search

soteria-security / 365Inspect

A PowerShell script that automates the security assessment of Microsoft 365 environments.
https://soteria.io/solutions/soteria-inspect/
MIT License
561 stars 105 forks source link

Bug running script on PowerShell 7.3.4 #52

Closed pcpolice closed 1 year ago

pcpolice commented 1 year ago

Hi All,

I came across this script and thought to try it out. Unfortunately, I am having trouble with running the script.

As per the instructions in the manual, I cloned the repo and executed the script with the parameters defined.

I thought this might have been the issue with the Windows 11 installation that I had so I created a new vm and installed a fresh copy of Windows 11.

Then, I downloaded and installed PowerShell 7.3.4 as a msi package from Microsoft.

Next, I opened a non-admin PowerShell window and executed the script with the parameters defined. .\365Inspect.ps1 -OrgName <OrgName> -OutPath <path> -UserPrincipalName <USERNAME> -Auth MFA

The script goes through and installs all the required modules.

I close the PowerShell window and open a new one. Run the script using the above with parameters filled in, then get the following error:

The script executes with the following:

MSOnline is installed.
AzureADPreview is installed.
ExchangeOnlineManagement is installed.
Microsoft.Online.SharePoint.PowerShell is installed.
Microsoft.Graph is installed.
Microsoft.Graph.Intune is installed.
PnP.PowerShell is installed.
MicrosoftTeams is installed.
Connecting to Azure Active Directory
Connecting to Azure Active Directory Failed. Exiting...

And then throws the below error:

Write-Error: C:\temp\365Inspect\365Inspect.ps1:198
Line |
 198 |          Connect-Services
     |          ~~~~~~~~~~~~~~~~
     | The term 'Connect-AzureAD' is not recognized as a name of a cmdlet, function, script file, or executable
     | program. Check the spelling of the name, or if a path was included, verify that the path is correct and try
     | again.

Not sure what I am doing wrong. Can anyone help please?

Edit: When I ran the script with -Auth ALREADY_AUTHED the script executed (because it wasn't trying to connect to AzureAD) however some other cmdlets did not load.

Edit 2: After running the script with MFA, I tried: Connect-AzureAd

Got an error:

connect-azuread: The term 'connect-azuread' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

So I tried to manually import this by running: Import-Module AzureAdPreview

This returned no errors so proceeded with Connect-AzureAd and then got the following:

Connect-AzureAD: One or more errors occurred. (Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.): Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.
Connect-AzureAD: One or more errors occurred. (Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.)
Connect-AzureAD: Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.
Connect-AzureAD: One or more errors occurred. (Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.): Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.

Anyone know anything about that?

Thanks.

ThoughtContagion commented 1 year ago

Hi @pcpolice, Currently, the script is not configured for PowerShell Core (6+) compatibility. This is certainly something that we can push to the tool. Could you try running the tool using the built-in Windows PowerShell and let us know if you still encounter these issues?

mrjlturner commented 1 year ago

Having similar issues when attempting to run on either Powershell 5.1 or 7. Below is the output of the script (with personal info changed or redacted):

PS C:\Users\username\Downloads\365Inspect-main> .\365Inspect.ps1 -OutPath ..\365_report -UserPrincipalName myemail@companyname.com -Auth MFA -ReportType html Verifying environment.

Environment is 7.3.4 [+] PowerShellGet is installed. Importing PowerShellGet Environment is 7.3.4 [+] ExchangeOnlineManagement is installed. Inporting ExchangeOnlineManagement Importing Microsoft.Graph Environment is 7.3.4 [+] Microsoft.Graph is installed. Inporting ExchangeOnlineManagement Importing Microsoft.Graph Environment is 7.3.4 [+] Microsoft.Online.SharePoint.PowerShell is installed. Importing Microsoft.Online.SharePoint.PowerShell Environment is 7.3.4 [+] MicrosoftTeams is installed. Importing MicrosoftTeams Connecting to Microsoft Graph Welcome To Microsoft Graph! Connected via Graph to CompanyName Connecting to Exchange Online Connecting to SharePoint Service Connecting to Microsoft Teams

RunspaceId : Account : myemail@companyname.com Environment : AzureCloud Tenant : TenantId :

