From a6b767583e694c4c1560c7469409a84e7ee8dded Mon Sep 17 00:00:00 2001 From: Addam Schroll <108814318+schrolla@users.noreply.github.com> Date: Thu, 6 Jun 2024 13:56:21 -0500 Subject: [PATCH] Update sample reports to v1.3.0 output examples (#1149) --- .../Sample-Reports/BaselineReports.html | Bin 29790 -> 31349 bytes .../IndividualReports/AADReport.html | Bin 94600 -> 98857 bytes .../IndividualReports/AADReport.json | Bin 33956 -> 49097 bytes .../IndividualReports/DefenderReport.html | Bin 62372 -> 67015 bytes .../IndividualReports/DefenderReport.json | Bin 22670 -> 34053 bytes .../IndividualReports/EXOReport.html | Bin 101948 -> 106157 bytes .../IndividualReports/EXOReport.json | Bin 61330 -> 87003 bytes .../PowerPlatformReport.html | Bin 54316 -> 58669 bytes .../PowerPlatformReport.json | Bin 9292 -> 16391 bytes .../IndividualReports/SharePointReport.html | Bin 55268 -> 61311 bytes .../IndividualReports/SharePointReport.json | Bin 12734 -> 21423 bytes .../IndividualReports/TeamsReport.html | Bin 66900 -> 71109 bytes .../IndividualReports/TeamsReport.json | Bin 26234 -> 39109 bytes .../ProviderSettingsExport.json | 6625 +++++++++-------- .../ScubaGear/Sample-Reports/TestResults.csv | 126 +- .../ScubaGear/Sample-Reports/TestResults.json | 330 +- 16 files changed, 3731 insertions(+), 3350 deletions(-) diff --git a/PowerShell/ScubaGear/Sample-Reports/BaselineReports.html b/PowerShell/ScubaGear/Sample-Reports/BaselineReports.html index 274b995863202cec8e2967302a2f2f2478acf3af..5e560e2187b26d45b162a5635c528a694b90f30d 100644 GIT binary patch delta 1760 zcmah}U1*zC7(QQ{hMJ$|i^=k9nxyHHrfq(^WL<}{G98l@TbN?oWwBZQtae{&nr>DF z2VUsZi?t7UBaBUN#*o?ii69K2dZ8eSUI?-aQP_njih^S}WcZ%*wQ180dUJl>^SnbTw$X8XyiS^O|XO_23^W1OW}TC=NO z{c;B;+}Tu8Bp_E7pd{N|#Qr{ZTy}*lJZg9=9od|?uQg^9H6$~4%5L7c z;i4d`v*Vht3vqJ2*;TOw821~ZWLgd5mUjtMfcD!e+ij1(Ed%1dWRr`aT-d?RdHGZ0 zw!5(YpcgaN-W@oX<4*jX2vaHD;-ra8{oVSiR#el3pd7_Hy9=wf9+7&3UIZ;}{AJU( z^A`MT`@zkxZ9=1B7FdnVu~}9k;9lIZzlnF`@IZxZW%eSAu@artXTF8sLXin*n?>g$g7o&8yM4m`kN z3f-t*INK$G{5poBcQ6ER7Hcs}IgE6WIV zQ|tX1Vr|nN_t)4WmBp2#kezFSx2#Dz>CuZoR)^0r4t(3yiHpf@4ELwiKSLk2wFvaf zUcZ?)HN_5ywj9KoC!ziq9@E;`)GEG@4B%X(2bcCfq<+%p(qkf{+i##ti|kp7JVT=6 zTn`eII63ou&ZQ^CyokXK9eZ7zE5Z`_k*3*r1mp3AFaBcJl2VoBMx=&z>RKW zfNtS8(bL1?l=VOQ25<4X@EYMh_nlv;^gtb8UN;E%CbA{{$j2^Q^1MK)co};Wv zHqHi*8>1SltfsC_zSbrUshJZ#2{Y535&8t!!>or8@bjwp0%8=iO~D)qq^Srda(Ntj z+JM#En3(V8F8Vnlj;=sl&(X+n&xtH0S}$QL=ZAi35TBo%K_J(OaK3LP7gnFh|JD}D zvIGezLt~oeG}}iwQ#6i{ElDH&$v9D{;YQw|ww=17!}M$kkCt-kbJeeOQU<>ii`Epy zoD~=pAF|9DZ-tab0)X9d&fuwb|WV)XiLVW@op}Wbx2J)<`8wFg0D3Oe{q=lMre_ zx?~#p+F*}w=+}FVcxv=`~BYceZTMbe*U1F zU+D5v!J&~jnId!85`y?3xE(r4SZ7s8=65VwxF{g)5%JwsfJa^#6NzGU`rVFLK1~i` zC~*e!k{cUh1h!xe+ZMBws(9xru9aS*7KKk9raFSby?E~`#Y_3E zMRc`%1(#czkn*lM;-txF%)8re>I|aQSIV6*!zX<_oZuJ=+&=MdHHQ3Ah(jV46d75+ zA8W3N(M*FR{#Tb%yjb?vIaCu4ImP#)GED`|;OyD6Xv1uvD*z5hdLR^pap+eW}`B%}dkJ324#Sa>e|I)8mN++dC zxN9ZL|2OgWBIhWXC8OjV$uduBD}Z!=7E*r-4^KtdiGgk#)!4H^g(8&c!$RgLK4zAn z4be-!x%#Y diff --git a/PowerShell/ScubaGear/Sample-Reports/IndividualReports/AADReport.html b/PowerShell/ScubaGear/Sample-Reports/IndividualReports/AADReport.html index 662bdcd7b29f23b77f786ffdb4d5c189807081de..0ca97af9f026ebd7435ea7c38a65aea054bfb5b5 100644 GIT binary patch delta 5331 zcmc&&dr*|u6~70T1=$bSb%AAB7M6#+6yzl;N+JR}Nqu0@ByBZaL|ze=Wkr#szGnJ| zX*3O#bBB^Oapu^JGF@c+Hp*%f>t})OjDgslfSg;WG0hIYI@H1?Jgj%$)q!# zoo~Op_ny~1=XcIMcaQ!vea7Gcd5l`F`WA zXd6ZvjjDpYfMeRsS@#^0;76MDO%te9ukVZF&Q)lBTSTd*%Sopur# z&=KHMZkrBi`wC29o4MA&oAP-VA=Vy}r$*rm^R*Y(nm!`AY+x&$sO>Je^XO0qB}Jnzs!(e z3AUu#c@$MbThhR?k9_H$&rND2xU>^!XuCA;Hzg1bf~gJn8RFGAGq(G(jaZUhpxjLz z2%3W5_tTOLjOKi?l7ppOOh2H7Hjrt`=FB5{8-a&DxnxWu(d{D?v&WZ^4|1`8%pAek zZY7iU(9H9A+*qw*b^^Q61~$^Aa@Ap*-DYCbS(b-3!TxoiDcho)%T3Tjk@8_twHe*Z zBGIueMakY&P=Y7RR-|rK$y-zy{kwtd!rU>*4nXe+Zl8o2v@GUPk=i3 zQ^luXX`jZum$}ij{$I-WqZP(r+6|U@tvGZl498Kzgt0g!@u&Ag4XneLvUvGD8ya8L zVc%Qf%Ifatba-_%HkeU&d-Piib`oJTnbLv%Xi=`7jt;^#W3w!ybE!@Ve^Y0`@%#GH za+t80pEc(^AFd#~@rgYT!|;S0~4C&nZB z-c8C~6z~Z{YQ#>G!Wd-}TS$I`I<8S;RYSA9r6zI?arw-RHa)?v5^Gf~xAO+k)W00Z zd(z1Gja)I^B#0GFBP1lUxts#5vXmaDs3sLG&_M>Ys{YjcRWDkx?7TTNO*~H=9!&mG z43(xGB!f513FHwBt^KrmfVkNqDwsqkIRIX<+vl_eZ@->wm=rOBNUCiP4us*>IoF4W zR?VXk2Fvj92UYV>B@YgxaU=mB3>rh6oU2Ni*Fey|uaBu z-aVU$cLyTz)VuM@*7tNkKuWPQe)$}%BLr(zV+IglRj+htR;n2hur(mpF{vK0HqI;u z>6^e5S1PVzj2A{m6TKJHldobxD=+O>`b#UQ7{IF6bk9mMY5ROYbE z!a*2lv(D-RBm~T(4+d@c(r_aAC>)*Fb+~UhZXU1ppR%Y`?b)xIF>Pc6S39M9WW65y zZlr&s3c-T8LhO1y9*_1&vu1T(+5b01k}6GfiQ*Vb1m8p~87I!r*es6FrXq zZo@p3-J@o7ebtCnqtRL_(?ON5To~ONWab*lDB}XYiSWFOj9gwKjdI%kZ03}gJSrLPT6K6%*q z|HT<|@A@LY9Wxj^9hj+ny88@|dMK-?w5-IZKP;Jbor=pO_8IiS;G=3?p%Vsw^QLhI zimrcDqPvT(5Pvw&qNw#yq`zMZ_F*nA0Jc=ze(O6}G#-oF4dKeoTYpVzDyIl@o8%$a zaaXmMMiX(@x{AjLIrTKp-2)xiM8n+|Q}SV7J&mtS?KWIQ#pu~U2x}0n-rE32f}l_~ z#lsfwkPdVpCk8=S7GI=G=`7>Zt${uq$QhfVx; z>EUFO)%>{eN{q;wM*vvY!SKg3G>$(k!7=qBLseX3OVaiExz z4XdX|t4Fo+udL7(#W%e?kxBw<$jTgqKU$XN(0C&MbEdRhIV4~|JuNirvsS*f4l-J_ zt#QUpYRJ`1Y8%#EmvWH7comefFlF~<}SnpqBDt}pW5H!tS!H`7`d1Z`9~_^+d=GVJ8KWy~x(_yHONziX?fDg~J6%EvBhF z`p01@T_^MCDIyv9^j$)8dGt;H0?8c`JVhxvCczCYGpoH{M!*A||HmdXjOd}zOF3H^ zm^_mR=?mmLHYk>>Dj-fiSqX{qNed*%htomleJvZF43ft)z$u??hH&qi94G=!;12JV zT*wV2flv&e_yq3ou3H5sd=%B*C8dxaCJ$|f?eek5V1@iqCH%r~&ZTv5BAB>q9*5&b z*;oTFdB6W%_#w!RPZ8zK?T{wBYN2uP888OJGOwuyMklR#X)P_F=i^=QWSHNqpS8eU zkn;>s5K%QLsO|Cr1K8y|tq>`nYlWV=R*Di|W*7k#6c0{Itpa)|?tCp|9Qapu(yEq- z{mldAya2HrU+36=?60y^$)9#Dd zjr(J)6m2(VYVLUJXq1OYcugJ?5ce=K3y->zuqv|LzwT<}qyXT%_882!rD_-&s`}Qj zM(_v5Tg$+WiH=00&VJDPt)FOXR43ZglkxCS3G-umLdNU*)L2_EKqfjI4!kE1BMsU@ zbxAClvk7T9%CS;^G?vAUL^XV_^kaHnStbBfV@TZYWRpIVsvX12S==dfbwxE=kfRmSuGv;UXW4qV?^5UAz3WL z-x3j7iE44$V({1N$@Fyf*YqNjx-Bcz1TJ;=#03@%pDs;R*jUQ4fOM^7Wo!k_pJJ0) zA&pa616itAJ*#7t z99NEN-a19bVV!o&Kc9dF*KK&W$EL1tHJLGgzg_Lvx5*HquoB{_Qri!t2cf4U6pwAU zs)dKlVOV(FjLO%==$t^~$*#zeYyn$FtZPU?HI1vV^PUCelkP+>Y4nQfvXN{Ic^?-U zhk0FT`2G$X;hAyDscdcBaH&+|xbV3Fe>gQ4mw%U_eYbs_jGMaGVZxu`Xm2&4=e!xC z+huGxZ1d;yG;Zk|h9`Oz_1Nj=5Oj8$)#kGXKwGB`GtPzL&R^unq<^TM{8y}oFCv77 zjB^rhytGu$^QH+qdThA9$Bv#>8GCn`Q9j>+Ek~mLoVNt0dZKr((VvV=NhG84jr5oT zwH*=VOa6~V(xXLjG6KaJD2x>gPa8B*7w#47MY(Ln9}gzr(z`a=V5i!3d0`MHUwJ)H zweBl%j|7DGEgc*n;oBWDKIk*|2dM?ui$bCX@1WS%I(kN8=gnCu|F+iykr!{hfX8<$ zS_-1ZdJma#!zDM$w{vhHC4H|8TQYEVyBQCE)~&@-@2Lmw^ac+~L&E!?Nc}1)*Cgz@ zTa0_YRMgzxZ#ei)8S;3L1xE4WCTEA%O!p67+-$+ZJ`=9{AUtZ6b~Z;-L?J~~QOB3D zwR}=MBnFqTa(*ToEMcAj54N{PHP*4AERPeoApy ziQ8NuOAW==YXbDFMKyFUg9gA1uX)S*cSL^%z;!hmvf+sFP#bs z4=RE^{k}hnpe4Bf<8m?N$S{FF^uShM+X~nWV`s8Cl#UI{jyw*pFiTWTTi{{o#^1#blOzvG1>v#xQ8Z~m)r7kGC)r1HK-244F^uL)-V4SWNflaeccFpkh#%*DxZD7lz;FFJQI$~l9h9;|W|Sfp3MIyo);zU(+9j8o=fSl#(4+{%$bPu_3Tbox>O z6mZ5_&u*>{ZYsZOiH8~4V>B!ryU0m0O5VaCTQQ(f3~Ugek0K_1oEgAt2ox>tWr;pw zNF?~Fg=4vGFUJ3sF(8$-2tgmRs2B;by?vjE>mIwECSYu#K`Sam$ z{u~Q1es$+njv}>IYT1f4b=65-@K$*qhYzjbe&(4=3|M_JN0f=VuzMoRHE! z_~qFrBHn@u!5ge8R#<^x<~{?d@^4nwD&ttDX04ly3A_yuAN;H>YwAbR(Y*EJ)r~nE zKt@w4YB0Z)YBa~xq95-k5!HZ@W6FG_Dr`#a+vc|}+x!;RVSdA_({+7O!nYvtg{bLB z{}GRx@_`*Sbj^@oS_3nCt)TZ!M{;>e$l;WEzZegkC1Dp- zcN=Oqtg7A>T!`tzoGVWOg6af#o&1LB@r$i*T!7H_u2=^n*mx0 z-1av`tQRX|*4Oj)CsVr$Y8nJu!%Tw~9E~zwQe}?Pd;Y+$B2Ei*VW(l7e@G6APlNA$ zeJmd6G<=Ean2Dr@%B*9%^eh+?&7T9MX+EusJGBs23lO zZ9-k5MSLKtC#sHZHDt_IL-j^f2yH5z zm6vEqqF~135`l54DFUO-4<9xA8JbqX{gwwT@igh-(JtCp^sr{Tmn_G$YA_ z*epiz6JJsEP~bfhFA-CI8QeW`hLIs!GhJgfQ%$Wp@U6bQK1fdKkcR=oTW$1a2%{&Ip>U?Ej9c#r;^>2 z=8rC>5_rz3hr7qZH1fDL@YvM>SGv9yp;85O_AIcSOuJ%E_{XkJRtPGndgB7yI>Kar zsaL`!ugwQf{LARZG;*a|Sd{m;^HaHRKwMZt7%P{uH&tL`3- z%kKT*RLuuZRD(J+$*+%0bMVNe1kKnwd)vkSxTh)q27}eA>kR>sFn&LsXj}ooAhY?> z&2T2LjeNo{gqpVml&lg)Q7Ap1tr{%Zs-et+eD@*uhmiea_?)Ql}msO@2krPn#i5^P7}&O9Lf`(M&WHlCX|74h4+48jXX`z`u5B{o`rtJ65P!<0L!uv+H3}H zUlvTpsi1R98`v)Mz!~eH;mURhC3^*C9&EaN;N#4aO?L_lPA#zsC-%yD97=XG6zom4 zdK_BVv-JmzSkr)4TVPi07JcLJgpOg1kXcv>x@}98)m04(N7G4&@991&gn!3(#;rtrq_>)X{Wj4sq|-S79d?&qQ@_ zMgwpKJgwyvlLzgEF7VmwWr{ecFo|Av!J=tFo*V>>Y2dCak+CgUXa++;;Rz)U6qto- z;mpEZIz4AmME#81X07V_5()Gi9268dzpD=`WdZ=$anK3Cr$MfC9?RmE>;b`w#DNJ$oJP& zSM>GqEb(>X+$$<(z*ruQDIN`VBas(QOn|XQ=Z37)DNZ>~xO8m{WF0YfL z3ToOOQM~3_gfAPtuAm3iapNY%syYZ898Q424!_(#4!P!IH4=p_b`!Ykb}$0ssXNUy zWcNttHstvbVWeqMKVWIDxQ96V)-xvunZ2;$YsbC451E`&bVRs_%26%4fSQG`L#PRz zM;B28(jglnyRkJrFt>^z>9H0v256BcF9{_!i-7%;>nX(N)U zikhXHKxdoQEsE&0RjmdY(%#X2=llG?JXLkl zWchpCd+s^Ed(Q8id%mCCkN@bBdTJsesZ^ARCq#uP7agLP-d34tG(m427CzA~hD5h; z3%e+T%pS2Da!X{$P^eGgS=LYr8F^N+X~q)BV>gh;Qc&uWm17aa%9o1C@2iZ{Lw!1B z8}!M%a!*t(#!t|K*-UV4j?8FeU z5m_hwC1pg}S7e9=Ol>;eRLHxeO0y-ndmB>ut^uw;+MG| zkSsKjzQx2aWeSLWB2k>hKau7vCc3S^L9+%eO=V=nGkyM%u|rp}bW7HBnzt0i8X{Ge zg*>n6>6cl0X;)^MVl>LK6V|af%KfpK+&Q^4p--fKOGaTSJ7yK8F$ZF{L4UP1>sVO` zG2HNVGNc)8G5lGv>Q;7x)SZ*BN@5TC;ZrZX>ZduYDMWaUYAanbmKR1mx={q^Z^lAf zRC-X>8NfB_Lhtu1^nLr&4$ido;c<#QhAWUhGBY9>EB(|ltXk$@r}Gx|J2UCu+w`hp z>UG-qDcOxJDP#%4m*Me}oIcQH2&BPwF&>5z2?uCurJycTjx%$6s>n$0qB3dGc`Yu6 zzrW4P(J`A##a<4UbSwX?652?nNeu<(HCB)ZzY>7yhFlOVW{(%c2PHHYG$k>&`v7SW zBd^l8jYnn9M!9R&F-X6>s)Gh>))a=$x&qh)``1n>Md{LqC2=Y7P)ptx3*9}erA4=% z_6IYhC!cz>NjC`jQ0~yfPAj<%s%iE}qSW;488v+oNQ>w2Ck@tYZiQeEj1AMAJ6-ys z)*MHk;2P89*{PO_8q_*kd`oknN={HOAaww6>~`&ds!)xe{Fvv0%yQMDLDT{DL${U2 zYqWH8q?NAp=h1jy3ymHxrU&Qr`#hp5#(8$cHXu847#jM4mUVJr@QW^tuw%NgVn}#s z?8O{fczG9@k7oj)qI8aRB9?Wn^>>^jxL#7v_xp-T0Vjz$+?bgk&VDte0XrOH? zxjKp|cYhYmzNDtdZDumIW|Q%_fsTE?g=Vj)rT$K>3S7#yF@O0$>Hve4^j(byPwmoD z{~`6rnv$zBp)sP{zN9#?Mb0ieY)0eBWrIr!^M)DX!+kscr7{=#L?@nysJYsrlDWWW zENh}+F3@~%%cf9KqM4&kUXi}W3UFb-vZfyhOxVDlquEMVyR(V?G}@iLfmi1ar^{9C zTkrHxwXc?|oiyY7nucc2<$t9j!HT&^y#8D!y<4MSGqGKj|KC(j-5_OFrm}V2RCRQB ztvi3Ot9%2Cj^^FS6%8#m)ovg;6EM+t-sz_PfLTdr98{&!XMx5z6W1nY7}xN6aJgM{ z(DbQ`$bK^!-q4f1Rzvl5+9k^xgP!%5)t}A|iO=}%OBc@cYxaKGQ-qJ@VPNvm^Dk`! zJqqY|=k@gK@q(^rFcUytafiX>W)MFgP7ppHxT>F)=f3(m^Y+Mg8o#2Un{|n6QZkQ> zdyRY$le=F3rRmA%52OEIoHQxtwuW)6f_5b}o#Z*FXVl5dk_uI2FP-|PJFIQRJlB=b z+Epw$nh(nLBt%QP-C$frYWl(<8r`F%+14AfGYA0)P zf7hurMm}KJ0V;A+qnw2uNU2uXIUsUr#GX#ZNi_v0bLF)ySKp+|6Z!Pu>bZngpxr5* z{rN+cvqJ1dll}y*Ww@7#T>x2%s~cl3T=8W}W7FSA;I9!Eja|og;^zkHzn?{}YnSC6 zG)qO&RAT6H&xhUd^ou`ySDL+En-Cg1^Bb2s^r*d+rAerU7mkqkP7c-2r_tkQwA;}7 z$Y(hxVz{~E=Cloa3x5X=3O9M@>k>);u!?f#ttcmaAaWb3bi8N^>GyYX;2lm)ZvL3? z^=LdBaS!(oK8&~1iH|KKtf?ArLD*E%+YS`5R{7BF5Ce#)@?FXrW&F4^YAz3lz=(F( z3%94NMbYR7g7ALA{85f}B;*JnF@@|{$laY{stXHvl)F6+CwB%>hzvPgl{x`RX@Hh? zf{MKIq1OXVI6HCW{w3N4SIQ1MaS{M}#EbIvq%6=0G6 delta 1705 zcmaJ>ZA?>F7(SPNig)d$R4BBxrF<#4Qa&WZjSrO{&Ja|_a5{CR0%MLyks@wpI%Olq z%?x-lag4cc(}YZ7aL12DQ3*?2;x;qghlyc?WN!My8T6O&$F}$0-WK?=s^4!3WwC&tI+Iap%T{72QTYd!eS&Ie zw{8=Pk?u;@MY5l?{-P#2yy!HXd6_u%l!(gY?+wc$_3;#&Mi2_%a=GwWvQQ0*Bj1uj z;u4CK1}R01T4P)4)0ny_B4oGX%)*rlm};{rA;j7Uj?APQ7wz_Be3hCTE4$sEhRa<> zZnBpPxa<9<35oSq3cEWT0;X1uvXTDyUtP}i+|)U5K#Vw z5f?lw;WdjIN*JwObxOhTY4Q|#z zmA0aLJ|1Ixa>~Mpc&uhZ-}<$Jk$632$RAyszjXHC5x-UI+Z` z@fd6hV_n#UV<8jPtd?+Z*rvkq@uBA1228aY`9zymz`=mc-a+g&upPwAYzb~wMkRRU z6477b)G0Pt(ebRhJN?$HN~XyU2hMajFb#Zv9NF@oZgxxqm1?3-ylKi+c5{O z12a4m;Zh5N8}*ppKHgtyl&>0}!gb9YgtjO;qQKLCbQ6Bu<>tYo(=J>)UyhOsi}}5; zYvX7*AKrSIAGt_Z$fYnmW7#-&`F*rpc{?%4%Gq-?r#o4`vdd>d{@0a< zLPjwOeDq4@Gx=R9q^WeX0{Sl}S!6ASFtLH&126L-;npgICx(=aTlnBNqw(r?_XDeqVnop&j|Bp+xOgbIG=kE@i8=-BdMSg>-( q{V~m)WvK`o-{(c`&>ryj>N!%qfP&DpT9ebznc{9diFTKE?x-z!Q0 diff --git a/PowerShell/ScubaGear/Sample-Reports/IndividualReports/DefenderReport.json b/PowerShell/ScubaGear/Sample-Reports/IndividualReports/DefenderReport.json index ca32afd9e722628350c6b4427c5d6484b0e2bf23..be93258ac749b9cafaef1a1172a508f77dbed3c3 100644 GIT binary patch delta 2935 zcmbVOT})eL82%2lQ&DPb*IBI{Z9zkYmi|x}L|+@3M=b_?n#|M~L%f)~A~7*!m%AC^!b?KDFpF7?@B4i%r_dHEX?jk3zW3+( zp6`91_uTwZ`s_y2%2R0or00eTvI>T!Kid0P4|6deUOjmCuwG_iZoCfSGZ$Xn%nRd(AFu?op}7S=Ha3lG36{lg4*$Q0_XV`f zu=Du;V|+sEODu{1Q!D|6XU7bc(efBAhCUhi{p@%_KGtPp%JK{@Bxw=9X$+fSvuuV< zm6OBu@H}FD9G-W(nFGNoKpY%UB@nS*31l3!x)*SJ!v*#{A@yQN!R3N=eV_)mkWQq!r+bxB)$`h(b)vI04^iz8W`*_YBR&mog9(1p z9ES%gzqQhG_xQ?Zf_D%6rW&;?Rt=wGvxhmL$6%81`n&;b>Ol1g#bE9D1QB0+!%*gN z8a7Xa>K;`L9vQg@Tro#r!)k<|+qCfDm37X{{gdHU{ceD7WRq0IXACrEk@AX}r}V>K zFOW^0aJTIdc~)|&Q#dGb3SU|c`Vnl59JbK{JI7lo&2rQhhw|z@Dz8>Ac1IR7QZG61 zUMqi%Zis=?Dww-t-4Z3c%T&25D)&2Dwcm=W2=Kg76oe_1gDif8G$hz%-rYGAh$WV$ zJs!$L?@^iP>c#!XOGq3jNCHV&JN6>6s>f>8-%h6rE_8?nd)U#}B#5am6*1W9oG5DT z6QULOmClCRs16_{(-5_{!7clVo*b4%0?A1txDj9N&9RGl zG)l2Ke$8_OnotRRMrjGR;v&WhCCp(s+B=_Rd;&Ugm`2c#V3W{gIWV$wvI}^nlD^*F zUqe)=j#j#N)w@~z4iN%m7(tfl_#2Z%-%*92)yIWU z$yF_X{v^ahg0!_ESBdJnZSF6JeDQBPzm*1nxXg4NG<;X DX7VUj delta 1187 zcma)6PiWI%9R1SOR#e)8bFQUGhqIK;#x^UXu4OD*N9ktiW)T%E-PS+Kv|DYf3?_s! zFA5U!Jb4%e#lvoriwD6TJxR}H7d?rm>1jw2zr;qHvb7TUeMxxl_ult@U-IOs;rUxe zY%xK6wqC{z^XY7WTp&I&K`TdBjs%E{_~|-D-~Fip_zlmP0G13FVH+EkycReI1k|ik zFq&s2uL%M_if!|I2$?iQuN%JXtTb1k;2_ebX$a?nlG%t$$5n8`mPG1Q7<;yzK7^)K zA;<|^jOl}{4z^o6QM1Qr`?};EMtUgv&kl!|rz72#EOw12*X$0aFDb0;IAL?juSZzQ z$We)cH0QuCj}1Q}gXRh;kt}(D`|O7fxvG+r!iu{ide+wtR2W0!nj^&BNwmhBT@s6I zvx5*sZ6elgjmf~5c23lgE`H41FydB7jk6J2H1vp5g&yNosK6_kXgeH;lQn!FIq6>~ zYvdleOIFARJuEr;R3QbDq4#BShb+@%Z{3(z{lmI zH>sV&nX%h?rnuamz!}-I!fNgg`U)T}8!??%9g0ymn)yZ#osX+}ow4HIN!N?