Merge pull request #599 from KelvinTegelaar/dev

pull[bot] · web-flow · commit 4b5dfc6ce987 · 2025-12-09T18:41:25.000Z
[pull] dev from KelvinTegelaar:dev
diff --git a/.github/workflows/master_cippkdsva.yml b/.github/workflows/master_cippkdsva.yml
diff --git a/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-GraphGetRequest.ps1
@@ -47,6 +47,11 @@ function New-GraphGetRequest {
                 $headers[$key] = $extraHeaders[$key]
             }
         }
+
+        if (!$headers['User-Agent']) {
+            $headers['User-Agent'] = "CIPP/$($global:CippVersion ?? '1.0')"
+        }
+
         # Track consecutive Graph API failures
         $TenantsTable = Get-CippTable -tablename Tenants
         $Filter = "PartitionKey eq 'Tenants' and (defaultDomainName eq '{0}' or customerId eq '{0}')" -f $tenantid
diff --git a/Modules/CIPPCore/Public/GraphHelper/New-GraphPOSTRequest.ps1 b/Modules/CIPPCore/Public/GraphHelper/New-GraphPOSTRequest.ps1
@@ -28,6 +28,10 @@ function New-GraphPOSTRequest {
             }
         }
 
+        if (!$headers['User-Agent']) {
+            $headers['User-Agent'] = "CIPP/$($global:CippVersion ?? '1.0')"
+        }
+
         if (!$contentType) {
             $contentType = 'application/json; charset=utf-8'
         }
diff --git a/Modules/CIPPCore/Public/New-CIPPTemplateRun.ps1 b/Modules/CIPPCore/Public/New-CIPPTemplateRun.ps1
@@ -88,16 +88,23 @@ function New-CIPPTemplateRun {
                     Write-Information 'Creating templates for found Conditional Access Policies'
                     foreach ($policy in $policies) {
                         try {
+                            $Hash = Get-StringHash -String ($policy | ConvertTo-Json -Depth 100 -Compress)
+                            $ExistingPolicy = $ExistingTemplates | Where-Object { $_.displayName -eq $policy.displayName } | Select-Object -First 1
+                            if ($ExistingPolicy -and $ExistingPolicy.SHA -eq $Hash) {
+                                "Policy $($policy.displayName) found, SHA matches, skipping template creation"
+                                continue
+                            }
                             $Template = New-CIPPCATemplate -TenantFilter $TenantFilter -JSON $policy
                             #check existing templates, if the displayName is the same, overwrite it.
-                            $ExistingPolicy = $ExistingTemplates | Where-Object { $_.displayName -eq $policy.displayName } | Select-Object -First 1
+
                             if ($ExistingPolicy -and $ExistingPolicy.PartitionKey -eq 'CATemplate') {
                                 "Policy $($policy.displayName) found, updating template"
                                 Add-CIPPAzDataTableEntity @Table -Entity @{
                                     JSON         = "$Template"
                                     RowKey       = $ExistingPolicy.GUID
                                     PartitionKey = 'CATemplate'
                                     GUID         = $ExistingPolicy.GUID
+                                    SHA          = $Hash
                                 } -Force
                             } else {
                                 "Policy $($policy.displayName) not found in existing templates, creating new template"
@@ -107,6 +114,7 @@ function New-CIPPTemplateRun {
                                     RowKey       = "$GUID"
                                     PartitionKey = 'CATemplate'
                                     GUID         = "$GUID"
+                                    SHA          = $Hash
                                 }
                             }
 