Connecting to Security and Compliance Center WARNING: Your connection has been redirected to the following URI: "https://nam11b.ps.compliance.protection.outlook.com/Powershell-LiveId?BasicAuthToOAuthConversion=true;PSVersion=7.3.4" Using all inspectors. C:\Users\username\Downloads\365_report created successfully. Invoking Inspector: ADFS-Configuration

Attention! You are currently using an older version of the Exchange Online PowerShell module which uses RPS. RPS deprecation has been announced and you will need to move to the latest V3 module by June 2023. Read more here: https://aka.ms/RPSDeprecation Please install our new REST-based PS V3 module downloadable from https://www.powershellgallery.com/packages/ExchangeOnlineManagement/, which is more secure and reliable. Please note that you will no longer be able to use -UseRPSSession after June 2023.

============================================================

Invoking Inspector: AdminUsersWithNoMFAEnforced Invoking Inspector: AuditLogSearchEnabled

Attention! You are currently using an older version of the Exchange Online PowerShell module which uses RPS. RPS deprecation has been announced and you will need to move to the latest V3 module by June 2023. Read more here: https://aka.ms/RPSDeprecation Please install our new REST-based PS V3 module downloadable from https://www.powershellgallery.com/packages/ExchangeOnlineManagement/, which is more secure and reliable. Please note that you will no longer be able to use -UseRPSSession after June 2023.