-`kvJw zGL;Sjhw~3>Z8gQ42|JJUnUwHtV_%nvWmDT3-fZq2PL_FLl|doJ%2L(H{O2zv57*X< SBOGCg4@}ul=@#s7o%jv&6N&Z! diff --git a/PowerShell/ScubaGear/Sample-Reports/IndividualReports/EXOReport.html b/PowerShell/ScubaGear/Sample-Reports/IndividualReports/EXOReport.html index 0f35875516510370a20a047c9d4eb746450fa282..0ab2946689a6cf5ecc092901e334c59c9f628d42 100644 GIT binary patch delta 4445 zcmd5iDa8PvD%6%S=4D4& zkR4-<%*HmMO#|DEcFQ&es%qxI9?>RcrOznffmH{W)LLjS$heTBbJ&Gv9DyEcu^h7& z^;O#8k;()*tvZWFHZ0p?`y0|#b&zYQqdqz*HlKi3wR2fEM(wpYKwiX-tk-dJ8`k5N zmaGmp^_9ZEJw`^h&b5M`GrI2!o8`H->bI>xHK{+GXe0ejKgrDr5E0A>^Rtu0GB`|C zaM@6yB8v#0u$YyvunV^TWcbAjSU)n(!?$&%l^z`LX5*|1BjsfQEDvDByy({_qBbCA z7)Ablu&AlYjM>AVH759*E)Q;Na-k{D4p+19YZ4+Poz6*J$@Y}l0#{7BOoAx~J#0$l zsicTM=2ofdoa#k?0e!RZ{1*%YI{Gka{gMDR8072pg?MFsoKZk;8Iz=GhmxxWM;lJsMhl6HZJdTiH87YoPu3PQ7se+vD@ zd74J%LHGk~6h*ZWjuhux;#(SVQL->X$f)Rt$7R)(ezXq?3Hq=-%2g~b2@-u#RStco z3~0yQy}n|*^kMO>lmxy0pu~##U=wb+EfhBCZs{30&avGjwLUwQ4mv~HW+et{05gl5 zg;2G``$n9s8o>k*k`Mb_Sau`Rq-;NyN3j1iOzQRv#V#w?m`SjGsDoz746J}T#&xPT>9BEU_U)E_xaHiP4fk&ejSm;tq9lO4s z1|J1-E{1Ge3(Ap}%zm^xi8GCXzR4tg)NV|HeWBI*CEjUO?Wkcj2yKVhmhy6JD;8}- zfU@kUqxU@&D-$$IV?LtgJEc>AF<;{@RQ3AsaO7}R<m9ujpYC=)n#M4=tYmj0LeMPy77M;d(WUfF+{m`fK4DH zZ*=G9Q{S4%;EUabm=WR_hp86|lZ^5A3?;E}^lV9D@o<*~s(VY}w>@1+Ea#i8aO_|S zgnG|HsM!b^eYpxJ?IRTU9%;63VVy-*;7(k+kCh=2BpM3+Nj3qCq3kLODM|XIAe87W zVjXBRgsnwbi#tBhZQ*b>I6djA{@| z{sNdgs)eFqqvZ4`xzONwk1n5LM`x8AWiIdS)wI)cKs~vp)vC(rj`_94Weu8*wx12> zTaGy86UscKGt!V3-<9|{gj)QlGt?M#?lg0u7I1c_nb$-^YB8^wyI}H#;w0n!J$}p6 zI6>Vc@j$w{a;yLzoYlhgvD_pa&ySxLnyL4;M^fU)(xu~01r!`E-SQu&8o1ePh7S(c zVW9J#o)`w>L-GHU7MAuDu9D22Oa+V2nUicze~&wfg`>xj#6nI5>*4&VeMu}`=LbbN zgC~r!6yT8F4|Jy(D8rF%>1^mgy&q+6s2u$knO~SzL*rg;+=#Z2^JydU;CN>w$4E01 z2iN`EN};2C452uIpL4+MRE0?M9{a+4L{1 z%{wrRbdw5TaOvJPilyb?%6F3IP$V8~r@M!oSLuF6mTtKFadvjAxSP;DktETMvKeH4 z>5HpVDZEyidh-AW`?ZWR`hMMp2N~T-2JuI?j4B*M$6@52PdK3SS{eNOdY>R-(~S=C zK6m4aRlZ|+5k(b_rTdY5Skk?;ACJ)AT(?5^wT;mB)+_Mx^-_5Et$?B*G1f>2Z!YoT zdc11c@jIyoFU59z>JX{}{~NK*j{o?r3Mb|dD(HK}4vW9qa^coxUVHIT9zP&`c58bY zuZ2_Z?3bp)9xPrw^(^m|+V9{;ncRH)Zd=r%>z+-C>pu04H`-GDvkFDT?)rP5M2CFx z>$lfMJ^kbNo>+O|)9>(z_0`AsV$DDKt2RAqUjNVbXgT~rDt`^_1<>$)1-~8XITHR* z&ELa$3G0z?o`FAzRd$=jm@qD`HZp-L94g{}M~g6;e;0j(^)>wSnByJ?e;bz**4J|l zt)FNK2OIg1Y54pu?h4Ot=g-hEtTfYmsUvQ9)ARgY!d2LZmcw7;b2JfFJ|{?`ar`K! zWy_BHJ^X$qRs`}_hxu+AD=H0RajPwv;O|q<%q!^Cd5+&9Z=!Pcn=%-zyve!pU+_;j AcK`qY delta 1928 zcma)63rtg27(S=ahxO7HTA;An77&O<@wQarm?Apo62}yVkNKE@N~5krf{4Z~BDiSW zjM9As%!Z8VV#st0?h9ook6P;?b4UZ(jRz_-E~zuMUQ!%q3kc5;VA5#Rb7ilTr3t9vHwq9P ziFiBRg6<4GL_yHHNfA#wn(;D@rCRWXkd5DrdD2~>iBdO`9cBjIjd4S#I@+(x_zo{{ zEY*OB*`#*!^d!p+)F-m8rkRtIWfkE_S~fN$Z&q@@PM)vS?6I@4Wfjg!YHbd0C zJcGH5S-olIS)_? z$7~rmvrG8+iBhWe@F||N1ytDPsGuGg9jOZYJdBv^3cY8Y%h5emM+>* z>2yPOOOZN?Mojo&ogF5h4gD=v4AxoU+;5RCEFRaw zx7-ffDuXmyz9&)ZB(=m({J2q;j=@a=B5fKeQmIl+1g5$Z8#y z>{*M*TpfD%wDB`sBPQpQDzb$wVi#M(E9`8T$TPmuBNen;B(3D~9{53R_V+ z;v3c??AJ*H+Y>2nud}A_U;@{YdM4iFEKV{Xr=Q8dtumXM$8j|9lvY9Fe&y4=t6{qa zC7o8B+F?heOn|HDJWf<)V&B$8)Hhj}x+0GFG9_{6pK3n-fyE{^_T%JmKCffZ>Hkxb zC|Z`HFiwi>I4LX`Jt<(cu3V9#v&DjqtGN_Xf6MDCENwf$L$hF6GpUewe@!gpKH!cI z$z&kz?3R`tY|x~}Z%W?Z4))8(dmHj)61kIFKDyWcqV-H1JG;x+2gxcdY|rI{Is&Eq zR0ZneNU?Xeq!>fnK8JYLB!%%+0;k|$3lU=M5bk;nSDT#(rRXL9v2Pp*1xuj`xuoyU zSE$%$IyO=%?fr!9e>k)rr5Bf><6DuK7 zG{?&vBD+0j6Zx|7u&>ie-0Uo2zUaRf-(6YFZiYf4!hQEiG+gbbp03IQx>DNs>7qp5 zy-NE1nvXqpjm@PmNui;%1jU^fUJ^qL-g4@xM;aU18uRr0=u#^<+b?%wDQkZn(8enH zANnSq#lJeJg0}wiSap`Aj=}mdAKs`f_ZlV2hBW665N8--gO;jcxEqt?? t4ozVOpZxEAbg7)njlP3%Y&#CoVL3vNv#Q~C8j`DV<6dWU7-pQN{{qhqcP#(_ diff --git a/PowerShell/ScubaGear/Sample-Reports/IndividualReports/EXOReport.json b/PowerShell/ScubaGear/Sample-Reports/IndividualReports/EXOReport.json index fd655c31db163d895e41dcab93c1a24602da8aed..5a9138ccaded43110ff4d0b993f2722a5ef57126 100644 GIT binary patch delta 6286 zcmb_hZA?>V6n-m}xr(3?bZWo~ilWp}KK+;kQ7BA61jWV=paLQj3L+?)WkX{Yq6-0z zaoMsMXN)sM=d_D)#$;%=W!c=uVrEQ?o5|+>%#Z00W85LF&3MsDtZl*fCgG%ga|`0s z(w%s+g;&$}4{ZIlkqZ)q_i+UtY*k*>fS1+b+d5GpN<<Q1uN8w+UQtB6eUFD_1DfHn3hX< z?{1)L5k-{OTSD2!3uK;ukkTAgG&D7DVCG7yO-Dl%B^HkBV$Y z*vMu8Syg0-?QVT6(13mKtB*yrK%Z59$l9qp=2ZpRdojIKKCutTmXmYGIEtQx_M1@PrX;h32Vv&N0TZ(yrX) z4CA{F;he9$ZiTW?CL*(dOk}f|2VN+}%PYhRkrGmHXNK#7H#0RZuz+(s1_N*(gFQqN z$Y2W$^*5NMIF&7+9R|k7-pLTKz~Fj?2HUYDh4iw=PM0Q2A1B8S!N>XZcWjZDV-z2& zQ^rmSQ{?(S+c>&2EsBm#ITDgw^E9>Gd;%%z{sMs;uBZl2&kq zVYc*I!EEYlMbIz{5FJO%(gR~=b%n-}I)(a7a{L?_s%9h}hiV5jt;5xfdbADS+hG&3 zIHZ)!4i~+p*-EN#gCJ`l@2gEBk7kUsS~LCJu_sA%K2I79fR1nOlqAdb7n4s1Sg+yJ zptan;?eVSd>lI|3Zfwy8jT)Ib;bLpe0h0dRjc;|AJ&{)*ZMQQ#-cI=`5}}V$-VY6- zb-^nR*9`~atORk#6-MTEgV?3SfTyN#9CDs>H>Xq?ZW>2LYf-ppEn5V%>Y*3wX2HHv zH<__o-8d4py6GV|FI7R#bvU)c;BJEkxdrMg{wc!U0!`2Ot6$Rsf&Vil;^1@F!Yuok z0J4`}QDimo86OP&<@7u^E~XHOO2%D_o~Vs>JXnUNJ4xMimjQTpPp)b#7l#XP%3>w0 zI}~{9kj7kXnRK|Nl*%w&dX=F+;wGxPZjQqZxe}FHyV>emR~LF@wO*{K((}a9V4mPw*X*82xb{_oeVLIxxrh!vNiDDE z4y#BD*CBHt3-GyCd9~oU_SM3lV|o4=sxi{j^|HgSwfE?TXALD(YrvGE9w$cAlG>{Q zMANtGiW=!=que!b+m~)pe>c`pu2at)%hhnop~^i%BEriNlT9$6uiU(P8;%C0EQU@& zR{9~LAe`ZAsucq^6OOMY7TVVxNBid%YK8$u^G>Tov!v~45I7Qd>7aS1)kt6MmT0DR zJq{wi;SGK9fo>_yEY;S%(32Z_4!QA`o*%jr7jP!bsMC8|=gYHVHn$1Se2E6@;l#?#Jd}x0V z84btlbaeZAXT)$v%;y_iG2Oje2uOuJ(}F{Is$~vg3f}@hbt#znYN5{|=3cgYIJAzU zGI*pomAyM*Gf%F|@yQ5Sz^QG}ttD_Whk#Dl<7OP6oN*kfwX@K<rd$=?&4tX;52pO zctf8-Ln~`xk7F@b997CxWgR5YS0}90lFt!CWy!E7HvrAE z8}p-QKRs65`-O=vU&&LVGvVru2%RunbKOCy-{_!p?V3cX&t`Jvf1B-zY)yS}t+}oX zQ_$k#B}zGlG@|1F8_EoOC_{1KvCJ_-)N<7D?ypalas(@*p&u{kAo%EP4V}K_m){$x z>^39FVrg{m_JIJRCx6iqExN0K@A~9!KuUS?yAC(x(B6kp=kL!pg!s>dKgVW>g=k~@ MU$Wxha=O9v4|qiNpF{dIWQR0uX5m6c<{t(l> z)hP*C5*o3>y0nE1T@fK6q7d2#%zt4b1rlKv)w%cFedO+i{@erSeV+3^@AJOr+>euq z?p4*4E@7XADPqh_3Hfql1B_Rra9gif zHy`S?DjvT)K=Hyz9vTWu>X(rZO93ZnZbsoo9ENLQ0l!qD936{N+C5=PGN|tbWNHwS zbWcVZwX*Q=-4dL+@`*arwdNA)<1L@Hir8;o!!B}=xhY*S@8+^npGtp(@hsf6@J zKTO|tHD)K|$&lxu9D6Cfjpts~9{O>)h2Guu2kVwy(tcE&ndjK~q&~ML$%2(K2ianR4qYBK)IO#C zv*LQj7LMMobmuZ-eWI0jO1o2aN#EDalk?~5I_<^BPnv0Ax6z-2{TURakevck+2wn& zU;_X}0V|9#740CL%xsRJJ&ExbXwG&5EGkO9G=zie2JtaWHd_Hmopam@LpmnM z6>(S`6Gy3izWmkhELxozpxMYvbf`HC?@GEqYiaF=;;pJwETrR7#5nM=LXH4oF(MI% z@E!#PZyxkOOAal^T~yj@A@lJ9*8B{^ZO6=UzzxIin_yHi0Da6KhItmojL5bsJ)okO z%?iOYLmQA6J1q9+q?4YKOpBonuXg*XxT{hcQqpNT{g8wt0dE`!Gezvj(=SdyIlEiI z(h=!R-CIn1MUp>?_lD;x#S3UhX~Mq?fuj!^*#+`6iymk_kI_qzXBRR52gL=^PsjI_ z6A*2Oxx-`KvTJ0Y^`w!F_nu8NvKDVmGvYf{Mu+;U=orZq8)9WtV5p{>hnKn$(+{p@pEzY#IP`o#? zqkiVe&Kj66*GFA)3tTUo>8GP5kMQ)|vj~8r?{n-+Fy_-xv6;N5tNy1r;!KGnrL^<0 z|9?C3yV4v>bDCL;{ zE!vY&$gF05ad7X#xf&8d+JEj985ur4SGr}2O?!SSu+x-M+BcmNOz6|l+u9EV=!m0=*3R2Dm4;zzqz!~$~y7p|x=NWJQ#v1>o1w-&4D!L{$32B4==yYj0~3>7V?w7j@B zHKJzr;%NqGAO73W=fyv+t@QJiQzpLec@uR`-MtysFV9ZPWa?YFQ{GZG3 z|KvTN+|W%;>MmX4jRCTobdVkl@-pT<=H$IZAtj`AGZx)pfs&^;`pKSnj20V4d5oud zFr98jtxMpGRq6Tk*YL4J!jG10%*akCvOxc^ggMTSEYZ%yJIh$ z7!gI@ua=Od9T?DCuqJvpr{e4~qJdI$q%>-|_fz(1HN8b;ozo^f-o@C~#rB(H8 zw}7ck3w3V`aC|@=vI5j}hrPAv61X|%#^LQka|g|z}! zp39)ZGe`ACh19dbjw4u;M%NEZNgDwgtdWyZb+Q3fbxT|xt{t@FoexEfbczt)_Am#J zF_bt`9`Q2QA6EE=^Re1%!7p#R&{l6i?5qvLjUJY1g1)*u67oW9s)7>nV7%!9myOF~ zc2qYzky`7*$T0&3!V(+WN2AR@80mbwg+sw%5d(Wne2DF$9t#Z)EFMfnxJKF%JwN)G zQTEDs3yuJU0E zo_eG1fy9p5A@|=UaS$3CvKZ}ohuwnJp>sW6W=^B=GD$dTWq*xm}g_SM^g2PPv z-us@heo;naS579e>lD1(L@$1+=OS}Q&^UJpSLdP#EM!DJHzPLx7P=PB*gHrWd7Lzm zPEw?vibx0jbKy5Gr-TK3q?kS9e}(|NLkjV;_g)rDJWF6-dY;|kLgIseIUUhEC74|r zSNpcm#jgZ|b}YSN=COLyjnLy1rfJHPzJZ7{>)@@b05p1XH)&)c4Z_ Ni!zcHT6X_e-Cu{f@*4mE diff --git a/PowerShell/ScubaGear/Sample-Reports/IndividualReports/PowerPlatformReport.json b/PowerShell/ScubaGear/Sample-Reports/IndividualReports/PowerPlatformReport.json index af484e4fcbe7856f8c0d9e5a5bfc35fa6537520b..cd22c8a0f4337498835d23339aef2ec4e80b282b 100644 GIT binary patch literal 16391 zcmeHOU2oeq6yqA!zN^GazY%8;!cE!-YzU>^| zuq18Ca!e&q5J9j^QPdU1`@wrIFaP`Zjru}8QqlGCk9TEi8|qjM)TK(*OfA%jx>6Gy z39de>hI*`@&3@8Q*yO*VUV`Qn)Dt!SOt+)H%Iwo76iu6kIs(l(jsbqA$GuW0KgTG{ z^vGDsJEc&5fj*Bg5?7$__PZSF&p>?vx@I&QYDayoS~&M`?%=Kf@bG_+2>sYi}(VpK|ykaz4k1 zkMSLrpT3S5sVe#p(};%pQOng8^zINNAmb^z)&LJE6Xf6svNy$;r)r4v5&l2m&PpuA2sMe>o~8OA5Sue1(lx(`;i+NHjO)@Z2TKuJ7D=@(e214ouA zhYO6{98%lDae=R1Ksv9`vnHNM(Z?44M`)4YZi;bf!Lps}7750lqdP<08Dt^FxrG*O zJiCkE4zBD-pMdTFt;V?&XnWX#5=>2QXlw&-&_1yemd;d@jf6$q@Cl z#PT%D{_`>3a9dn{iua1e!3-#^>!<|+uFAgqxUViHf%QYd!29rh`;LczK01XcqYqw_-!XV8{3aHmkLUAS&`P=d_PuoL zmAu(X*EX{cY!#+mo4+Rv6 zE`bGN{8Az;jA|SEG^s@N!;iS%>s*H$V%vgUHvF1I<2_tBfnHZ%mYW7eXAQsK5Sbd8YiLTp0c~5<#j|64P zSQqEpkH_3jyyu~yr&I7~3LX+CG3q>rbO^!{)D)_NE`B+L+^w$A>;~(T`;Lczk#?bZ z>sMkJ<2GE4q4ni+wMIfkD>7WKtKN#t`dEr9H^eW?a+8IZMAEog$#s<)q0|V)B8BWy zjZo~mEv-cL5XwGg4~buJz4Z!LedG>^-)L)=V<0BZDr<$z6kwc1aEXs#WL;JwC_}Wl zz&jXWsfPVH#JBDTdnMVjpH;irdWk_FEo9}S@YZ5@YZLeZw7bmFp$Eqi4E5NudYE08 zzedY-e{z0#Ri9C?6usn~ss0Me5P47T^9#m0KY;7af^bdrj8^p$zwA5$M%d2PpP)*a zl2I9Hua?oc2>3oTSzTV^PUPs1ikJIX}qBn~|Zr`iy)m|lL;G66+=`DGc#P-6!)!irI{4*X% z?K$S{AL&)nb7UNe5r(|DkI{3s$+HG?J$H*`$cjReM!h@4oq62y&0>?Gn(DrJeK|k& zNKC$(3wU??L#maJaFgD=&Dq_<{n4@)NA~U}nC-&$UN^9JjcAa_Ofpdzm6f<8vocqs zOAGMyo%%!X``$KdTlNkymciZRCUd;1JCPe|HFo+dMs0?XGPxOMS8hnQExAh!&Ae3F W(foIqJ*YR0wfdf{TuFY-qyGVi0W2^8 delta 485 zcmZo~U_9e7;SZzPWJONr$qtO?lua1)84MVVfus?THexVgP+%|w(pEq*2x&6ekg1!| zU~(dp<>U>f5|cRjCd)84Ocr48n#9RA`GJJYSIP c^vO#0Q&^1{^cV~#A2czXyg`d^@-KTH02>9Er~m)} diff --git a/PowerShell/ScubaGear/Sample-Reports/IndividualReports/SharePointReport.html b/PowerShell/ScubaGear/Sample-Reports/IndividualReports/SharePointReport.html index b484539b2cbe1673925b8a9f55ed2fe126245a62..0d259f0d5f60c187bdf446a962d40ebdeedb9b67 100644 GIT binary patch delta 5008 zcmd5<4NP0t6~4wcKgPf_=Fc|R1`;SF7`vo~KuAi{hO{BT8q_2WVK&4DSH^&GAY^HX z({9bCN=-S_RJ9#zqHWT$gg{=$nl4*m-6mB_P@*-Pv{h5IW>ZutOOUpys=9;XRm{bDL6f9~yGk{jDN<=_ znVCI|qcyA=B_gB7R134=2=5cMiLWX_FsH+tY60$L=h>`$LKH{!Dr|>E`FD(d7$_{x zAg!8+EcWHX=jt|SRolh0>VPbb1ndi|(y+KWT_MXbGa9HuP04}Aj5n&RxKfl`tA5wP ze7+9mGy-478iqqBIF|qv6fSa^$ckGu^-GKkR^-B*x&&r4#%NjbW6h}KNkm;Il)*`D zZ7R7D!W5jk0;QEBKCivL#H3$mO+mV`WSyINQQ{D*Uz2+?VHH39NXc9_X1DzlNtoFvhtp>Rf72Y)Wu zpGuR23_<^#Fqx_-h@!$Wt@n*BVuz_jmPXL{I0zmD$EMYC{x+GC;kfW{Sp=w6fQ8#a zSxi_xX4id~v%v79g*iOL;WQK9C>)k8!B1CwWz@n3*)T>pfU)gC@6dSGj}Z=Fyxr(h z7q$o4dZt2L?nkl~Ss-y{2$5e^5B^@d&eX@(^YXP_oM(i2IG~^t4B$=G!+2gY+{;e~ zbNOT9Uy3gzMA7@bHKsHoyNzw+A+Ljh>`L)(B~21NBI)-*={m9hp=S~eDs+n6BF9~9 z2+2zkT#q1F;8ce;iISiX3H{H4YS?2e;-tPO=tJbrN~MJGaUB#ctCS5``rWm{E$x&Fpd3!giuFvOUG(`e*ZHbq<^;T9p!Cvc-(#>EnTtvlc6Oo7v>P54=dE3eT zbz(0$;6WTvi;RQu9csGr8y(C<*Cgd>1NCH^v!hXg0uS$JfA(_NU<+J7XC#+g=F1 z-9>PC|4}%+B@5IYc}fRm0JNMahO7Q`@kGb(lME7j9w#_iDf&tTq>y>p2z;j_SJ#CY zNQ5NF&8&zuqeL%r!PKK#$n4aoJcqsY^n=?ktOemEGpu);$>Y0Sd63v?1V@bmTHPvm z?RS}Q<8{T@E`|7^JO!tP=?_I)psCK=xK z>7m_IPJ3LKI=4JIi7?);ha1P#542|tJedpD_GEY~Xa;q=8uyLNvAxOh)BS&v>)COV zFlMgDk(B~zi8DGMw8a^b5*rew~Y7KB$j~^F86IA;(H8dMF=WvW>tk&$M{taDU>)|Fm{c1s+Db954{vhmn7% zdmHxnF|+8HK^xB?{ydmtR0(J+AK_yUUQuSNi-~2Ib_y}JWGpK1mR+C%3)W_J!+lj2 zwhQ+aa>vX!1Ty@KsWWRA?1*7$Z2m2>J%$eP(09Ccg<0o=4J(X>3J+~1M9E*Y#DZ|P z-GsZo1@5*b!sX5xzRM?zMK8|DL$p(aa6%oX-t+K`H3wR=RN_BQ{MIzO72`~YBR_&j zr>TS3ibP*JNj!m=OZk=t1 z$q5x~JJ-bjzjJt47iOj{;z#dpm%*mrIN+mqR29TcVkkL*l^$CQRi92c3uTR@+_>ux{74H&M7*$H z$|E*W6+hle4jk_IN&D1s#fd6BAYmUkfQHamGPR7U_o2!x=rqt>ztyO5pf#qf^nR)a(gs6xw1$ z-lJBqNKfLrSh!7Rw`ESlpN~z#hDF{g1xua{8@tn4zi_@G23NaZXUq=vLH`+J%BZ?S7P zj(zCD>kVeO`|Zvi($17BW@M0ThWIbE52Xz0}g& zTOBa%w?i(m)5cb_iB5M391^QVEIe)E53}JkV5ZTEPhW^*3KF$Qd-F3m;1^&DdU1Oo zSHU85*nyAP&p&(=<2~i*u8iB^P#Isdd7-P%JRsh9>JxfY?QgNPu7$aX!!;3G$}BkN8rvX=!~@SB}u`(3^Ej-KVi85%*= z?|t;w>*X9yuh;U*-nO9kniG?EypX<$$Nlwqh&NW*(>_*oo+W#(HqbwBp41ylNdsGf z4tTD_V&exh9xi3+J4qLu-?`wvmPIp{?kdd`y#M<)JuA_n#-~=YxE)N;_ESJ%fqg&U Y)7r?mb(e8hQ$xQDMKBrFYdQMA0cFt{!2kdN diff --git a/PowerShell/ScubaGear/Sample-Reports/IndividualReports/SharePointReport.json b/PowerShell/ScubaGear/Sample-Reports/IndividualReports/SharePointReport.json index e4f0995e9293ac695672597e6d2a165c16ab797c..adcd80d724b4112a6dc0a767f9c68c0dc12f257d 100644 GIT binary patch literal 21423 zcmeI4Yi|=r6o%(BQvbus{X(VM&J8{wibTVuNDwMQsVa&plQ_o3PF%+cr4@g@?fcBh zFuSogcD&nYO;(mKyPlnyo%5dinf>>l*X}EK!zE|0zcWYSY{R{9T{m(^ZtNy**PXbb zUL75MbPadMUpxEC(8D6%4fjla9;)|_8+`8fw)=MGoEGUZv}w2>)#tHZUA@DMZVhPcI@etIC}c1dG=k;z0>)`z0~ia@4F1z{jC1S8nLf;FGat#rE&2o zhdze$W3Bi=_Yvut<&l7@dEdo2qTwEUT%CyTcC-Svp2lkp_t5?6smHp&Es41DonI$g zrAE#j&YN@iKRY`7{#NuHr_i#l-^Hk#9s~Ju;70&kd;0a0WX{vncpz({wKx_I+j{kc zhl%d_L^EsYiX+Xjt?#~CboB3$JJs>7&d{Qx)$IE9Y3pd9f8XlgQz5z~Ot*yYwq(SS z`{3umT6WcHklO>&gchteyxG><*5BkL=O^lS==R;$8l|aLS&B73Ur`ptwl#m_%OlOK zD0%}D=6@H%`TYJvi-sgm`VJHKM6xH!uV1|#R@RQz<^GjgGmG0;ZCU(BqJLAi|4?g=4U6xL<;@CK!3KLNix7JpOh9uG z3j*vMwzS#dhB5meR0MncKy9ae2eUIlA90e<8>l2EW1ax0W~5W0i^vl8J*$Pki*3&@ z+9dLw!Ys1hz!U%PFS^RSf#72}T*6ESB-fU3wjuQ7scEvzewONmN`UjHw77K|{>tK;$ z55hHeOjNSG4APE9oz7Bilsd)>e}CNTmzbs6kk5qe35A=YBK|LDB88it(viaFb66ag zP2p_LCq}YgFU3`h=sjywjE@!{r--e&;WJx!97Q?lGV_HCF3M_6ONlgwh_qy-MDV17 zlsNX05TYfstW!gn*^>NEJF>nYcTZPv9CKGU^*i{n!CK9>2xmit2YWT$CwB5Tm5933 zxh+F!zFj&SnRRY!aqbQ)oRzwl$+RPrs+Zd;DwB{1WA7E?HCw)Ww)dQsPp{OrD^Iuz zUT-Zw0=lc3k*fWVi~SG$hmc{h825c?cPdjXBKlO^Mr;+%3?9lW&$+=qNXMs;ao8e> zYR%wUvO7iXsOqj`3xCB%AU-piG+P=9vVVH_zhX&^-DqWckR0m`xaI-c(OU z^QOGT@@SsbmbH(PuDqkVvYM55BOxT4W7(I~_$XY&EJ{|sSnkE-%XHivJcTHCqD;`5 z`iVVS9vR;n3!)14Kph2N#4gVFHdY}Dp2lxWc-$5K(0JD+BfEJfd#-ClyI6d6K7Xu2 zlnf12J&zRW0Vi5zFgp)og$H&^HqM@npyhd^w4#dRGI}a_sMLX2q^#CW7gurD6-FUa zYdPSo-Gkq?ScOron@lRzx@o?iS*FFR=%(t`-x5_Ii)*>ps{GnAG8;#KYdHau6L31rv*IGuk>MHniMej50 z^<$OM-k}yF(f-)DBk+29ir2e#x6VCeWB2EG+;4kbMiu=~x{Q70NZpY*=qj=XTXojp z%&R4Sdhu@iEoB187$DuC7CD4+sa41OcNJ4HTkZT#`>jgG`(uW0R!tFm!