, add, or suggest changes!

Thanks for joining us for this round of "The Spoony" Release. We hope you enjoy these updates as much as we've enjoyed mixing them up for you. Cheers to using CIPP!

What's Changed

• The Users page now loads faster, thanks to some serious performance upgrades.
• You can now deploy Transport Rule Templates, Intune Templates, and Conditional Access Templates as standards, keeping your entire environment in check and allowing single click deploys for any new tenant.
• New extensions: Gradient and HaloPSA.
• We've added caching for pages that might take long to load to prevent function timeouts.
• New Intune standard: Device Retirement policy.
• Authenticator Lite disablement standard.
• List enterprise applications.
• Dashboard now includes partner relationships.
• We've fixed an issue where exports didn't support nested objects.
• Webhooks Alerts now sent when email is not configured or encounters an issue.
• Alert for Security Defaults implementation force by Microsoft.

Full Changelog: v3.5.0...v3.6.0

v3.5.0

Version 3.5.0 - The Temptation

We are thrilled to introduce version 3.5.0, a feature-rich update loaded with numerous convenience features and significant changes.

With this release, we've overhauled the dashboard for a more accessible overview of your tenants, their applied standards, and direct access to their respective portals.

Moreover, we've incorporated templating for Endpoint Security policies alongside existing supported policies, streamlining the setup process for Bitlocker, Antivirus Policies, and other policy types.

We've added Microsoft LAPS support, complete with a new standard for deploying it to your tenants, an Intune Template Library example template, and the ability to retrieve LAPS passwords via the devices overview.

Additionally, we've included standards for setting Default Calendar permissions for all company employees and limiting the maximum number of devices that can join via Intune. Explore the detailed release notes for more information on all new features.

Our Tenant Tools have been enhanced and the menu restructured, featuring a Tenant Lookup that allows domain name searches to reveal tenant information, including registered domains—particularly useful during discovery or migrations.

We've also added a GDAP overview where you can see and terminate GDAP relationships easily, and finally some tables have received Graph Filters, allowing you to filter API sided instead of just locally.

We would like to express our appreciation to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, and Datto at https://datto.com/. Enjoy the latest release!

The cocktail

From now on, we're including the cocktail recipes because of popular demand. Want to make it a mocktail instead? Replace the alcohol with soda water or juices to mix it up even more!

Recipe:

2 oz gin
1 oz elderflower liqueur
1/2 oz lime juice, freshly squeezed
1/2 oz simple syrup
3-4 fresh basil leaves
Club soda
Ice
Lime wheel and basil sprig for garnish

Instructions:

In a cocktail shaker, combine the gin, elderflower liqueur, lime juice, simple syrup, and basil leaves.
Muddle the basil leaves gently to release their flavor.
Fill the shaker with ice and shake well until chilled.
Strain the mixture into a glass filled with fresh ice.
Top with club soda to taste.
Gently stir the cocktail to combine.
Garnish with a lime wheel and a sprig of basil.
Enjoy responsibly as you explore the new features in version 3.5.0!

What's Changed

• Changed wording by @BNWEIN in #1499
• Updated "tokens" references to token by @rvdwegen in #1503
• Replaced AAD portal with Entra by @rvdwegen in #1504
• Update portal links to Entra and Intune links by @rvdwegen in #1505
• Graph Filter support by @JohnDuprey in #1506
• Tenant overview tweaks by @JohnDuprey in #1516
• Added LAPS support
• Added Intune Endpoint Security Policy support
• Added All Tenants support to several pages
• Added Tenant Lookup tool
• Revamped Dashboard
• Added Alerts are actual alerts on all pages instead of just dashboard
• Added "Restrict guest user access to directory objects" standard
• Added "Enable LAPS on tenant" standard
• Added "Maximum number of joinable device per user" standard
• Added "Set outbound spam alert" standard
• Added "Set Default Sharing Level for calendar" standard
• Added new backend method of retrieving AllTenants and generic get requests
• Added Ability to remove GDAP relationships
• Fixed bug where tenant cache was not used by @JohnDuprey.
• Fixed issue with false positives on SSPR due to null values
• Fixed issue where data did not show up due to capitalization issues.
• Added Graph Filters to several tables
• Many small interface bug tweaks and fixes
• Tenant selector tweaks by @JohnDuprey in #1518
• GDAP Relationships overview by @JohnDuprey in #1519

Full Changelog: v3.4.0...v3.5.0

New Feature Screenshots

Dashboard

Tenant Lookup

LAPS

GDAP Relationships