============================================================

Invoking Inspector: AutoForwarding Invoking Inspector: BypassingSafeAttachments Invoking Inspector: BypassingSafeLinks Invoking Inspector: ConditionalAccess Invoking Inspector: CustomAntiMalwarePolicy Invoking Inspector: CustomAntiPhishingPolicy Invoking Inspector: DangerousDefaults Invoking Inspector: DKIMRecordsSelector1 Invoking Inspector: DKIMRecordsSelector2 Invoking Inspector: DMARCPolicyAction Invoking Inspector: DMARCRecords Invoking Inspector: ExchangeModernAuthentication Invoking Inspector: ExecutableAttachments Invoking Inspector: ExternalCalendarSharing Invoking Inspector: Get-AllowedSpoofingList Invoking Inspector: Get-AntiSpoofingPolicy Invoking Inspector: Get-BasicAuthConfig Invoking Inspector: Get-DirSyncSvcAcct Invoking Inspector: Get-TenantLicenseLevel Invoking Inspector: IframesAreSpam Invoking Inspector: Inspect-AADRoles Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-AADRoles.ps1:20 Line | 20 | … $roleMembers += Get-MgDirectoryObjectById -Ids $member.Id … | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Invoking Inspector: Inspect-AZPSAssignment Invoking Inspector: Inspect-AZPSModules Invoking Inspector: Inspect-customDLPPolicies Invoking Inspector: Inspect-customDLPSITypes Invoking Inspector: Inspect-DirectorySync Invoking Inspector: Inspect-DirSyncAdmins Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectById_GetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\Inspect-DirSyncAdmins.ps1:23 Line | 23 | $member = Get-MgDirectoryObjectById -Ids $user.Id | ~~~~~~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Invoking Inspector: Inspect-DLPPolicyState Invoking Inspector: Inspect-DomainExpiration WARNING: Error message: Cannot index into a null array. Invoking Inspector: Inspect-DomainSpoofingRule Invoking Inspector: Inspect-eDiscoveryAdmins Invoking Inspector: Inspect-EmailVerifiedUserCreation Invoking Inspector: Inspect-EXOFullAccess Invoking Inspector: Inspect-EXOSendAsPermissions Invoking Inspector: Inspect-EXOSendOnBehalfOf Invoking Inspector: Inspect-ExternalForwarding Invoking Inspector: Inspect-MailFlowRules Invoking Inspector: Inspect-MaliciousAttachmentTypesFilter Invoking Inspector: Inspect-MSTeamsAllowedDomains Invoking Inspector: Inspect-MSTeamsAnonPolicyMembers Invoking Inspector: Inspect-MSTeamsAnonUsers Invoking Inspector: Inspect-MSTeamsConsumerSettings Invoking Inspector: Inspect-MSTeamsExternalAccess Invoking Inspector: Inspect-MSTeamsLinkPreview Invoking Inspector: Inspect-PasswordSync Invoking Inspector: Inspect-SimPhish Invoking Inspector: Inspect-SpamMonitoring Invoking Inspector: InternalUsersSendingMalwarePolicy Invoking Inspector: IPInUrlIsSpam Invoking Inspector: LargeAttachmentBlockingRule Invoking Inspector: MailboxAuditingAtTenantLevel Invoking Inspector: MailboxAuditingEnabled Invoking Inspector: MailboxesWithIMAPEnabled Invoking Inspector: MailboxesWithInternalForwarding Invoking Inspector: MailboxesWithPOPEnabled Invoking Inspector: MailboxesWithSMTPEnabled Invoking Inspector: MailDKIMEnabled Invoking Inspector: MSCommonAttachmentTypesFilter Invoking Inspector: NoSafeLinksForTeams Invoking Inspector: OfficeMessageEncryption Invoking Inspector: OutgoingSharingMonitored Invoking Inspector: PasswordExpiry Invoking Inspector: ProperAdminCount Get-MgDirectoryObjectByIdGetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\ProperAdminCount.ps1:11 Line | 11 | … '").id | ForEach-Object {Get-MgDirectoryObjectById -Ids $.id}).Displ … | ~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Get-MgDirectoryObjectByIdGetExpanded: C:\Users\username\Downloads\365Inspect-main\inspectors\ProperAdminCount.ps1:11 Line | 11 | … '").id | ForEach-Object {Get-MgDirectoryObjectById -Ids $.id}).Displ … | ~~~~~~~~ | Unable to cast object of type 'Microsoft.Graph.PowerShell.Runtime.Json.JsonObject' to type | 'Microsoft.Graph.PowerShell.Runtime.Json.JsonArray'. Invoking Inspector: SafeAttachments Invoking Inspector: SafeLinks Invoking Inspector: SafeLinksClickThrough Invoking Inspector: SafeLinksSynchronous Invoking Inspector: SecureDefaultsEnabled Invoking Inspector: SelfServePasswordReset Invoking Inspector: SharepointExternalSharing Invoking Inspector: SharepointExternalUserResharing Invoking Inspector: SharepointLegacyAuthEnabled Invoking Inspector: SharepointLinkExpiry Invoking Inspector: SharepointModernAuthentication Invoking Inspector: SMTPAuthGloballyDisabled Invoking Inspector: SPFRecords Invoking Inspector: SPFSoftFail Invoking Inspector: ThirdPartyIntegratedAppPermission Invoking Inspector: TransportRulesAllowListDomains Invoking Inspector: TransportRulesAllowListIPs Invoking Inspector: UsersWithNoMFAConfigured Do you wish to disconnect your session? (Y|N): y Disconnect from Azure Active Directory Disconnect-AzureAD: C:\Users\username\Downloads\365Inspect-main\365Inspect.ps1:661 Line | 661 | Disconnect-AzureAD | ~~~~~~ | The term 'Disconnect-AzureAD' is not recognized as a name of a cmdlet, function, script file, or executable | program. Check the spelling of the name, or if a path was included, verify that the path is correct and try | again. Disconnect from Exchange Online Removed the PSSession ExchangeOnlineInternalSession_1 connected to outlook.office365.com Removed the PSSession ExchangeOnlineInternalSession_2 connected to nam11b.ps.compliance.protection.outlook.com Removed the PSSession ExchangeOnlineInternalSession_3 connected to outlook.office365.com Disconnected successfully ! Disconnect from SharePoint Service Disconnect from Microsoft Teams Disconnect from Microsoft Intune Disconnect from Microsoft Graph

PS C:\Users\username\Downloads\365Inspect-main>

Any thoughts or ideas for me? I am getting a report, but based on these errors, I don't think I'm getting all of the details that you intend to export. Love the concept thus far!

ThoughtContagion commented 1 year ago

The issue is related to the use of Get-MgDirectoryObjectById -Ids in some inspectors, this commandlet was retired in a previous version of Microsoft Graph. We will update the associated scripts accordingly and push the new code ASAP.