App report improvement #2
Draft
+1,120
−100
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…ailed metrics * Improved function documentation for clarity. * Expanded the information retrieved about Azure AD applications, including: - Sign-in activity and permissions. - Enhanced logic for determining application source. * Added detailed credential information handling in the output. * Improved error handling and verbose logging for better debugging.
* Enhanced handling of `CustomKeyIdentifier` to support Base64 encoded strings. * Added error handling for decoding failures, providing warnings for problematic entries. * Improved display name extraction with various encoding checks for better reliability.
…ners, delegated permissions, Graph SP info, sign-in activity, sign-in logs, and tenant ID * Implemented `Get-GraphEssentialsAppOwners` to fetch owners for a given application. * Added `Get-GraphEssentialsDelegatedPermissions` to retrieve OAuth2 delegated permissions for a service principal. * Created `Get-GraphEssentialsGraphSpInfo` to obtain information about the Microsoft Graph service principal. * Developed `Get-GraphEssentialsSignInActivityReport` to fetch sign-in activity for service principals. * Introduced `Get-GraphEssentialsSignInLogsReport` to analyze sign-in logs over a specified period. * Added `Get-GraphEssentialsTenantId` to retrieve the tenant ID from the current context.
…cations - Updated `.SYNOPSIS` and `.DESCRIPTION` to include permissions and activity details. - Added detailed statistics and charts for application overview. - Improved handling of application data retrieval and warnings for missing data. - Enhanced formatting for HTML output, including new metrics for first-party and third-party applications.
* Updated the chart rendering logic to include the `-Invisible` parameter for better control over visibility. * This change enhances the report's presentation by allowing for more flexible chart configurations.
…tails and service principal roles * Introduced `Convert-GraphEssentialsAppToReportObject` for detailed application reporting. * Added `Get-GraphEssentialsApplications` to fetch applications with optional filtering. * Implemented `Get-GraphEssentialsSpDetailsAndAppRoles` to gather service principal details and app role assignments. * Enhanced `Get-MyApp` to utilize new functions for improved data retrieval and processing.
… process Service Principal details * Updated parameters to accept `ServicePrincipal` and `ApplicationDetails`. * Improved logic for fetching application permissions and sign-in information. * Refactored output to include detailed information from Service Principals and associated applications. * Removed deprecated function `Get-GraphEssentialsApplications`. * Updated documentation to reflect changes in functionality and parameters.
…eval for Service Principals * Combined Service Principal and Application owners for better reporting. * Updated `Get-GraphEssentialsAppOwners` to fetch owners using `Get-MgServicePrincipalOwner`. * Improved error handling and logging for owner retrieval processes. * Added `ServicePrincipalType` to the output for more context.
…e Principals - Introduced `.PARAMETER ApplicationType` to allow filtering of Service Principals based on their type. - Valid values include 'All', 'AppRegistrations', 'EnterpriseApps', 'MicrosoftApps', and 'ManagedIdentities'. - Enhanced functionality to process and filter Service Principals accordingly.
…cations * Introduced a new parameter `ApplicationType` to specify the type of applications included in the report. * Updated the function to utilize this parameter when retrieving application data.
…eval and error handling * Improved the logic for combining Service Principal and Application owners. * Added detailed error messages when fetching application owners fails. * Utilized a generic list for better performance and management of owner objects. * Ensured unique owner entries by checking for duplicates.
…or handling * Refactored owner retrieval logic to return a richer object for debugging. * Improved error handling for cases when the Service Principal Object ID is not provided. * Updated variable names for clarity and consistency.
… single and multiple SP owners * Enhanced logic to correctly add Service Principal owners to the owner list. * Ensured compatibility with both single object and array types for `$spOwnersRaw`.
…for Graph API responses - Introduced `Get-GraphEssentialsErrorDetails` function to extract structured error information from Microsoft Graph API error responses. - Handles various error formats and provides standardized output including error codes and messages. - Improved error handling in `Get-GraphEssentialsSignInLogsReport` by utilizing the new error details function. - Added checks to skip Service Principals without an `AppId` in `Get-MyApp` to prevent processing errors.
* Refactor commented `Invoke-MyGraphEssentials` calls for better readability. * Remove redundant lines and ensure consistent formatting.
* Uncommented `Get-MyDevice` to allow device information retrieval. * Ensured all `Invoke-MyGraphEssentials` calls are active for comprehensive data collection.
…ation credentials * Implements a new script to check for applications with expiring credentials. * Sends an email notification with details about the application and its credentials. * Enhances the information provided in the email, including owner details and credential status.
…ft Graph * Consolidate connection parameters into a single hashtable for clarity. * Maintain existing functionality while improving code organization.
* Introduced a new script to facilitate the registration of FIDO2 keys with Microsoft Graph. * The script imports the necessary module and establishes a connection with the required scopes. * It creates a new FIDO2 key using specified UPN and display name.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.