This implementation automates reporting to verify compliance with GC Cloud Guardrails. SSC and TBS review the results. Cette mise en œuvre automatise la production de rapports afin de vérifier la conformité aux mesures de sécurité infonuagique du GC. SPC et SCT examinent les résultats.
Other
7
stars
4
forks
source link
[Bug Fix] GR1 & Gr3 - list the UPNs which have non-enabled MFA #91
microsoft.graph.phoneAuthenticationMethod - not for MFA
microsoft.graph.passwordAuthenticationMethod - not for MFA
microsoft.graph.emailAuthenticationMethod
microsoft.graph.fido2AuthenticationMethod
microsoft.graph.softwareOathAuthenticationMethod
Since dev tenant users did not have password and email authentication methods, the issue stated in the ticket was not prominent in that tenant. However, the some users in Test tenant carries these auth. This pull request fixes the logic around this use case for compliance status reporting
Overview/Summary
This pull request fixes the reporting bug in Test tenant for GR1 & Gr3 GA MFA UPN list feature.
This PR fixes/adds/changes/removes
Various authentication methods are considered:
microsoft.graph.microsoftAuthenticatorAuthenticationMethod
microsoft.graph.phoneAuthenticationMethod - not for MFA
microsoft.graph.passwordAuthenticationMethod - not for MFA
microsoft.graph.emailAuthenticationMethod
microsoft.graph.fido2AuthenticationMethod
microsoft.graph.softwareOathAuthenticationMethod
Since dev tenant users did not have password and email authentication methods, the issue stated in the ticket was not prominent in that tenant. However, the some users in Test tenant carries these auth. This pull request fixes the logic around this use case for compliance status reporting
Testing Evidence
As part of this Pull Request I have
main
branch