@@ -133,8 +141,15 @@ function New-CIPPTemplateRun {
                             $URLName = (($url).split('?') | Select-Object -First 1) -replace 'https://graph.microsoft.com/beta/deviceManagement/', ''
                             foreach ($Policy in $Policies) {
                                 try {
-                                    $Template = New-CIPPIntuneTemplate -TenantFilter $TenantFilter -URLName $URLName -ID $Policy.ID
+                                    $Hash = Get-StringHash -String ($Policy | ConvertTo-Json -Depth 100 -Compress)
                                     $ExistingPolicy = $ExistingTemplates | Where-Object { $_.displayName -eq $Template.DisplayName } | Select-Object -First 1
+
+                                    if ($ExistingPolicy -and $ExistingPolicy.SHA -eq $Hash) {
+                                        "Policy $($Policy.displayName) found, SHA matches, skipping template creation"
+                                        continue
+                                    }
+
+                                    $Template = New-CIPPIntuneTemplate -TenantFilter $TenantFilter -URLName $URLName -ID $Policy.ID
                                     if ($ExistingPolicy -and $ExistingPolicy.PartitionKey -eq 'IntuneTemplate') {
                                         "Policy $($Template.DisplayName) found, updating template"
                                         $object = [PSCustomObject]@{
@@ -149,6 +164,8 @@ function New-CIPPTemplateRun {
                                             JSON         = "$object"
                                             RowKey       = $ExistingPolicy.GUID
                                             PartitionKey = 'IntuneTemplate'
+                                            Package      = $ExistingPolicy.Package
+                                            SHA          = $Hash
                                         } -Force
                                     } else {
                                         "Policy  $($Template.DisplayName) not found in existing templates, creating new template"
@@ -165,6 +182,7 @@ function New-CIPPTemplateRun {
                                             JSON         = "$object"
                                             RowKey       = "$GUID"
                                             PartitionKey = 'IntuneTemplate'
+                                            SHA          = $Hash
                                         } -Force
                                     }
                                 } catch {
@@ -180,8 +198,14 @@ function New-CIPPTemplateRun {
                 'intunecompliance' {
                     Write-Information "Backup Intune Compliance Policies for $TenantFilter"
                     New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies?$top=999' -tenantid $TenantFilter | ForEach-Object {
+                        $Hash = Get-StringHash -String (ConvertTo-Json -Depth 100 -Compress -InputObject $_)
+                        $ExistingPolicy = $ExistingTemplates | Where-Object { $_.displayName -eq $_.DisplayName } | Select-Object -First 1
+                        if ($ExistingPolicy -and $ExistingPolicy.SHA -eq $Hash) {
+                            "Policy $($_.DisplayName) found, SHA matches, skipping template creation"
+                            continue
+                        }
+
                         $Template = New-CIPPIntuneTemplate -TenantFilter $TenantFilter -URLName 'deviceCompliancePolicies' -ID $_.ID
-                        $ExistingPolicy = $ExistingTemplates | Where-Object { $_.displayName -eq $Template.DisplayName } | Select-Object -First 1
                         if ($ExistingPolicy -and $ExistingPolicy.PartitionKey -eq 'IntuneTemplate') {
                             "Policy $($Template.DisplayName) found, updating template"
                             $object = [PSCustomObject]@{
@@ -196,6 +220,8 @@ function New-CIPPTemplateRun {
                                 JSON         = "$object"
                                 RowKey       = $ExistingPolicy.GUID
                                 PartitionKey = 'IntuneTemplate'
+                                Package      = $ExistingPolicy.Package
+                                SHA          = $Hash
                             } -Force
                         } else {
                             "Policy  $($Template.DisplayName) not found in existing templates, creating new template"
@@ -212,17 +238,23 @@ function New-CIPPTemplateRun {
                                 JSON         = "$object"
                                 RowKey       = "$GUID"
                                 PartitionKey = 'IntuneTemplate'
+                                SHA          = $Hash
                             } -Force
                         }
-
                     }
                 }
 
                 'intuneprotection' {
                     Write-Information "Backup Intune Protection Policies for $TenantFilter"
                     New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/deviceAppManagement/managedAppPolicies?$top=999' -tenantid $TenantFilter | ForEach-Object {
+                        $Hash = Get-StringHash -String (ConvertTo-Json -Depth 100 -Compress -InputObject $_)
+                        $ExistingPolicy = $ExistingTemplates | Where-Object { $_.displayName -eq $_.DisplayName } | Select-Object -First 1
+                        if ($ExistingPolicy -and $ExistingPolicy.SHA -eq $Hash) {
+                            "Policy $($_.DisplayName) found, SHA matches, skipping template creation"
+                            continue
+                        }
+
                         $Template = New-CIPPIntuneTemplate -TenantFilter $TenantFilter -URLName 'managedAppPolicies' -ID $_.ID
-                        $ExistingPolicy = $ExistingTemplates | Where-Object { $_.displayName -eq $Template.DisplayName } | Select-Object -First 1
                         if ($ExistingPolicy -and $ExistingPolicy.PartitionKey -eq 'IntuneTemplate') {
                             "Policy $($Template.DisplayName) found, updating template"
                             $object = [PSCustomObject]@{
@@ -237,6 +269,8 @@ function New-CIPPTemplateRun {
                                 JSON         = "$object"
                                 RowKey       = $ExistingPolicy.GUID
                                 PartitionKey = 'IntuneTemplate'
+                                Package      = $ExistingPolicy.Package
+                                SHA          = $Hash
                             } -Force
                         } else {
                             "Policy  $($Template.DisplayName) not found in existing templates, creating new template"
@@ -253,6 +287,7 @@ function New-CIPPTemplateRun {
                                 JSON         = "$object"
                                 RowKey       = "$GUID"
                                 PartitionKey = 'IntuneTemplate'
+                                SHA          = $Hash
                             } -Force
                         }
                     }
diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAddDMARCToMOERA.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAddDMARCToMOERA.ps1
@@ -51,7 +51,7 @@ function Invoke-CIPPStandardAddDMARCToMOERA {
 