@Ax+4ZDQM z0I**SULOlfhk6CCH;pZ-h0@rvC`#Dtb*vu3^Es#*UM70L@BSI||+8Bh|di;x~vuR%$BDi#zb zZVa{S{alN1DQ$|>*rLy>mp!;@eMXFTAf0IS7-PTNi#=rE5!pqJh3%}4daeq2gu3R< zcqCs}5$l_-=Dxa`*=qTnmzm9*oZTxt$B;^pj(;*9-{Gks%SNOddWIGD0eS$N;eprU z>}{uBC7JPjxQS@`&i$@`m#=8EX9b0)KH78s;PP-c)p}xJ!%gpyw%Wf?uN&uGWWNN| bHH*$NwE1I%C(B({Pk+knY_TKTLw4goW60Pl delta 807 zcmZ3#oN-_Bghht3W5s)@wFkw(& zFa*+8Krskuve}R+n{o0wwwB2aW^9u`aJx-j!Tt=$mY95j!(;LS1(wMdcrzyNGnblt zP9xWME+YzC97fa-zzHh$ zrdMWimFXRzUL5gIJ-N=Z3rig6Om477I9<%<7tz)SxgqquaC?K>>dMJKynbPXn369- k`wrh{IIV36(A#Vi$ihfWf}U*1ls@@X&=g?Gix2h(0P>O>+yDRo diff --git a/PowerShell/ScubaGear/Sample-Reports/IndividualReports/TeamsReport.html b/PowerShell/ScubaGear/Sample-Reports/IndividualReports/TeamsReport.html index 3bbd1170b3baa5b20ca70267c3a38c16afc50a2a..7d500bdd5a436f143d607171a38c9d3383c97ba8 100644 GIT binary patch delta 4158 zcmd580Uuu4Vj5QF!C|DiAGIyGZHmX!xHrei3-MOjEZ86@rR1%+_&q;*eHJdFird3 z_ul88d+u|dd(Q30$JCczR!^SN7(J|<-NUL`B@3`_xS=w`_ZowJkOkRZ*2ng-8YZ)q zh*`~6Auf(7(3dk0j)*>8)VOFl5rq)p0!bzrar$`XnO_RL?Gq-3Q?5jLA%yQGX>)P&TqL^Eq5x#`lEnrFw_+ zS*60hJ4Q&hscjBLhfS{uOnj}iS?lL`HImhwjNxBojYzg67txts7G?*DY4BLf;CXY2 zo)A$^VLCHk;}(qnVE$x|Tkl#fz%f%%X(!GPupw54(F(E%wmUFtL9`nZk?RmE^dtWv zm^M}{j^W`)qZNKL<-se)Tv(UqhSS*}7?UEz59OrIWqZ_ShY71`F}bM({#9$5lt!xf zF1Jiyo#4IGW`%cbCCN4cd$}RctJsZ+fw$PlRdAxw0xKL#6Xa9uq3sK)Buj@Po8&B9 z%Wu(>y{KQfSq}^qxSb^5xwI$Ge5;^=?{O4KM&c@j?6o0(AsAn7o)xsT3=W$ri(}lS z;u^j+6`SMeUSTuB`XC?&?!Y0E^mVqJl3w2^bYM@@MZyGPT(WLB@zVW2uNy9C$(s+M?Pfs2)+ zGZAztgkx>k4j|K{>@c=_ar_XBn05%o#+7SXOm2tB2FxroL!(8Ph4B-%BN)j(wwB3I zXRz|ga#dCuE(7DkHkca9g`UgOIh(%D?tnRIq(uo?$LEIP@DUSOq$^Q5;HTGxD4*%jljWI%Z6mi=+qt}_P+IFpLy2t3$WKHtH;C{abczhn$q%tE?4g}^;fy}!hw0`WFz~=# z;I7i%M^4otz6X~HA+zx%+gLkVA$gE9-Dtl{wA%#pZP-ik3L*hGiyVW=ZCW_F)sVHF zC}H;sDfMAH1kR(YKwV!5J*#zrAzZ6XtaS@c#G4{SIZS5j@#|+ha22vAqYq(0o&O&Brp!64>?oJ3H!QJAUwV`DG)PT>`>lP1fTmFQy?#FaKOG@g)q=^1O_%(K--$D z@zW_nd2i*XTBjD-6$Ng>t%ulhB!Wakp+CrmVR|6Dj6zC^J}3w!dY7_##B^itQhZA& z9%$CtlMVjPbp3uDSuZ{^Jh;RR6O|_D87Y9;Kn7HGTA+5P4z73PfU3O!CiiAMqt!@v zf!wa;otYz886~Eyp_xm+a&|I|UALko5zrhAqo2xL;dAH9F zU5TOi|Kx@nTb=V{v|IDR^!>IJCp7E}q(FFlo)icrA1s06k8DqYY&+g1!r6Dg63YV~ zekIbRGE43{bNzBVoqo0srl0{|u)T`bIRo*q?6m3;K& z-4eK8(!zV&lSU!Gd@8?_1SvyJbHG*p`9pRp_Dz ze`~PMjlcM}6~Y&GY3Q$s8%Ez-588{*OO-J5)h_<~#g+PK^T{{gPLDPxF1?->ZC-r8 zL>+BbeRO#i;QQp{BGKE$TR)3nlh1thhZMyXeWOwa1N`ah-)lr~fM5OP*;&BlUq4n1 T1-S0dXQO~uwQ9*LNxHuPmj>-h delta 1626 zcma)6e@t6d6uz(Ym*vqu=<6u8YfBj;D+5~S$bv%3L`@W7gkS2G$$k{wtU!PPK_iYC zOw=&&BaBR3a9bAQ7K6KsEE{8h(HNcBC1f%Dfy`)P%yfk~{YMvXZy(aQEHN*6_q=ny zd(Zj4bKm*=oOb_`>U^YtZ#$OuGDa*iz7pN|-L#qB7TX2Ehh(RjLA$VO9M;709XGwt z4;Zl+5iv^|AK#uNZ$XoqWtFzBSC(FY{ta&INj{+L{WiH+IrF50rB5k~`RS3A9zlU5 z$@>LAlBEpDP6;2$Un&WDET2Hi-h{Cv5gmpN$Q6vJOC8s3BVJB0(V7se*NI=G6jnpb zU75z*h3veI<{Z*ani;l;xR`W2j9Oa`W)igsU(w=6yNp%G4oSba=*PDI&e$~eNZ`gx8IGCGAd+DOm*2ICnLt;ss2((pJ0 z&&G!eNUm}{go1Qh?%6FUGWxQ!>2h|R78gHFp+f~r5`Ng_fYfNmM2{6SK`UHGWqP@6 zRfon(2kdo5x?J9^*15=D5+Who2&7_Wzlcb$mPV>ns(%Bs6=_%=Fv44HpaV6(84#)0 z^g&1) zK7Q4Mj#ewe4SEa>7V>qqDgf634_q&35qPg01FzdL^Q-~y2FC<9ZuFWFXtZK++^Vqk z(*DLp9l{|!z1XZ4@bfNfY8w-HFKJ@pt=Hlr#W?qP8WsX}4Ugm4;3GN(i91z~@vO#X zEsBP%INRnxBp|}mehH_lZFu9L8cppoQ`d|BMjQ1W{!7El?<=y_9xr+WK%Ck9dgHmrqweZKfm zlnlIwM`^`dEm})_r=tC9V^0=7+>;e0k-4tr{eAr}+Q7tduvx}t7CWJIAd?ds8Z6;KZ!ZtS>Pfsw0YXrE?-X1X6W*ILajq=Y<5_K{YS$E`flLchMYB4qfP z!^@^;9*GW{eD-&`h>xvB%olt6@%?N)n+&9GuG44XZeYW`N#a6RxzcU zmlG7zz35RZ=9#7N8sPd*Cv@EVBAx%Wm6^2k?%#rf8~#%j3kK=Ed$%>*8=Ty!5k?fm XWI!h@#EuG1b{mC}HB6T*lneg=_hA@| diff --git a/PowerShell/ScubaGear/Sample-Reports/IndividualReports/TeamsReport.json b/PowerShell/ScubaGear/Sample-Reports/IndividualReports/TeamsReport.json index d4d4b9a57639b6bb430ea1286d515afe4f2b1600..7b3c0481606d82495a894e6ffad24f73dfed3541 100644 GIT binary patch delta 2872 zcmbW3Nla5w6oyZkX@FGbxuv8cmO=+6Yczlbq$y3qWI`ZmDWy?ri-2QHz>P7)4IJVY zLWm(oO|c0JR&GpKut1iCC~jQ1aK#E;c zWl7b|&;VL!qN|=h_0R|k(9zXMziH{J0|Pd=+>3T8t|y&jcEdFI;2})m;&@&~FSzJ6 z3wOZ_ZVI%~e;)egq_+zlsh#rE@nEH>`!Gi1r$I>*E9j-f7s}4svoU@2?*uo(MKe0- zZV>vw5*m+H=23|O=gfDibfBTx&S%%aR9NmxVfYnL0Mr6?k9KQ zp4t*Hrbs1dt6sp*H*EN^=r-Ngp)AwGhR>(9hDFt-vnVURNq-*<8p6HOw%9>eq@kcn z^h-a9&t}f%YQ$}M9Zn6V;jz>!KG-PZgV$vK{|L$p2IVb?4Kg!~_`EO#B!Z%SA_sFM zjf?g|$tXUk{BTh|XiUkyGzc@?f-9h%7MzwGHx=DgXOa+<4e0S}>a9eCQ==#0xZnwi zmI=`d4ic<}q{&yIq3@w8dIaQ?Rl@g7mE%Imb`Vq?AzUu!gO6m~$#?iuxf~5i><)29m6hE| z7T_SO@lcmN_(N5I`>7pqdu&X!$FfH1k?F=kd1p8sh4O3gyQ&DsGE5PgdCTpQ9hFd@ z#n@4^%xorhuVwADl2g=UFJ)$mbyE$@{Jb#BdWqX{Q=%Qqo2W|%mz~*dWOheJXGF&% z=vRkKb`9HVUq{pMMUVBX&4E3&UZf+l6u;`3W3Ayv!^>zXVuP(QQA@M*R?r#aqa~f8 zI~&=83m)-!NnAegih|snC}edrK^_lQq9HN!m9Xb0?<@bFcl4Jm9vB+wpdPfS ME6|ZgmrA7n0MnE)jsO4v delta 931 zcmX@Qk?GeN#ti~Y$|el@3fTX)B-@gfy94IX!)10@vgvOur^i z5H^{7i_L9vfsE4T9Cj|o$qP6VCSQ=uo2(<0H+h3{1z158H(0@BJ^_WvJUo3+HENR+ zQrITxIiM)5;fE=`gvF>TkUf*bL>6F?1G+;TqBlok12*|dG9c+SSfvzzQVQoVq#V>C zHs-JkO_tEu1(nBec!M@XnVZfnTuL0&O(ruLK-?E5qBHq`0X8=pOs+Hc0{c>#1c(N? z#4IKp8YVNwrB8Or`~}yuEDz!cn|x4&LF^EyYJ!=cSc+u+i*ktCx{3!_)J{$;O`j}N zk1)Eb1)^M_bqO}*jB%-x3%dWnT{5W`W;(}YgT5A=TBiJ&Y~ZA~IcORSBa!**H>(kY T9)rQ;gGz=#t$dSr%-{h46|`J; diff --git a/PowerShell/ScubaGear/Sample-Reports/ProviderSettingsExport.json b/PowerShell/ScubaGear/Sample-Reports/ProviderSettingsExport.json index 46bb93a0b..69795d94c 100644 --- a/PowerShell/ScubaGear/Sample-Reports/ProviderSettingsExport.json +++ b/PowerShell/ScubaGear/Sample-Reports/ProviderSettingsExport.json @@ -1,8 +1,8 @@  { "baseline_version": "1", - "module_version": "1.2.0", - "date": "04/03/2024 12:32:34 Central Daylight Time", - "timestamp_zulu": "2024-04-03T17:32:34.712Z", + "module_version": "1.3.0", + "date": "06/05/2024 14:50:13 Central Daylight Time", + "timestamp_zulu": "2024-06-05T19:50:13.391Z", "tenant_details": [ { "AADAdditionalData": { @@ -431,7 +431,7 @@ "DeletedDateTime": null, "DirectorySizeQuota": { "Total": 300000, - "Used": 1110 + "Used": 1120 }, "DisplayName": "tqhjy", "Extensions": null, @@ -689,6 +689,7 @@ "TechnicalNotificationMails": [ "admin@example.com" ], + "TenantType": "AAD", "VerifiedDomains": [ { "Capabilities": "Email, OfficeCommunicationsOnline", @@ -699,8 +700,8 @@ } ], "AdditionalProperties": { - "tenantType": "AAD", "onPremisesSyncStatus": [ + "System.Collections.Generic.Dictionary`2[System.String,System.Object]" ] } }, @@ -709,26 +710,7 @@ "DomainName": "tqhjy.onmicrosoft.com" } ], - "scuba_config": { - "DisconnectOnExit": false, - "OutPath": ".", - "OutProviderFileName": "ProviderSettingsExport", - "M365Environment": "gcc", - "ProductNames": [ - "aad", - "defender", - "exo", - "powerplatform", - "sharepoint", - "teams" - ], - "OutFolderName": "M365BaselineConformance", - "OutJsonFileName": "ScubaResults", - "OutRegoFileName": "TestResults", - "Organization": "tqhjy.onmicrosoft.com", - "OutReportName": "BaselineReports", - "LogIn": true -}, + "scuba_config": {}, "conditional_access_policies": [ { @@ -751,6 +733,9 @@ ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -776,6 +761,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": null, "IncludeLocations": null @@ -845,7 +831,7 @@ "TermsOfUse": null }, "Id": "e430772e-f1c9-4618-9b68-4f125e80a288", - "ModifiedDateTime": "Date(1683901574815)", + "ModifiedDateTime": "Date(1717372277946)", "SessionControls": { "ApplicationEnforcedRestrictions": { "IsEnabled": null @@ -870,7 +856,7 @@ "FrequencyInterval": "timeBased", "IsEnabled": true, "Type": "days", - "Value": 2 + "Value": 4 } }, "State": "enabled", @@ -898,6 +884,9 @@ ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -923,6 +912,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": null, "IncludeLocations": null @@ -1045,6 +1035,9 @@ ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -1070,6 +1063,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": null, "IncludeLocations": null @@ -1199,6 +1193,9 @@ ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -1224,6 +1221,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": null, "IncludeLocations": null @@ -1358,6 +1356,9 @@ "urn:user:registersecurityinfo" ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -1383,6 +1384,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": [ "AllTrusted" @@ -1515,6 +1517,9 @@ "urn:user:registersecurityinfo" ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -1540,6 +1545,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": [ "AllTrusted" @@ -1672,6 +1678,9 @@ "urn:user:registersecurityinfo" ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -1697,6 +1706,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": [ "AllTrusted" @@ -1830,6 +1840,9 @@ "urn:user:registerdevice" ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -1855,6 +1868,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": null, "IncludeLocations": null @@ -1983,6 +1997,9 @@ ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -2008,6 +2025,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": null, "IncludeLocations": null @@ -2142,6 +2160,9 @@ ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "exchangeActiveSync", "other" @@ -2168,6 +2189,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": null, "IncludeLocations": null @@ -2296,6 +2318,9 @@ ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -2321,6 +2346,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": null, "IncludeLocations": null @@ -2449,6 +2475,9 @@ ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -2474,6 +2503,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": null, "IncludeLocations": null @@ -2602,6 +2632,9 @@ ] }, + "AuthenticationFlows": { + "TransferMethods": null + }, "ClientAppTypes": [ "all" ], @@ -2627,6 +2660,7 @@ "IncludeDeviceStates": null, "IncludeDevices": null }, + "InsiderRiskLevels": null, "Locations": { "ExcludeLocations": null, "IncludeLocations": null @@ -2734,6 +2768,163 @@ "AdditionalProperties": { } + }, + { + "Conditions": { + "Applications": { + "ApplicationFilter": { + "Mode": null, + "Rule": null + }, + "ExcludeApplications": [ + + ], + "IncludeApplications": [ + "None" + ], + "IncludeAuthenticationContextClassReferences": [ + + ], + "IncludeUserActions": [ + + ] + }, + "AuthenticationFlows": { + "TransferMethods": null + }, + "ClientAppTypes": [ + "all" + ], + "ClientApplications": { + "ExcludeServicePrincipals": null, + "IncludeServicePrincipals": null, + "ServicePrincipalFilter": { + "Mode": null, + "Rule": null + } + }, + "DeviceStates": { + "ExcludeStates": null, + "IncludeStates": null + }, + "Devices": { + "DeviceFilter": { + "Mode": null, + "Rule": null + }, + "ExcludeDeviceStates": null, + "ExcludeDevices": null, + "IncludeDeviceStates": null, + "IncludeDevices": null + }, + "InsiderRiskLevels": null, + "Locations": { + "ExcludeLocations": null, + "IncludeLocations": null + }, + "Platforms": { + "ExcludePlatforms": null, + "IncludePlatforms": null + }, + "ServicePrincipalRiskLevels": null, + "SignInRiskLevels": [ + + ], + "UserRiskLevels": [ + + ], + "Users": { + "ExcludeGroups": [ + + ], + "ExcludeGuestsOrExternalUsers": { + "ExternalTenants": { + "MembershipKind": null + }, + "GuestOrExternalUserTypes": null + }, + "ExcludeRoles": [ + + ], + "ExcludeUsers": [ + + ], + "IncludeGroups": [ + + ], + "IncludeGuestsOrExternalUsers": { + "ExternalTenants": { + "MembershipKind": null + }, + "GuestOrExternalUserTypes": null + }, + "IncludeRoles": [ + + ], + "IncludeUsers": [ + "None" + ] + } + }, + "CreatedDateTime": "Date(1706130757851)", + "Description": null, + "DisplayName": "Terms of Use Policy", + "GrantControls": { + "AuthenticationStrength": { + "AllowedCombinations": null, + "CombinationConfigurations": null, + "CreatedDateTime": null, + "Description": null, + "DisplayName": null, + "Id": null, + "ModifiedDateTime": null, + "PolicyType": null, + "RequirementsSatisfied": null + }, + "BuiltInControls": [ + + ], + "CustomAuthenticationFactors": [ + + ], + "Operator": "OR", + "TermsOfUse": [ + "99bf8fe7-2c57-4155-bcb5-d6b54de5cea7" + ] + }, + "Id": "fe0bdee1-2fc2-4fe4-8e2b-eefc608c2c04", + "ModifiedDateTime": null, + "SessionControls": { + "ApplicationEnforcedRestrictions": { + "IsEnabled": null + }, + "CloudAppSecurity": { + "CloudAppSecurityType": null, + "IsEnabled": null + }, + "ContinuousAccessEvaluation": { + "Mode": null + }, + "DisableResilienceDefaults": null, + "PersistentBrowser": { + "IsEnabled": null, + "Mode": null + }, + "SecureSignInSession": { + "IsEnabled": null + }, + "SignInFrequency": { + "AuthenticationType": null, + "FrequencyInterval": null, + "IsEnabled": null, + "Type": null, + "Value": null + } + }, + "State": "enabledForReportingButNotEnforced", + "AdditionalProperties": { + + } } ], "cap_table_data": [ @@ -2754,7 +2945,7 @@ ], "Block/Grant Access": "None", "Session Controls": [ - "Sign-in frequency (every 2 days)" + "Sign-in