search

microsoft / Microsoft365DSC

Manages, configures, extracts and monitors Microsoft 365 tenant configurations
https://aka.ms/M365DSC
MIT License
1.59k stars 500 forks source link

New resource for Entra ID password protection settings #4795

Closed YenNantes closed 1 month ago

YenNantes commented 4 months ago

Description of the issue

Hi, Would it be possible to build a new M365 DSC resource for Entra IP password protection settings. The API to use is that one: https://learn.microsoft.com/en-us/graph/api/resources/directorysetting?view=graph-rest-beta

there are different type of directory settings objects (e.g. Group.unified, Consent policy settings, Password rule settings) The right object is the one with templateId -eq "5cf42378-d67d-4f36-ba46-e8b86229381d" (Password rules Settings)

Thanks

Microsoft 365 DSC Version

N/A

Which workloads are affected

Azure Active Directory (Entra ID)

The DSC configuration

No response

Verbose logs showing the problem

PS C:\script\AzureADConfig> Get-MgBetaDirectorySetting |where {$_.templateId -eq "5cf42378-d67d-4f36-ba46-e8b86229381d"} |convertto-json -Depth 50 { "DisplayName": "Password Rule Settings", "Id": "e996da90-cd7e-4069-bfef-8eeea1054c87", "TemplateId": "5cf42378-d67d-4f36-ba46-e8b86229381d", "Values": [ { "Name": "BannedPasswordCheckOnPremisesMode", "Value": "Audit" }, { "Name": "EnableBannedPasswordCheckOnPremises", "Value": "False" }, { "Name": "EnableBannedPasswordCheck", "Value": "True" }, { "Name": "LockoutDurationInSeconds", "Value": "60" }, { "Name": "LockoutThreshold", "Value": "10" }, { "Name": "BannedPasswordList", "Value": } ], "AdditionalProperties": {} }

Environment Information + PowerShell Version

No response

salbeck-sit commented 2 months ago

I've got code ready for a PR to implement the resource. Stay tuned.