         $CurrentInfo = $Domains | ForEach-Object {
             # Get current DNS records that matches _dmarc hostname and TXT type
-            $RecordsResponse = New-GraphGetRequest -scope 'https://admin.microsoft.com/.default' -TenantID $Tenant -Uri "https://admin.microsoft.com/admin/api/Domains/Records?domainName=$($_.Name)" -extraHeaders @{'User-Agent' = 'CIPP/1.0' }
+            $RecordsResponse = New-GraphGetRequest -scope 'https://admin.microsoft.com/.default' -TenantID $Tenant -Uri "https://admin.microsoft.com/admin/api/Domains/Records?domainName=$($_.Name)"
             $AllRecords = $RecordsResponse | Select-Object -ExpandProperty DnsRecords
             $CurrentRecords = $AllRecords | Where-Object { $_.HostName -eq '_dmarc' -and $_.Type -eq 'TXT' }
             Write-Information "Found $($CurrentRecords.count) DMARC records for domain $($_.Name)"
diff --git a/Modules/CIPPCore/Public/Tools/Import-CommunityTemplate.ps1 b/Modules/CIPPCore/Public/Tools/Import-CommunityTemplate.ps1
@@ -42,12 +42,6 @@ function Import-CommunityTemplate {
                     $excludedTenants = $ExistingJSON.excludedTenants
                     $NewJSON.tenantFilter = $tenantFilter
                     $NewJSON.excludedTenants = $excludedTenants
-
-                    # Extract package tag from existing template
-                    $PackageTag = $Existing.Package
-                    if ($PackageTag) {
-                        $Template | Add-Member -MemberType NoteProperty -Name Package -Value $PackageTag -Force
-                    }
                 }
             }
 
@@ -169,6 +163,11 @@ function Import-CommunityTemplate {
                         GUID         = $ID
                         RowKey       = $ID
                     }
+
+                    if ($Existing -and $Existing.Package) {
+                        $entity.Package = $Existing.Package
+                    }
+
                     Add-CIPPAzDataTableEntity @Table -Entity $entity -Force
 
                 }
diff --git a/profile.ps1 b/profile.ps1
@@ -77,6 +77,8 @@ Set-Location -Path $PSScriptRoot
 $CurrentVersion = (Get-Content .\version_latest.txt).trim()
 $Table = Get-CippTable -tablename 'Version'
 Write-Information "Function App: $($env:WEBSITE_SITE_NAME) | API Version: $CurrentVersion | PS Version: $($PSVersionTable.PSVersion)"
+$global:CippVersion = $CurrentVersion
+
 $LastStartup = Get-CIPPAzDataTableEntity @Table -Filter "PartitionKey eq 'Version' and RowKey eq '$($env:WEBSITE_SITE_NAME)'"
 if (!$LastStartup -or $CurrentVersion -ne $LastStartup.Version) {
     Write-Information "Version has changed from $($LastStartup.Version ?? 'None') to $CurrentVersion"

Original file line number	Diff line number	Diff line change
`@@ -47,6 +47,11 @@ function New-GraphGetRequest {`
`47`	`47`	`$headers[$key] = $extraHeaders[$key]`
`48`	`48`	`}`
`49`	`49`	`}`
	`50`	`+`
	`51`	`+ if (!$headers['User-Agent']) {`
	`52`	`+ $headers['User-Agent'] = "CIPP/$($global:CippVersion ?? '1.0')"`
	`53`	`+ }`
	`54`	`+`
`50`	`55`	`# Track consecutive Graph API failures`
`51`	`56`	`$TenantsTable = Get-CippTable -tablename Tenants`
`52`	`57`	`$Filter = "PartitionKey eq 'Tenants' and (defaultDomainName eq '{0}' or customerId eq '{0}')" -f $tenantid`
Original file line number	Diff line number	Diff line change
`@@ -28,6 +28,10 @@ function New-GraphPOSTRequest {`
`28`	`28`	`}`
`29`	`29`	`}`
`30`	`30`
	`31`	`+ if (!$headers['User-Agent']) {`
	`32`	`+ $headers['User-Agent'] = "CIPP/$($global:CippVersion ?? '1.0')"`
	`33`	`+ }`
	`34`	`+`
`31`	`35`	`if (!$contentType) {`
`32`	`36`	`$contentType = 'application/json; charset=utf-8'`
`33`	`37`	`}`
Original file line number	Diff line number	Diff line change
`@@ -42,12 +42,6 @@ function Import-CommunityTemplate {`
`42`	`42`	`$excludedTenants = $ExistingJSON.excludedTenants`
`43`	`43`	`$NewJSON.tenantFilter = $tenantFilter`
`44`	`44`	`$NewJSON.excludedTenants = $excludedTenants`
`45`		`-`
`46`		`- # Extract package tag from existing template`
`47`		`- $PackageTag = $Existing.Package`
`48`		`- if ($PackageTag) {`
`49`		`- $Template \| Add-Member -MemberType NoteProperty -Name Package -Value $PackageTag -Force`
`50`		`- }`
`51`	`45`	`}`
`52`	`46`	`}`
`53`	`47`
`@@ -169,6 +163,11 @@ function Import-CommunityTemplate {`
`169`	`163`	`GUID = $ID`
`170`	`164`	`RowKey = $ID`
`171`	`165`	`}`
	`166`	`+`
	`167`	`+ if ($Existing -and $Existing.Package) {`
	`168`	`+ $entity.Package = $Existing.Package`
	`169`	`+ }`
	`170`	`+`
`172`	`171`	`Add-CIPPAzDataTableEntity @Table -Entity $entity -Force`
`173`	`172`
`174`	`173`	`}`