frequency (every 4 days)" ] }, { @@ -2817,26 +3008,6 @@ "None" ] }, - { - "Name": "Report - Block CAP Exclusion Test Accounts", - "State": "Report-only", - "Users": [ - "Users included: 1 specific group", - "Users excluded: None" - ], - "Apps/Actions": [ - "Policy applies to: apps", - "Apps included: None", - "Apps excluded: None" - ], - "Conditions": [ - "Client apps included: all" - ], - "Block/Grant Access": "Block access", - "Session Controls": [ - "None" - ] - }, { "Name": "Live - MFA registration with temporary access pass (limited users)", "State": "Report-only", @@ -3020,6 +3191,26 @@ "Session Controls": [ "None" ] + }, + { + "Name": "Terms of Use Policy", + "State": "Report-only", + "Users": [ + "Users included: None", + "Users excluded: None" + ], + "Apps/Actions": [ + "Policy applies to: apps", + "Apps included: None", + "Apps excluded: None" + ], + "Conditions": [ + "Client apps included: all" + ], + "Block/Grant Access": "Allow access but require terms of use", + "Session Controls": [ + "None" + ] } ], "authorization_policies": [ @@ -3087,7 +3278,6 @@ "OnPremisesImmutableId": null } }, - "privileged_roles": [ { "DisplayName": "Global Administrator", @@ -4016,12 +4206,12 @@ "escalationTimeInMinutes": 0, "isEscalationEnabled": false, "primaryApprovers": [ - { - "@odata.type": "#microsoft.graph.groupMembers", - "isBackup": false, - "id": "54e56ffb-a568-4c65-b04a-7a6feabab17c", - "description": "privileged escalation approvers" - } + { + "@odata.type": "#microsoft.graph.groupMembers", + "isBackup": false, + "id": "54e56ffb-a568-4c65-b04a-7a6feabab17c", + "description": "privileged escalation approvers" + } ], "escalationApprovers": [ @@ -4080,7 +4270,7 @@ "notificationLevel": "All", "isDefaultRecipientsEnabled": true, "notificationRecipients": [ - "testme@gmail.com" + "admin@example.com" ] } }, @@ -4199,16 +4389,16 @@ "Id": null }, "DirectoryScopeId": "/", - "EndDateTime": "Date(1713400747800)", - "Id": "5wuT_mJe20eRr5jDpJo4sZ2S8Xp788lJsCHc-oH_idg-1", + "EndDateTime": null, + "Id": "5wuT_mJe20eRr5jDpJo4sVjciirFt4ZApcwkS430DOg-1", "MemberType": "Direct", "Principal": { "DeletedDateTime": null, "Id": null }, - "PrincipalId": "7af1929d-f37b-49c9-b021-dcfa81ff89d8", - "RoleAssignmentOriginId": "5wuT_mJe20eRr5jDpJo4sZ2S8Xp788lJsCHc-oH_idg-1", - "RoleAssignmentScheduleId": "359996d0-41ea-450e-a537-56e77b15c1ba", + "PrincipalId": "2a8adc58-b7c5-4086-a5cc-244b8df40ce8", + "RoleAssignmentOriginId": "5wuT_mJe20eRr5jDpJo4sVjciirFt4ZApcwkS430DOg-1", + "RoleAssignmentScheduleId": "5wuT_mJe20eRr5jDpJo4sVjciirFt4ZApcwkS430DOg-1", "RoleDefinition": { "AllowedPrincipalTypes": null, "Description": null, @@ -4224,7 +4414,7 @@ "Version": null }, "RoleDefinitionId": "fe930be7-5e62-47db-91af-98c3a49a38b1", - "StartDateTime": "Date(1710808775850)", + "StartDateTime": null, "AdditionalProperties": { } @@ -4281,15 +4471,15 @@ }, "DirectoryScopeId": "/", "EndDateTime": null, - "Id": "5wuT_mJe20eRr5jDpJo4sVjciirFt4ZApcwkS430DOg-1", + "Id": "5wuT_mJe20eRr5jDpJo4sXwV0C627m1FobGeEeQDs5s-1", "MemberType": "Direct", "Principal": { "DeletedDateTime": null, "Id": null }, - "PrincipalId": "2a8adc58-b7c5-4086-a5cc-244b8df40ce8", - "RoleAssignmentOriginId": "5wuT_mJe20eRr5jDpJo4sVjciirFt4ZApcwkS430DOg-1", - "RoleAssignmentScheduleId": "5wuT_mJe20eRr5jDpJo4sVjciirFt4ZApcwkS430DOg-1", + "PrincipalId": "2ed0157c-eeb6-456d-a1b1-9e11e403b39b", + "RoleAssignmentOriginId": "5wuT_mJe20eRr5jDpJo4sXwV0C627m1FobGeEeQDs5s-1", + "RoleAssignmentScheduleId": "5wuT_mJe20eRr5jDpJo4sXwV0C627m1FobGeEeQDs5s-1", "RoleDefinition": { "AllowedPrincipalTypes": null, "Description": null, @@ -4362,15 +4552,15 @@ }, "DirectoryScopeId": "/", "EndDateTime": null, - "Id": "5wuT_mJe20eRr5jDpJo4sXwV0C627m1FobGeEeQDs5s-1", + "Id": "5wuT_mJe20eRr5jDpJo4sRzmca5l9LZNjSZfPlK92AA-1", "MemberType": "Direct", "Principal": { "DeletedDateTime": null, "Id": null }, - "PrincipalId": "2ed0157c-eeb6-456d-a1b1-9e11e403b39b", - "RoleAssignmentOriginId": "5wuT_mJe20eRr5jDpJo4sXwV0C627m1FobGeEeQDs5s-1", - "RoleAssignmentScheduleId": "5wuT_mJe20eRr5jDpJo4sXwV0C627m1FobGeEeQDs5s-1", + "PrincipalId": "ae71e61c-f465-4db6-8d26-5f3e52bdd800", + "RoleAssignmentOriginId": "5wuT_mJe20eRr5jDpJo4sRzmca5l9LZNjSZfPlK92AA-1", + "RoleAssignmentScheduleId": "5wuT_mJe20eRr5jDpJo4sRzmca5l9LZNjSZfPlK92AA-1", "RoleDefinition": { "AllowedPrincipalTypes": null, "Description": null, @@ -4443,96 +4633,15 @@ }, "DirectoryScopeId": "/", "EndDateTime": null, - "Id": "5wuT_mJe20eRr5jDpJo4sRzmca5l9LZNjSZfPlK92AA-1", + "Id": "5wuT_mJe20eRr5jDpJo4sasxesy10mpEuvmE-XxwZAM-1", "MemberType": "Direct", "Principal": { "DeletedDateTime": null, "Id": null }, - "PrincipalId": "ae71e61c-f465-4db6-8d26-5f3e52bdd800", - "RoleAssignmentOriginId": "5wuT_mJe20eRr5jDpJo4sRzmca5l9LZNjSZfPlK92AA-1", - "RoleAssignmentScheduleId": "5wuT_mJe20eRr5jDpJo4sRzmca5l9LZNjSZfPlK92AA-1", - "RoleDefinition": { - "AllowedPrincipalTypes": null, - "Description": null, - "DisplayName": null, - "Id": null, - "InheritsPermissionsFrom": null, - "IsBuiltIn": null, - "IsEnabled": null, - "IsPrivileged": null, - "ResourceScopes": null, - "RolePermissions": null, - "TemplateId": null, - "Version": null - }, - "RoleDefinitionId": "fe930be7-5e62-47db-91af-98c3a49a38b1", - "StartDateTime": null, - "AdditionalProperties": { - - } - }, - { - "ActivatedUsing": { - "AppScope": { - "DisplayName": null, - "Id": null, - "Type": null - }, - "AppScopeId": null, - "DirectoryScope": { - "DeletedDateTime": null, - "Id": null - }, - "DirectoryScopeId": null, - "EndDateTime": null, - "Id": null, - "MemberType": null, - "Principal": { - "DeletedDateTime": null, - "Id": null - }, - "PrincipalId": null, - "RoleDefinition": { - "AllowedPrincipalTypes": null, - "Description": null, - "DisplayName": null, - "Id": null, - "InheritsPermissionsFrom": null, - "IsBuiltIn": null, - "IsEnabled": null, - "IsPrivileged": null, - "ResourceScopes": null, - "RolePermissions": null, - "TemplateId": null, - "Version": null - }, - "RoleDefinitionId": null, - "RoleEligibilityScheduleId": null, - "StartDateTime": null - }, - "AppScope": { - "DisplayName": null, - "Id": null, - "Type": null - }, - "AppScopeId": null, - "AssignmentType": "Assigned", - "DirectoryScope": { - "DeletedDateTime": null, - "Id": null - }, - "DirectoryScopeId": "/", - "EndDateTime": null, - "Id": "5wuT_mJe20eRr5jDpJo4sasxesy10mpEuvmE-XxwZAM-1", - "MemberType": "Direct", - "Principal": { - "DeletedDateTime": null, - "Id": null - }, - "PrincipalId": "cc7a31ab-d2b5-446a-baf9-84f97c706403", - "RoleAssignmentOriginId": "5wuT_mJe20eRr5jDpJo4sasxesy10mpEuvmE-XxwZAM-1", - "RoleAssignmentScheduleId": "5wuT_mJe20eRr5jDpJo4sasxesy10mpEuvmE-XxwZAM-1", + "PrincipalId": "cc7a31ab-d2b5-446a-baf9-84f97c706403", + "RoleAssignmentOriginId": "5wuT_mJe20eRr5jDpJo4sasxesy10mpEuvmE-XxwZAM-1", + "RoleAssignmentScheduleId": "5wuT_mJe20eRr5jDpJo4sasxesy10mpEuvmE-XxwZAM-1", "RoleDefinition": { "AllowedPrincipalTypes": null, "Description": null, @@ -4604,7 +4713,7 @@ "notificationLevel": "All", "isDefaultRecipientsEnabled": true, "notificationRecipients": [ - "testme@gmail.com" + "admin@example.com" ] } }, @@ -4765,7 +4874,7 @@ "notificationLevel": "All", "isDefaultRecipientsEnabled": true, "notificationRecipients": [ - "testme@gmail.com" + "admin@example.com" ] } }, @@ -4973,7 +5082,7 @@ "notificationLevel": "All", "isDefaultRecipientsEnabled": true, "notificationRecipients": [ - "testme@gmail.com" + "admin@example.com" ] } }, @@ -5905,15 +6014,15 @@ }, "DirectoryScopeId": "/", "EndDateTime": null, - "Id": "UB-K8uf2cUWBi2oS8q9rbIMvMiVDshdEgtyHzg12f7Q-1", + "Id": "UB-K8uf2cUWBi2oS8q9rbJETiLuPI4hAjEAgc_yTTNc-1", "MemberType": "Direct", "Principal": { "DeletedDateTime": null, "Id": null }, - "PrincipalId": "25322f83-b243-4417-82dc-87ce0d767fb4", - "RoleAssignmentOriginId": "UB-K8uf2cUWBi2oS8q9rbIMvMiVDshdEgtyHzg12f7Q-1", - "RoleAssignmentScheduleId": "3b365172-71c2-4b13-a6c5-b6e3524aeba4", + "PrincipalId": "bb881391-238f-4088-8c40-2073fc934cd7", + "RoleAssignmentOriginId": "UB-K8uf2cUWBi2oS8q9rbJETiLuPI4hAjEAgc_yTTNc-1", + "RoleAssignmentScheduleId": "675049b9-096c-4fa9-843c-c466fe9b34da", "RoleDefinition": { "AllowedPrincipalTypes": null, "Description": null, @@ -5929,7 +6038,7 @@ "Version": null }, "RoleDefinitionId": "f28a1f50-f6e7-4571-818b-6a12f2af6b6c", - "StartDateTime": "Date(1698180323417)", + "StartDateTime": "Date(1704924054887)", "AdditionalProperties": { } @@ -5986,15 +6095,15 @@ }, "DirectoryScopeId": "/", "EndDateTime": null, - "Id": "UB-K8uf2cUWBi2oS8q9rbJETiLuPI4hAjEAgc_yTTNc-1", + "Id": "UB-K8uf2cUWBi2oS8q9rbIMvMiVDshdEgtyHzg12f7Q-1", "MemberType": "Direct", "Principal": { "DeletedDateTime": null, "Id": null }, - "PrincipalId": "bb881391-238f-4088-8c40-2073fc934cd7", - "RoleAssignmentOriginId": "UB-K8uf2cUWBi2oS8q9rbJETiLuPI4hAjEAgc_yTTNc-1", - "RoleAssignmentScheduleId": "675049b9-096c-4fa9-843c-c466fe9b34da", + "PrincipalId": "25322f83-b243-4417-82dc-87ce0d767fb4", + "RoleAssignmentOriginId": "UB-K8uf2cUWBi2oS8q9rbIMvMiVDshdEgtyHzg12f7Q-1", + "RoleAssignmentScheduleId": "3b365172-71c2-4b13-a6c5-b6e3524aeba4", "RoleDefinition": { "AllowedPrincipalTypes": null, "Description": null, @@ -6010,7 +6119,7 @@ "Version": null }, "RoleDefinitionId": "f28a1f50-f6e7-4571-818b-6a12f2af6b6c", - "StartDateTime": "Date(1704924054887)", + "StartDateTime": "Date(1698180323417)", "AdditionalProperties": { } @@ -6496,7 +6605,177 @@ ] } - }, + } + ] + }, + { + "DisplayName": "Application Administrator", + "RoleTemplateId": "9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3", + "Assignments": [ + { + "ActivatedUsing": { + "AppScope": { + "DisplayName": null, + "Id": null, + "Type": null + }, + "AppScopeId": null, + "DirectoryScope": { + "DeletedDateTime": null, + "Id": null + }, + "DirectoryScopeId": null, + "EndDateTime": null, + "Id": null, + "MemberType": null, + "Principal": { + "DeletedDateTime": null, + "Id": null + }, + "PrincipalId": null, + "RoleDefinition": { + "AllowedPrincipalTypes": null, + "Description": null, + "DisplayName": null, + "Id": null, + "InheritsPermissionsFrom": null, + "IsBuiltIn": null, + "IsEnabled": null, + "IsPrivileged": null, + "ResourceScopes": null, + "RolePermissions": null, + "TemplateId": null, + "Version": null + }, + "RoleDefinitionId": null, + "RoleEligibilityScheduleId": null, + "StartDateTime": null + }, + "AppScope": { + "DisplayName": null, + "Id": null, + "Type": null + }, + "AppScopeId": null, + "AssignmentType": "Assigned", + "DirectoryScope": { + "DeletedDateTime": null, + "Id": null + }, + "DirectoryScopeId": "/", + "EndDateTime": null, + "Id": "kl2Jm9Msx0SdAqasLV6lw7CVAgFZ8N5GoYOOHhyOzjA-1", + "MemberType": "Direct", + "Principal": { + "DeletedDateTime": null, + "Id": null + }, + "PrincipalId": "010295b0-f059-46de-a183-8e1e1c8ece30", + "RoleAssignmentOriginId": "kl2Jm9Msx0SdAqasLV6lw7CVAgFZ8N5GoYOOHhyOzjA-1", + "RoleAssignmentScheduleId": "69f5b475-3595-4447-83ff-85b6d7132a0c", + "RoleDefinition": { + "AllowedPrincipalTypes": null, + "Description": null, + "DisplayName": null, + "Id": null, + "InheritsPermissionsFrom": null, + "IsBuiltIn": null, + "IsEnabled": null, + "IsPrivileged": null, + "ResourceScopes": null, + "RolePermissions": null, + "TemplateId": null, + "Version": null + }, + "RoleDefinitionId": "9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3", + "StartDateTime": "Date(1648587304797)", + "AdditionalProperties": { + + } + }, + { + "ActivatedUsing": { + "AppScope": { + "DisplayName": null, + "Id": null, + "Type": null + }, + "AppScopeId": null, + "DirectoryScope": { + "DeletedDateTime": null, + "Id": null + }, + "DirectoryScopeId": null, + "EndDateTime": null, + "Id": null, + "MemberType": null, + "Principal": { + "DeletedDateTime": null, + "Id": null + }, + "PrincipalId": null, + "RoleDefinition": { + "AllowedPrincipalTypes": null, + "Description": null, + "DisplayName": null, + "Id": null, + "InheritsPermissionsFrom": null, + "IsBuiltIn": null, + "IsEnabled": null, + "IsPrivileged": null, + "ResourceScopes": null, + "RolePermissions": null, + "TemplateId": null, + "Version": null + }, + "RoleDefinitionId": null, + "RoleEligibilityScheduleId": null, + "StartDateTime": null + }, + "AppScope": { + "DisplayName": null, + "Id": null, + "Type": null + }, + "AppScopeId": null, + "AssignmentType": "Assigned", + "DirectoryScope": { + "DeletedDateTime": null, + "Id": null + }, + "DirectoryScopeId": "/", + "EndDateTime": null, + "Id": "kl2Jm9Msx0SdAqasLV6lw0bISuVaH_5KqmknO0LDsME-1", + "MemberType": "Direct", + "Principal": { + "DeletedDateTime": null, + "Id": null + }, + "PrincipalId": "e54ac846-1f5a-4afe-aa69-273b42c3b0c1", + "RoleAssignmentOriginId": "kl2Jm9Msx0SdAqasLV6lw0bISuVaH_5KqmknO0LDsME-1", + "RoleAssignmentScheduleId": "kl2Jm9Msx0SdAqasLV6lw0bISuVaH_5KqmknO0LDsME-1", + "RoleDefinition": { + "AllowedPrincipalTypes": null, + "Description": null, + "DisplayName": null, + "Id": null, + "InheritsPermissionsFrom": null, + "IsBuiltIn": null, + "IsEnabled": null, + "IsPrivileged": null, + "ResourceScopes": null, + "RolePermissions": null, + "TemplateId": null, + "Version": null + }, + "RoleDefinitionId": "9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3", + "StartDateTime": null, + "AdditionalProperties": { + + } + } + ], + "Rules": [ { "Id": "Expiration_Admin_Eligibility", "Target": { @@ -6513,16 +6792,16 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", - "isExpirationRequired": true, + "isExpirationRequired": false, "maximumDuration": "P365D" } }, { - "Id": "Enablement_Admin_Eligibility", + "Id": "Notification_Admin_Admin_Eligibility", "Target": { "Caller": "Admin", "EnforcedSettings": [ @@ -6537,17 +6816,21 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", - "enabledRules": [ - - ] + "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", + "notificationType": "Email", + "recipientType": "Admin", + "notificationLevel": "All", + "isDefaultRecipientsEnabled": true, + "notificationRecipients": [ + "admin@example.com" + ] } }, { - "Id": "Notification_Admin_Admin_Eligibility", + "Id": "Notification_Requestor_Admin_Eligibility", "Target": { "Caller": "Admin", "EnforcedSettings": [ @@ -6562,12 +6845,12 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", "notificationType": "Email", - "recipientType": "Admin", + "recipientType": "Requestor", "notificationLevel": "All", "isDefaultRecipientsEnabled": true, "notificationRecipients": [ @@ -6576,7 +6859,7 @@ } }, { - "Id": "Notification_Requestor_Admin_Eligibility", + "Id": "Notification_Approver_Admin_Eligibility", "Target": { "Caller": "Admin", "EnforcedSettings": [ @@ -6591,12 +6874,12 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", "notificationType": "Email", - "recipientType": "Requestor", + "recipientType": "Approver", "notificationLevel": "All", "isDefaultRecipientsEnabled": true, "notificationRecipients": [ @@ -6605,7 +6888,7 @@ } }, { - "Id": "Notification_Approver_Admin_Eligibility", + "Id": "Enablement_Admin_Eligibility", "Target": { "Caller": "Admin", "EnforcedSettings": [ @@ -6620,17 +6903,13 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Approver", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", + "enabledRules": [ - ] + ] } }, { @@ -6649,12 +6928,12 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", "isExpirationRequired": true, - "maximumDuration": "P180D" + "maximumDuration": "P30D" } }, { @@ -6673,8 +6952,8 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", "enabledRules": [ @@ -6698,8 +6977,8 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", "notificationType": "Email", @@ -6707,7 +6986,7 @@ "notificationLevel": "All", "isDefaultRecipientsEnabled": true, "notificationRecipients": [ - + "admin@example.com" ] } }, @@ -6727,8 +7006,8 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", "notificationType": "Email", @@ -6756,8 +7035,8 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", "notificationType": "Email", @@ -6785,12 +7064,12 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", - "isExpirationRequired": true, - "maximumDuration": "PT8H" + "isExpirationRequired": false, + "maximumDuration": "PT2H" } }, { @@ -6809,11 +7088,12 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", "enabledRules": [ + "MultiFactorAuthentication", "Justification" ] } @@ -6834,8 +7114,8 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule", "setting": { @@ -6876,11 +7156,12 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule", - "isEnabled": false + "isEnabled": false, + "claimValue": "" } }, { @@ -6899,8 +7180,8 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", "notificationType": "Email", @@ -6908,7 +7189,7 @@ "notificationLevel": "All", "isDefaultRecipientsEnabled": true, "notificationRecipients": [ - + "admin@example.com" ] } }, @@ -6928,8 +7209,8 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", "notificationType": "Email", @@ -6957,8 +7238,8 @@ ], "TargetObjects": null }, - "RuleSource": "PIM Test Group", - "RuleSourceType": "PIM Group", + "RuleSource": "Application Administrator", + "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", "notificationType": "Email", @@ -6973,8 +7254,8 @@ ] }, { - "DisplayName": "Application Administrator", - "RoleTemplateId": "9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3", + "DisplayName": "Privileged Role Administrator", + "RoleTemplateId": "e8611ab8-c189-46e8-94e1-60213ab1f814", "Assignments": [ { "ActivatedUsing": { @@ -7028,15 +7309,15 @@ }, "DirectoryScopeId": "/", "EndDateTime": null, - "Id": "kl2Jm9Msx0SdAqasLV6lw7CVAgFZ8N5GoYOOHhyOzjA-1", + "Id": "uBph6InB6EaU4WAhOrH4FOpg3ULpV-pHikOiE9NqnLA-1", "MemberType": "Direct", "Principal": { "DeletedDateTime": null, "Id": null }, - "PrincipalId": "010295b0-f059-46de-a183-8e1e1c8ece30", - "RoleAssignmentOriginId": "kl2Jm9Msx0SdAqasLV6lw7CVAgFZ8N5GoYOOHhyOzjA-1", - "RoleAssignmentScheduleId": "69f5b475-3595-4447-83ff-85b6d7132a0c", + "PrincipalId": "42dd60ea-57e9-47ea-8a43-a213d36a9cb0", + "RoleAssignmentOriginId": "uBph6InB6EaU4WAhOrH4FOpg3ULpV-pHikOiE9NqnLA-1", + "RoleAssignmentScheduleId": "b6624013-0364-471b-a861-00aad19e7415", "RoleDefinition": { "AllowedPrincipalTypes": null, "Description": null, @@ -7051,8 +7332,8 @@ "TemplateId": null, "Version": null }, - "RoleDefinitionId": "9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3", - "StartDateTime": "Date(1648587304797)", + "RoleDefinitionId": "e8611ab8-c189-46e8-94e1-60213ab1f814", + "StartDateTime": "Date(1647482863980)", "AdditionalProperties": { } @@ -7109,15 +7390,15 @@ }, "DirectoryScopeId": "/", "EndDateTime": null, - "Id": "kl2Jm9Msx0SdAqasLV6lw0bISuVaH_5KqmknO0LDsME-1", + "Id": "uBph6InB6EaU4WAhOrH4FHD63wsgYRdMntj8byMyoUk-1", "MemberType": "Direct", "Principal": { "DeletedDateTime": null, "Id": null }, - "PrincipalId": "e54ac846-1f5a-4afe-aa69-273b42c3b0c1", - "RoleAssignmentOriginId": "kl2Jm9Msx0SdAqasLV6lw0bISuVaH_5KqmknO0LDsME-1", - "RoleAssignmentScheduleId": "kl2Jm9Msx0SdAqasLV6lw0bISuVaH_5KqmknO0LDsME-1", + "PrincipalId": "0bdffa70-6120-4c17-9ed8-fc6f2332a149", + "RoleAssignmentOriginId": "uBph6InB6EaU4WAhOrH4FHD63wsgYRdMntj8byMyoUk-1", + "RoleAssignmentScheduleId": "uBph6InB6EaU4WAhOrH4FHD63wsgYRdMntj8byMyoUk-1", "RoleDefinition": { "AllowedPrincipalTypes": null, "Description": null, @@ -7132,7 +7413,7 @@ "TemplateId": null, "Version": null }, - "RoleDefinitionId": "9b895d92-2cd3-44c7-9d02-a6ac2d5ea5c3", + "RoleDefinitionId": "e8611ab8-c189-46e8-94e1-60213ab1f814", "StartDateTime": null, "AdditionalProperties": { @@ -7156,7 +7437,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", @@ -7180,7 +7461,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7189,7 +7470,7 @@ "notificationLevel": "All", "isDefaultRecipientsEnabled": true, "notificationRecipients": [ - "testme@gmail.com" + ] } }, @@ -7209,7 +7490,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7238,7 +7519,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7267,7 +7548,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", @@ -7292,7 +7573,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", @@ -7316,7 +7597,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", @@ -7341,7 +7622,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7350,7 +7631,7 @@ "notificationLevel": "All", "isDefaultRecipientsEnabled": true, "notificationRecipients": [ - "testme@gmail.com" + ] } }, @@ -7370,7 +7651,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7399,7 +7680,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7428,12 +7709,12 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", "isExpirationRequired": false, - "maximumDuration": "PT2H" + "maximumDuration": "P1D" } }, { @@ -7452,7 +7733,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", @@ -7478,7 +7759,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule", @@ -7494,7 +7775,12 @@ "escalationTimeInMinutes": 0, "isEscalationEnabled": false, "primaryApprovers": [ - + { + "@odata.type": "#microsoft.graph.groupMembers", + "isBackup": false, + "id": "54e56ffb-a568-4c65-b04a-7a6feabab17c", + "description": "privileged escalation approvers" + } ], "escalationApprovers": [ @@ -7520,7 +7806,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule", @@ -7544,7 +7830,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7553,7 +7839,7 @@ "notificationLevel": "All", "isDefaultRecipientsEnabled": true, "notificationRecipients": [ - "testme@gmail.com" + ] } }, @@ -7573,7 +7859,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7602,7 +7888,7 @@ ], "TargetObjects": null }, - "RuleSource": "Application Administrator", + "RuleSource": "Privileged Role Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7618,171 +7904,10 @@ ] }, { - "DisplayName": "Privileged Role Administrator", - "RoleTemplateId": "e8611ab8-c189-46e8-94e1-60213ab1f814", + "DisplayName": "Cloud Application Administrator", + "RoleTemplateId": "158c047a-c907-4556-b7ef-446551a6b5f7", "Assignments": [ - { - "ActivatedUsing": { - "AppScope": { - "DisplayName": null, - "Id": null, - "Type": null - }, - "AppScopeId": null, - "DirectoryScope": { - "DeletedDateTime": null, - "Id": null - }, - "DirectoryScopeId": null, - "EndDateTime": null, - "Id": null, - "MemberType": null, - "Principal": { - "DeletedDateTime": null, - "Id": null - }, - "PrincipalId": null, - "RoleDefinition": { - "AllowedPrincipalTypes": null, - "Description": null, - "DisplayName": null, - "Id": null, - "InheritsPermissionsFrom": null, - "IsBuiltIn": null, - "IsEnabled": null, - "IsPrivileged": null, - "ResourceScopes": null, - "RolePermissions": null, - "TemplateId": null, - "Version": null - }, - "RoleDefinitionId": null, - "RoleEligibilityScheduleId": null, - "StartDateTime": null - }, - "AppScope": { - "DisplayName": null, - "Id": null, - "Type": null - }, - "AppScopeId": null, - "AssignmentType": "Assigned", - "DirectoryScope": { - "DeletedDateTime": null, - "Id": null - }, - "DirectoryScopeId": "/", - "EndDateTime": null, - "Id": "uBph6InB6EaU4WAhOrH4FOpg3ULpV-pHikOiE9NqnLA-1", - "MemberType": "Direct", - "Principal": { - "DeletedDateTime": null, - "Id": null - }, - "PrincipalId": "42dd60ea-57e9-47ea-8a43-a213d36a9cb0", - "RoleAssignmentOriginId": "uBph6InB6EaU4WAhOrH4FOpg3ULpV-pHikOiE9NqnLA-1", - "RoleAssignmentScheduleId": "b6624013-0364-471b-a861-00aad19e7415", - "RoleDefinition": { - "AllowedPrincipalTypes": null, - "Description": null, - "DisplayName": null, - "Id": null, - "InheritsPermissionsFrom": null, - "IsBuiltIn": null, - "IsEnabled": null, - "IsPrivileged": null, - "ResourceScopes": null, - "RolePermissions": null, - "TemplateId": null, - "Version": null - }, - "RoleDefinitionId": "e8611ab8-c189-46e8-94e1-60213ab1f814", - "StartDateTime": "Date(1647482863980)", - "AdditionalProperties": { - } - }, - { - "ActivatedUsing": { - "AppScope": { - "DisplayName": null, - "Id": null, - "Type": null - }, - "AppScopeId": null, - "DirectoryScope": { - "DeletedDateTime": null, - "Id": null - }, - "DirectoryScopeId": null, - "EndDateTime": null, - "Id": null, - "MemberType": null, - "Principal": { - "DeletedDateTime": null, - "Id": null - }, - "PrincipalId": null, - "RoleDefinition": { - "AllowedPrincipalTypes": null, - "Description": null, - "DisplayName": null, - "Id": null, - "InheritsPermissionsFrom": null, - "IsBuiltIn": null, - "IsEnabled": null, - "IsPrivileged": null, - "ResourceScopes": null, - "RolePermissions": null, - "TemplateId": null, - "Version": null - }, - "RoleDefinitionId": null, - "RoleEligibilityScheduleId": null, - "StartDateTime": null - }, - "AppScope": { - "DisplayName": null, - "Id": null, - "Type": null - }, - "AppScopeId": null, - "AssignmentType": "Assigned", - "DirectoryScope": { - "DeletedDateTime": null, - "Id": null - }, - "DirectoryScopeId": "/", - "EndDateTime": null, - "Id": "uBph6InB6EaU4WAhOrH4FHD63wsgYRdMntj8byMyoUk-1", - "MemberType": "Direct", - "Principal": { - "DeletedDateTime": null, - "Id": null - }, - "PrincipalId": "0bdffa70-6120-4c17-9ed8-fc6f2332a149", - "RoleAssignmentOriginId": "uBph6InB6EaU4WAhOrH4FHD63wsgYRdMntj8byMyoUk-1", - "RoleAssignmentScheduleId": "uBph6InB6EaU4WAhOrH4FHD63wsgYRdMntj8byMyoUk-1", - "RoleDefinition": { - "AllowedPrincipalTypes": null, - "Description": null, - "DisplayName": null, - "Id": null, - "InheritsPermissionsFrom": null, - "IsBuiltIn": null, - "IsEnabled": null, - "IsPrivileged": null, - "ResourceScopes": null, - "RolePermissions": null, - "TemplateId": null, - "Version": null - }, - "RoleDefinitionId": "e8611ab8-c189-46e8-94e1-60213ab1f814", - "StartDateTime": null, - "AdditionalProperties": { - - } - } ], "Rules": [ { @@ -7801,7 +7926,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", @@ -7825,7 +7950,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7854,7 +7979,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7883,7 +8008,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -7912,7 +8037,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", @@ -7937,7 +8062,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", @@ -7961,7 +8086,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", @@ -7986,7 +8111,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8015,7 +8140,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8044,7 +8169,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8073,12 +8198,12 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", "isExpirationRequired": false, - "maximumDuration": "P1D" + "maximumDuration": "PT8H" } }, { @@ -8097,7 +8222,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", @@ -8123,7 +8248,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule", @@ -8139,12 +8264,7 @@ "escalationTimeInMinutes": 0, "isEscalationEnabled": false, "primaryApprovers": [ - { - "@odata.type": "#microsoft.graph.groupMembers", - "isBackup": false, - "id": "54e56ffb-a568-4c65-b04a-7a6feabab17c", - "description": "privileged escalation approvers" - } + ], "escalationApprovers": [ @@ -8170,7 +8290,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule", @@ -8194,7 +8314,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8223,7 +8343,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8252,7 +8372,7 @@ ], "TargetObjects": null }, - "RuleSource": "Privileged Role Administrator", + "RuleSource": "Cloud Application Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8268,8 +8388,8 @@ ] }, { - "DisplayName": "Cloud Application Administrator", - "RoleTemplateId": "158c047a-c907-4556-b7ef-446551a6b5f7", + "DisplayName": "Hybrid Identity Administrator", + "RoleTemplateId": "8ac3fc64-6eca-42ea-9e69-59f4c7b60eb2", "Assignments": [ ], @@ -8290,7 +8410,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", @@ -8314,7 +8434,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8343,7 +8463,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8372,7 +8492,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8401,7 +8521,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", @@ -8426,7 +8546,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", @@ -8450,7 +8570,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", @@ -8475,7 +8595,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8504,7 +8624,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8533,7 +8653,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8562,7 +8682,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", @@ -8586,12 +8706,11 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", "enabledRules": [ - "MultiFactorAuthentication", "Justification" ] } @@ -8612,7 +8731,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule", @@ -8654,7 +8773,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule", @@ -8678,7 +8797,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8707,7 +8826,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8736,7 +8855,7 @@ ], "TargetObjects": null }, - "RuleSource": "Cloud Application Administrator", + "RuleSource": "Hybrid Identity Administrator", "RuleSourceType": "Directory Role", "AdditionalProperties": { "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", @@ -8750,2524 +8869,2448 @@ } } ] + } +], + "service_plans": [ + { + "AppliesTo": "Company", + "ProvisioningStatus": "Success", + "ServicePlanId": "922ba911-5694-4e99-a794-73aed9bfeec8", + "ServicePlanName": "EXCHANGE_S_FOUNDATION_GOV", + "AdditionalProperties": { + + } }, { - "DisplayName": "Hybrid Identity Administrator", - "RoleTemplateId": "8ac3fc64-6eca-42ea-9e69-59f4c7b60eb2", - "Assignments": [ - { - "ActivatedUsing": { - "AppScope": { - "DisplayName": null, - "Id": null, - "Type": null - }, - "AppScopeId": null, - "DirectoryScope": { - "DeletedDateTime": null, - "Id": null - }, - "DirectoryScopeId": null, - "EndDateTime": null, - "Id": null, - "MemberType": null, - "Principal": { - "DeletedDateTime": null, - "Id": null - }, - "PrincipalId": null, - "RoleDefinition": { - "AllowedPrincipalTypes": null, - "Description": null, - "DisplayName": null, - "Id": null, - "InheritsPermissionsFrom": null, - "IsBuiltIn": null, - "IsEnabled": null, - "IsPrivileged": null, - "ResourceScopes": null, - "RolePermissions": null, - "TemplateId": null, - "Version": null - }, - "RoleDefinitionId": null, - "RoleEligibilityScheduleId": null, - "StartDateTime": null - }, - "AppScope": { - "DisplayName": null, - "Id": null, - "Type": null - }, - "AppScopeId": null, - "AssignmentType": "Assigned", - "DirectoryScope": { - "DeletedDateTime": null, - "Id": null - }, - "DirectoryScopeId": "/", - "EndDateTime": "Date(1713401724057)", - "Id": "ZPzDispu6kKeaVn0x7YOsm7SRdJWBKxAtWzMVB0lzn4-1", - "MemberType": "Direct", - "Principal": { - "DeletedDateTime": null, - "Id": null - }, - "PrincipalId": "d245d26e-0456-40ac-b56c-cc541d25ce7e", - "RoleAssignmentOriginId": "ZPzDispu6kKeaVn0x7YOsm7SRdJWBKxAtWzMVB0lzn4-1", - "RoleAssignmentScheduleId": "45ce5414-fbd8-4c78-b461-cbc425cd6bd7", - "RoleDefinition": { - "AllowedPrincipalTypes": null, - "Description": null, - "DisplayName": null, - "Id": null, - "InheritsPermissionsFrom": null, - "IsBuiltIn": null, - "IsEnabled": null, - "IsPrivileged": null, - "ResourceScopes": null, - "RolePermissions": null, - "TemplateId": null, - "Version": null - }, - "RoleDefinitionId": "8ac3fc64-6eca-42ea-9e69-59f4c7b60eb2", - "StartDateTime": "Date(1710809776663)", - "AdditionalProperties": { + "AppliesTo": "Company", + "ProvisioningStatus": "Success", + "ServicePlanId": "1ddffef6-4f69-455e-89c7-d5d72105f915", + "ServicePlanName": "CDS_DB_CAPACITY_GOV", + "AdditionalProperties": { - } - } - ], - "Rules": [ - { - "Id": "Expiration_Admin_Eligibility", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "cd31b152-6326-4d1b-ae1b-997b625182e6", + "ServicePlanName": "MIP_S_Exchange", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "b74d57b2-58e9-484a-9731-aeccbba954f0", + "ServicePlanName": "GRAPH_CONNECTORS_SEARCH_INDEX_TOPICEXP", + "AdditionalProperties": { - ], - "Level": "Eligibility", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", - "isExpirationRequired": false, - "maximumDuration": "P365D" - } - }, - { - "Id": "Notification_Admin_Admin_Eligibility", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ - - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "a6520331-d7d4-4276-95f5-15c0933bc757", + "ServicePlanName": "GRAPH_CONNECTORS_SEARCH_INDEX", + "AdditionalProperties": { - ], - "Level": "Eligibility", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Admin", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "bf6f5520-59e3-4f82-974b-7dbbc4fd27c7", + "ServicePlanName": "SAFEDOCS", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Notification_Requestor_Admin_Eligibility", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "9b7c50ec-cd50-44f2-bf48-d72de6f90717", + "ServicePlanName": "PROJECT_O365_P3_GOV", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "3fb82609-8c27-4f7b-bd51-30634711ee67", + "ServicePlanName": "BPOS_S_TODO_3", + "AdditionalProperties": { - ], - "Level": "Eligibility", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Requestor", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "4a51bca5-1eff-43f5-878c-177680f191af", + "ServicePlanName": "WHITEBOARD_PLAN3", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Notification_Approver_Admin_Eligibility", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "Company", + "ProvisioningStatus": "Success", + "ServicePlanId": "94065c59-bc8e-4e8b-89e5-5138d471eaff", + "ServicePlanName": "MICROSOFT_SEARCH", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "Company", + "ProvisioningStatus": "Success", + "ServicePlanId": "2b815d45-56e4-4e3a-b65c-66cb9175b560", + "ServicePlanName": "ContentExplorer_Standard", + "AdditionalProperties": { - ], - "Level": "Eligibility", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Approver", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "c4801e8a-cb58-4c35-aca6-f2dcc106f287", + "ServicePlanName": "INFORMATION_BARRIERS", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Enablement_Admin_Eligibility", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "bce5e5ca-c2fd-4d53-8ee2-58dfffed4c10", + "ServicePlanName": "CDS_O365_P3_GCC", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "a7d3fb37-b6df-4085-b509-50810d991a39", + "ServicePlanName": "DYN365_CDS_O365_P3_GCC", + "AdditionalProperties": { - ], - "Level": "Eligibility", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", - "enabledRules": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "d2d51368-76c9-4317-ada2-a12c004c432f", + "ServicePlanName": "ML_CLASSIFICATION", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Expiration_Admin_Assignment", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "64bfac92-2b17-4482-b5e5-a0304429de3e", + "ServicePlanName": "MICROSOFTENDPOINTDLP", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "a31ef4a2-f787-435e-8335-e47eb0cafc94", + "ServicePlanName": "MCOSTANDARD_GOV", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", - "isExpirationRequired": true, - "maximumDuration": "P30D" - } - }, - { - "Id": "Enablement_Admin_Assignment", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "153f85dd-d912-4762-af6c-d6e0fb4f6692", + "ServicePlanName": "SHAREPOINTENTERPRISE_GOV", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "617b097b-4b93-4ede-83de-5f075bb5fb2f", + "ServicePlanName": "PREMIUM_ENCRYPTION", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", - "enabledRules": [ - "Justification" - ] - } - }, - { - "Id": "Notification_Admin_Admin_Assignment", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "944e9726-f011-4353-b654-5f7d2663db76", + "ServicePlanName": "BI_AZURE_P_2_GOV", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "8055d84a-c172-42eb-b997-6c2ae4628246", + "ServicePlanName": "FLOW_O365_P3_GOV", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Admin", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "0eacfc38-458a-40d3-9eab-9671258f1a3e", + "ServicePlanName": "POWERAPPS_O365_P3_GOV", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Notification_Requestor_Admin_Assignment", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "8f9f0f3b-ca90-406c-a842-95579171f8ec", + "ServicePlanName": "SHAREPOINTWAC_GOV", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "5b4ef465-7ea1-459a-9f91-033317755a51", + "ServicePlanName": "PROJECTWORKMANAGEMENT_GOV", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Requestor", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "d1cbfb67-18a8-4792-b643-630b7f19aad1", + "ServicePlanName": "EQUIVIO_ANALYTICS_GOV", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Notification_Approver_Admin_Assignment", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "304767db-7d23-49e8-a945-4a7eb65f9f28", + "ServicePlanName": "TEAMS_GOV", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "92c2089d-9a53-49fe-b1a6-9e6bdf959547", + "ServicePlanName": "STREAM_O365_E5_GOV", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Approver", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "65cc641f-cccd-4643-97e0-a17e3045e541", + "ServicePlanName": "RECORDS_MANAGEMENT", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Expiration_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "208120d1-9adb-4daf-8c22-816bd5d237e7", + "ServicePlanName": "EXCHANGE_ANALYTICS_GOV", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "c1ec4a95-1f05-45b3-a911-aa3fa01094f5", + "ServicePlanName": "INTUNE_A", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", - "isExpirationRequired": false, - "maximumDuration": "PT8H" - } - }, - { - "Id": "Enablement_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "d587c7a3-bda9-4f99-8776-9bcf59c84f75", + "ServicePlanName": "INSIDER_RISK", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "900018f1-0cdb-4ecb-94d4-90281760fdc6", + "ServicePlanName": "THREAT_INTELLIGENCE_GOV", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", - "enabledRules": [ - "Justification" - ] - } - }, - { - "Id": "Approval_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "Company", + "ProvisioningStatus": "Success", + "ServicePlanId": "493ff600-6a2b-4db6-ad37-a7d4eb214516", + "ServicePlanName": "ATP_ENTERPRISE_GOV", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "14ab5db5-e6c4-4b20-b4bc-13e36fd2227f", + "ServicePlanName": "ATA", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule", - "setting": { - "isApprovalRequired": false, - "isApprovalRequiredForExtension": false, - "isRequestorJustificationRequired": true, - "approvalMode": "SingleStage", - "approvalStages": [ - { - "approvalStageTimeOutInDays": 1, - "isApproverJustificationRequired": true, - "escalationTimeInMinutes": 0, - "isEscalationEnabled": false, - "primaryApprovers": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "6db1f1db-2b46-403f-be40-e39395f08dbb", + "ServicePlanName": "CUSTOMER_KEY", + "AdditionalProperties": { - ], - "escalationApprovers": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "6dc145d6-95dd-4191-b9c3-185575ee6f6b", + "ServicePlanName": "COMMUNICATIONS_DLP", + "AdditionalProperties": { - ] - } - ] - } - } - }, - { - "Id": "AuthenticationContext_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "2e2ddb96-6af9-4b1d-a3f0-d6ecfd22edb2", + "ServicePlanName": "ADALLOM_S_STANDALONE", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "199a5c09-e0ca-4e37-8f7c-b05d533e1ea2", + "ServicePlanName": "MICROSOFTBOOKINGS", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule", - "isEnabled": false, - "claimValue": "" - } - }, - { - "Id": "Notification_Admin_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "8a256a2b-b617-496d-b51b-e76466e88db0", + "ServicePlanName": "MFA_PREMIUM", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "db23fce2-a974-42ef-9002-d78dd42a0f22", + "ServicePlanName": "MCOEV_GOV", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Admin", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "bf28f719-7844-4079-9c78-c1307898e192", + "ServicePlanName": "MTP", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Notification_Requestor_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "f544b08d-1645-4287-82de-8d91f37c02a1", + "ServicePlanName": "MCOMEETADV_GOV", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "de9234ff-6483-44d9-b15e-dca72fdd27af", + "ServicePlanName": "OFFICESUBSCRIPTION_GOV", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Requestor", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "2f442157-a11c-46b9-ae5b-6e39ff4e5849", + "ServicePlanName": "M365_ADVANCED_AUDITING", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Notification_Approver_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "a413a9ff-720c-4822-98ef-2f37c2a21f4c", + "ServicePlanName": "MICROSOFT_COMMUNICATION_COMPLIANCE", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "5136a095-5cf0-4aff-bec3-e84448b38ea5", + "ServicePlanName": "MIP_S_CLP1", + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "Hybrid Identity Administrator", - "RuleSourceType": "Directory Role", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Approver", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "efb0351d-3b08-4503-993d-383af8de41e3", + "ServicePlanName": "MIP_S_CLP2", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Expiration_Admin_Eligibility", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "Company", + "ProvisioningStatus": "Success", + "ServicePlanId": "d9fa6af4-e046-4c89-9226-729a0786685d", + "ServicePlanName": "Content_Explorer", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "843da3a8-d2cc-4e7a-9e90-dc46019f964c", + "ServicePlanName": "FORMS_GOV_E5", + "AdditionalProperties": { - ], - "Level": "Eligibility", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", - "isExpirationRequired": true, - "maximumDuration": "P365D" - } - }, - { - "Id": "Notification_Admin_Admin_Eligibility", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "8c3069c0-ccdb-44be-ab77-986203a67df2", + "ServicePlanName": "EXCHANGE_S_ENTERPRISE_GOV", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "89b5d3b1-3855-49fe-b46c-87c66dbc1526", + "ServicePlanName": "LOCKBOX_ENTERPRISE_GOV", + "AdditionalProperties": { - ], - "Level": "Eligibility", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Admin", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ - "bobo@fakemail.com" - ] - } - }, - { - "Id": "Notification_Requestor_Admin_Eligibility", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "1b66aedf-8ca1-4f73-af76-ec76c6180f98", + "ServicePlanName": "RMS_S_PREMIUM_GOV", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "5400a66d-eaa5-427d-80f2-0f26d59d8fce", + "ServicePlanName": "RMS_S_PREMIUM2_GOV", + "AdditionalProperties": { - ], - "Level": "Eligibility", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Requestor", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "6a76346d-5d6e-4051-9fe3-ed3f312b5597", + "ServicePlanName": "RMS_S_ENTERPRISE_GOV", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Notification_Approver_Admin_Eligibility", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "eec0eb4f-6444-4f95-aba0-50c24d67f998", + "ServicePlanName": "AAD_PREMIUM_P2", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "41781fb2-bc02-4b7c-bd55-b576c07bb09d", + "ServicePlanName": "AAD_PREMIUM", + "AdditionalProperties": { - ], - "Level": "Eligibility", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Approver", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "e26c2fcc-ab91-4a61-b35c-03cdc8dddf66", + "ServicePlanName": "INFO_GOVERNANCE", + "AdditionalProperties": { - ] - } - }, - { - "Id": "Enablement_Admin_Eligibility", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "AppliesTo": "User", + "ProvisioningStatus": "Success", + "ServicePlanId": "871d91ec-ec1a-452b-a83f-bd76c7d770ef", + "ServicePlanName": "WINDEFATP", + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + } +], + "directory_settings": [ + { + "DisplayName": "Group.Unified", + "Id": "5ce54204-ef8d-44c5-af88-dc8bd4c16069", + "TemplateId": "62375ab9-6b52-47ed-826b-58e47e0e304b", + "Values": [ + { + "Name": "NewUnifiedGroupWritebackDefault", + "Value": "true" + }, + { + "Name": "EnableMIPLabels", + "Value": "False" + }, + { + "Name": "CustomBlockedWordsList", + "Value": "" + }, + { + "Name": "EnableMSStandardBlockedWords", + "Value": "False" + }, + { + "Name": "ClassificationDescriptions", + "Value": "" + }, + { + "Name": "DefaultClassification", + "Value": "" + }, + { + "Name": "PrefixSuffixNamingRequirement", + "Value": "" + }, + { + "Name": "AllowGuestsToBeGroupOwner", + "Value": "False" + }, + { + "Name": "AllowGuestsToAccessGroups", + "Value": "True" + }, + { + "Name": "GuestUsageGuidelinesUrl", + "Value": "" + }, + { + "Name": "GroupCreationAllowedGroupId", + "Value": "67f62883-f97a-4192-a300-8a1576af8056" + }, + { + "Name": "AllowToAddGuests", + "Value": "True" + }, + { + "Name": "UsageGuidelinesUrl", + "Value": "" + }, + { + "Name": "ClassificationList", + "Value": "" + }, + { + "Name": "EnableGroupCreation", + "Value": "False" + } + ], + "AdditionalProperties": { - ], - "Level": "Eligibility", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", - "enabledRules": [ - - ] - } - }, - { - "Id": "Expiration_Admin_Assignment", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + }, + { + "DisplayName": "Consent Policy Settings", + "Id": "62c1305f-60f0-4096-8d72-e1f74e8627f5", + "TemplateId": "dffd5d46-495d-40a9-8e21-954ff55e198a", + "Values": [ + { + "Name": "BlockUserConsentForRiskyApps", + "Value": "true" + }, + { + "Name": "EnableAdminConsentRequests", + "Value": "false" + } + ], + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + } +], + "authentication_method": [ + { + "authentication_method_feature_settings": [ + { + "ExcludeTargets": [ + + ], + "Id": "Fido2", + "State": "enabled", + "AdditionalProperties": { + "@odata.type": "#microsoft.graph.fido2AuthenticationMethodConfiguration", + "isSelfServiceRegistrationAllowed": true, + "isAttestationEnforced": true, + "defaultPasskeyProfile": "00000000-0000-0000-0000-000000000001", + "keyRestrictions": { + "isEnforced": true, + "enforcementType": "allow", + "aaGuids": [ + "c1f9a0bc-1dd2-404a-b27f-8e29047a43fd", + "73bb0cd4-e502-49b8-9c6f-b59445bf720b", + "85203421-48f9-4355-9bc8-8a53846e5083" + ] + }, + "includeTargets@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations(\u0027Fido2\u0027)/microsoft.graph.fido2AuthenticationMethodConfiguration/includeTargets", + "includeTargets": [ + { + "targetType": "group", + "id": "e426e4a9-2045-48fe-9949-774a999f7972", + "isRegistrationRequired": false, + "allowedPasskeyProfiles": [ + "00000000-0000-0000-0000-000000000001" + ] + } + ], + "passkeyProfiles": [ + { + "id": "00000000-0000-0000-0000-000000000001", + "name": "FIDO2 default profile", + "passkeyTypes": "deviceBound", + "isAttestationEnforced": true, + "keyRestrictions": { + "isEnforced": true, + "enforcementType": "allow", + "aaGuids": [ + "c1f9a0bc-1dd2-404a-b27f-8e29047a43fd", + "73bb0cd4-e502-49b8-9c6f-b59445bf720b", + "85203421-48f9-4355-9bc8-8a53846e5083" + ] + } + } + ] + } + }, + { + "ExcludeTargets": [ + + ], + "Id": "MicrosoftAuthenticator", + "State": "enabled", + "AdditionalProperties": { + "@odata.type": "#microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration", + "isSoftwareOathEnabled": false, + "featureSettings": { + "companionAppAllowedState": { + "state": "default", + "includeTarget": { + "targetType": "group", + "id": "all_users" + }, + "excludeTarget": { + "targetType": "group", + "id": "00000000-0000-0000-0000-000000000000" + } + }, + "numberMatchingRequiredState": { + "state": "enabled", + "includeTarget": { + "targetType": "group", + "id": "all_users" + }, + "excludeTarget": { + "targetType": "group", + "id": "00000000-0000-0000-0000-000000000000" + } + }, + "displayAppInformationRequiredState": { + "state": "enabled", + "includeTarget": { + "targetType": "group", + "id": "all_users" + }, + "excludeTarget": { + "targetType": "group", + "id": "00000000-0000-0000-0000-000000000000" + } + }, + "displayLocationInformationRequiredState": { + "state": "enabled", + "includeTarget": { + "targetType": "group", + "id": "all_users" + }, + "excludeTarget": { + "targetType": "group", + "id": "00000000-0000-0000-0000-000000000000" + } + } + }, + "includeTargets@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations(\u0027MicrosoftAuthenticator\u0027)/microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration/includeTargets", + "includeTargets": [ + { + "targetType": "group", + "id": "all_users", + "isRegistrationRequired": false, + "authenticationMode": "any" + } + ] + } + }, + { + "ExcludeTargets": [ + + ], + "Id": "Sms", + "State": "disabled", + "AdditionalProperties": { + "@odata.type": "#microsoft.graph.smsAuthenticationMethodConfiguration", + "includeTargets@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations(\u0027Sms\u0027)/microsoft.graph.smsAuthenticationMethodConfiguration/includeTargets", + "includeTargets": [ + { + "targetType": "user", + "id": "42dd60ea-57e9-47ea-8a43-a213d36a9cb0", + "isRegistrationRequired": false, + "isUsableForSignIn": true + } + ] + } + }, + { + "ExcludeTargets": [ + + ], + "Id": "TemporaryAccessPass", + "State": "enabled", + "AdditionalProperties": { + "@odata.type": "#microsoft.graph.temporaryAccessPassAuthenticationMethodConfiguration", + "defaultLifetimeInMinutes": 60, + "defaultLength": 8, + "minimumLifetimeInMinutes": 10, + "maximumLifetimeInMinutes": 120, + "isUsableOnce": true, + "includeTargets@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations(\u0027TemporaryAccessPass\u0027)/microsoft.graph.temporaryAccessPassAuthenticationMethodConfiguration/includeTargets", + "includeTargets": [ + { + "targetType": "group", + "id": "all_users", + "isRegistrationRequired": false + } + ] + } + }, + { + "ExcludeTargets": [ + + ], + "Id": "HardwareOath", + "State": "disabled", + "AdditionalProperties": { + "@odata.type": "#microsoft.graph.hardwareOathAuthenticationMethodConfiguration", + "includeTargets@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations(\u0027HardwareOath\u0027)/microsoft.graph.hardwareOathAuthenticationMethodConfiguration/includeTargets", + "includeTargets": [ + { + "targetType": "group", + "id": "all_users", + "isRegistrationRequired": false + } + ] + } + }, + { + "ExcludeTargets": [ + + ], + "Id": "SoftwareOath", + "State": "disabled", + "AdditionalProperties": { + "@odata.type": "#microsoft.graph.softwareOathAuthenticationMethodConfiguration", + "includeTargets@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations(\u0027SoftwareOath\u0027)/microsoft.graph.softwareOathAuthenticationMethodConfiguration/includeTargets", + "includeTargets": [ + { + "targetType": "group", + "id": "all_users", + "isRegistrationRequired": false + } + ] + } + }, + { + "ExcludeTargets": [ + + ], + "Id": "Voice", + "State": "disabled", + "AdditionalProperties": { + "@odata.type": "#microsoft.graph.voiceAuthenticationMethodConfiguration", + "isOfficePhoneAllowed": false, + "isCustomGreetingEnabled": false, + "includeTargets@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations(\u0027Voice\u0027)/microsoft.graph.voiceAuthenticationMethodConfiguration/includeTargets", + "includeTargets": [ + { + "targetType": "group", + "id": "all_users", + "isRegistrationRequired": false + } + ] + } + }, + { + "ExcludeTargets": [ + + ], + "Id": "Email", + "State": "disabled", + "AdditionalProperties": { + "@odata.type": "#microsoft.graph.emailAuthenticationMethodConfiguration", + "allowExternalIdToUseEmailOtp": "disabled", + "includeTargets@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations(\u0027Email\u0027)/microsoft.graph.emailAuthenticationMethodConfiguration/includeTargets", + "includeTargets": [ + + ] + } + }, + { + "ExcludeTargets": [ + + ], + "Id": "X509Certificate", + "State": "enabled", + "AdditionalProperties": { + "@odata.type": "#microsoft.graph.x509CertificateAuthenticationMethodConfiguration", + "certificateUserBindings": [ + { + "x509CertificateField": "PrincipalName", + "userProperty": "certificateUserIds", + "priority": 1, + "trustAffinityLevel": "low" + } + ], + "authenticationModeConfiguration": { + "x509CertificateAuthenticationDefaultMode": "x509CertificateSingleFactor", + "x509CertificateDefaultRequiredAffinityLevel": "low", + "rules": [ + { + "x509CertificateRuleType": "policyOID", + "identifier": "2.16.840.1.101.3.2.1.3.13", + "x509CertificateAuthenticationMode": "x509CertificateMultiFactor", + "x509CertificateRequiredAffinityLevel": "low", + "policyOidIdentifier": "2.16.840.1.101.3.2.1.3.13" + } + ] + }, + "issuerHintsConfiguration": { + "state": "disabled" + }, + "crlValidationConfiguration": { + "state": "disabled", + "exemptedCertificateAuthoritiesSubjectKeyIdentifiers": [ + + ] + }, + "includeTargets@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations(\u0027X509Certificate\u0027)/microsoft.graph.x509CertificateAuthenticationMethodConfiguration/includeTargets", + "includeTargets": [ + { + "targetType": "group", + "id": "64720f66-b5cc-41ae-aec7-562f90038952", + "isRegistrationRequired": false + }, + { + "targetType": "group", + "id": "bf430dde-a18a-476d-977b-81796b4ab2c0", + "isRegistrationRequired": false + } + ] + } + } + ], + "authentication_method_policy": { + "Description": "The tenant-wide policy that controls which authentication methods are allowed in the tenant, authentication method registration requirements, and self-service password reset settings", + "DisplayName": "Authentication Methods Policy", + "Id": "authenticationMethodsPolicy", + "LastModifiedDateTime": "Date(1708376786872)", + "PolicyMigrationState": "preMigration", + "PolicyVersion": "1.5", + "ReconfirmationInDays": null, + "RegistrationEnforcement": { + "AuthenticationMethodsRegistrationCampaign": { + "EnforceRegistrationAfterAllowedSnoozes": true, + "ExcludeTargets": [ + { + "Id": "64720f66-b5cc-41ae-aec7-562f90038952", + "TargetType": "group" + }, + { + "Id": "6066af10-d921-4de6-9ae4-7f01057ec372", + "TargetType": "user" + }, + { + "Id": "2bfd4ad1-66be-4952-9d8e-d80f228660a0", + "TargetType": "user" + }, + { + "Id": "7a22bd70-341c-4903-a014-d8cfd5c1d75f", + "TargetType": "user" + } + ], + "IncludeTargets": [ + { + "Id": "all_users", + "TargetType": "group", + "TargetedAuthenticationMethod": "microsoftAuthenticator" + } + ], + "SnoozeDurationInDays": 1, + "State": "disabled" + } + }, + "ReportSuspiciousActivitySettings": { + "IncludeTarget": { + "Id": "all_users", + "TargetType": "group" + }, + "State": "default", + "VoiceReportingCode": 0 + }, + "SystemCredentialPreferences": { + "ExcludeTargets": [ + + ], + "IncludeTargets": [ + { + "Id": "all_users", + "TargetType": "group" + } + ], + "State": "default" + }, + "AdditionalProperties": { + "@odata.context": "https://graph.microsoft.com/beta/$metadata#authenticationMethodsPolicy", + "authenticationMethodConfigurations@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations" + } + } + } +], + "domain_settings": [ + { + "AuthenticationType": "Managed", + "AvailabilityStatus": null, + "DomainNameReferences": null, + "FederationConfiguration": null, + "Id": "tedtest.hoorah.com", + "IsAdminManaged": true, + "IsDefault": false, + "IsInitial": false, + "IsRoot": false, + "IsVerified": false, + "PasswordNotificationWindowInDays": null, + "PasswordValidityPeriodInDays": null, + "ServiceConfigurationRecords": null, + "SharedEmailDomainInvitations": null, + "State": { + "LastActionDateTime": null, + "Operation": null, + "Status": null + }, + "SupportedServices": [ - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", - "isExpirationRequired": true, - "maximumDuration": "P180D" - } - }, - { - "Id": "Enablement_Admin_Assignment", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + ], + "VerificationDnsRecords": null, + "AdditionalProperties": { - ], - "InheritableSettings": [ + } + }, + { + "AuthenticationType": "Managed", + "AvailabilityStatus": null, + "DomainNameReferences": null, + "FederationConfiguration": null, + "Id": "tqhjy.onmicrosoft.com", + "IsAdminManaged": true, + "IsDefault": true, + "IsInitial": true, + "IsRoot": true, + "IsVerified": true, + "PasswordNotificationWindowInDays": 14, + "PasswordValidityPeriodInDays": 2147483647, + "ServiceConfigurationRecords": null, + "SharedEmailDomainInvitations": null, + "State": { + "LastActionDateTime": null, + "Operation": null, + "Status": null + }, + "SupportedServices": [ + "Email", + "OfficeCommunicationsOnline" + ], + "VerificationDnsRecords": null, + "AdditionalProperties": { - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", - "enabledRules": [ - "Justification" - ] - } - }, - { - "Id": "Notification_Admin_Admin_Assignment", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + } + } +], + "license_information": [ + { + "SkuId": "eddf428b-da0e-4115-accf-b29eb0b83965", + "SkuPartNumber": "CDS_DB_CAPACITY_GOV", + "ConsumedUnits": 0, + "PrepaidUnits": { + "Enabled": 1, + "LockedOut": 0, + "Suspended": 0, + "Warning": 0 + } + }, + { + "SkuId": "e2be619b-b125-455f-8660-fb503e431a5d", + "SkuPartNumber": "M365_G5_GCC", + "ConsumedUnits": 9, + "PrepaidUnits": { + "Enabled": 10, + "LockedOut": 0, + "Suspended": 0, + "Warning": 0 + } + } +], + "total_user_count": 10, + "aad_successful_commands": [ + "Get-MgBetaIdentityConditionalAccessPolicy", + "Get-MgBetaSubscribedSku", + "Get-PrivilegedUser", + "Get-PrivilegedRole", + "Get-MgBetaUserCount", + "Get-MgBetaPolicyAuthorizationPolicy", + "Get-MgBetaDirectorySetting", + "Get-MgBetaPolicyAuthenticationMethodPolicy", + "Get-MgBetaDomain" +], + "aad_unsuccessful_commands": [ - ], - "InheritableSettings": [ +], "protection_policy_rules": [ + { + "HostedContentFilterPolicy": "Strict Preset Security Policy1681329956650", + "AntiPhishPolicy": "Strict Preset Security Policy1681329955447", + "MalwareFilterPolicy": "Strict Preset Security Policy1681329957931", + "State": "Enabled", + "Priority": 0, + "Comments": null, + "Description": "If the message:\r\n\tIs sent to \u0027johndoe@tqhjy.onmicrosoft.com\u0027\r\n\tand Is sent to a member of group \u0027mofuntonight@tqhjy.onmicrosoft.com\u0027\r\n\tand recipients\u0027s address domain portion belongs to any of these domains: \u0027badpeople.r.us\u0027\r\nTake the following actions:\r\n\tApply hosted content filter policy \"Strict Preset Security Policy1681329956650\"., Apply AntiPhish policy \"Strict Preset Security Policy1681329955447\"., Apply malware filter policy \"Strict Preset Security Policy1681329957931\".\r\n", + "RuleVersion": { + "Major": 15, + "Minor": 0, + "Build": 5, + "Revision": 2, + "MajorRevision": 0, + "MinorRevision": 2 + }, + "SentTo": [ + "johndoe@tqhjy.onmicrosoft.com" + ], + "SentToMemberOf": [ + "mofuntonight@tqhjy.onmicrosoft.com" + ], + "RecipientDomainIs": [ + "badpeople.r.us" + ], + "ExceptIfSentTo": null, + "ExceptIfSentToMemberOf": null, + "ExceptIfRecipientDomainIs": null, + "Conditions": [ + "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.SentToPredicate", + "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.SentToMemberOfPredicate", + "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.RecipientDomainIsPredicate" + ], + "Exceptions": null, + "Identity": "Strict Preset Security Policy", + "DistinguishedName": "CN=Strict Preset Security Policy,CN=EOPProtectionPolicyRuleVersioned,CN=Rules,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM", + "Guid": "9d0f5aee-cf8c-4239-9ec4-3560118c1b7e", + "ImmutableId": "9d0f5aee-cf8c-4239-9ec4-3560118c1b7e", + "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", + "Name": "Strict Preset Security Policy", + "IsValid": true, + "WhenChanged": "Date(1717562164000)", + "ExchangeVersion": "0.1 (8.0.535.0)", + "ObjectState": "Unchanged" + }, + { + "HostedContentFilterPolicy": "Standard Preset Security Policy1659535432883", + "AntiPhishPolicy": "Standard Preset Security Policy1659535429826", + "MalwareFilterPolicy": "Standard Preset Security Policy1659535435292", + "State": "Enabled", + "Priority": 1, + "Comments": null, + "Description": "Take the following actions:\r\n\tApply hosted content filter policy \"Standard Preset Security Policy1659535432883\"., Apply AntiPhish policy \"Standard Preset Security Policy1659535429826\"., Apply malware filter policy \"Standard Preset Security Policy1659535435292\".\r\n", + "RuleVersion": { + "Major": 14, + "Minor": 0, + "Build": 0, + "Revision": 0, + "MajorRevision": 0, + "MinorRevision": 0 + }, + "SentTo": null, + "SentToMemberOf": null, + "RecipientDomainIs": null, + "ExceptIfSentTo": null, + "ExceptIfSentToMemberOf": null, + "ExceptIfRecipientDomainIs": null, + "Conditions": null, + "Exceptions": null, + "Identity": "Standard Preset Security Policy", + "DistinguishedName": "CN=Standard Preset Security Policy,CN=EOPProtectionPolicyRuleVersioned,CN=Rules,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM", + "Guid": "83318c49-93e8-497b-8fd3-614b090e6103", + "ImmutableId": "83318c49-93e8-497b-8fd3-614b090e6103", + "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", + "Name": "Standard Preset Security Policy", + "IsValid": true, + "WhenChanged": "Date(1717562091000)", + "ExchangeVersion": "0.1 (8.0.535.0)", + "ObjectState": "Unchanged" + } +], + "atp_policy_rules": [ + { + "SafeAttachmentPolicy": "Strict Preset Security Policy1681329958553", + "SafeLinksPolicy": "Strict Preset Security Policy1681329959203", + "State": "Enabled", + "Priority": 0, + "Comments": null, + "Description": "If the message:\r\n\tIs sent to \u0027johndoe@tqhjy.onmicrosoft.com\u0027\r\n\tand Is sent to a member of group \u0027mofuntonight@tqhjy.onmicrosoft.com\u0027\r\n\tand recipients\u0027s address domain portion belongs to any of these domains: \u0027badpeople.r.us\u0027\r\nTake the following actions:\r\n\tApply safe attachment policy \"Strict Preset Security Policy1681329958553\"., Apply safe links policy \"Strict Preset Security Policy1681329959203\".\r\n", + "RuleVersion": { + "Major": 15, + "Minor": 0, + "Build": 5, + "Revision": 2, + "MajorRevision": 0, + "MinorRevision": 2 + }, + "SentTo": [ + "johndoe@tqhjy.onmicrosoft.com" + ], + "SentToMemberOf": [ + "mofuntonight@tqhjy.onmicrosoft.com" + ], + "RecipientDomainIs": [ + "badpeople.r.us" + ], + "ExceptIfSentTo": null, + "ExceptIfSentToMemberOf": null, + "ExceptIfRecipientDomainIs": null, + "Conditions": [ + "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.SentToPredicate", + "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.SentToMemberOfPredicate", + "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.RecipientDomainIsPredicate" + ], + "Exceptions": null, + "Identity": "Strict Preset Security Policy", + "DistinguishedName": "CN=Strict Preset Security Policy,CN=ATPProtectionPolicyRuleVersioned,CN=Rules,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM", + "Guid": "92ea4876-f3bc-4f2f-9c6a-d4ad7bedc31e", + "ImmutableId": "92ea4876-f3bc-4f2f-9c6a-d4ad7bedc31e", + "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", + "Name": "Strict Preset Security Policy", + "IsValid": true, + "WhenChanged": "Date(1717562091000)", + "ExchangeVersion": "0.1 (8.0.535.0)", + "ObjectState": "Unchanged" + }, + { + "SafeAttachmentPolicy": "Standard Preset Security Policy1659535436109", + "SafeLinksPolicy": "Standard Preset Security Policy1659535436756", + "State": "Disabled", + "Priority": 1, + "Comments": null, + "Description": "Take the following actions:\r\n\tApply safe attachment policy \"Standard Preset Security Policy1659535436109\"., Apply safe links policy \"Standard Preset Security Policy1659535436756\".\r\n", + "RuleVersion": { + "Major": 14, + "Minor": 0, + "Build": 0, + "Revision": 0, + "MajorRevision": 0, + "MinorRevision": 0 + }, + "SentTo": null, + "SentToMemberOf": null, + "RecipientDomainIs": null, + "ExceptIfSentTo": null, + "ExceptIfSentToMemberOf": null, + "ExceptIfRecipientDomainIs": null, + "Conditions": null, + "Exceptions": null, + "Identity": "Standard Preset Security Policy", + "DistinguishedName": "CN=Standard Preset Security Policy,CN=ATPProtectionPolicyRuleVersioned,CN=Rules,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM", + "Guid": "d6c7c877-13b8-4baf-a85c-bc1c008fa515", + "ImmutableId": "d6c7c877-13b8-4baf-a85c-bc1c008fa515", + "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", + "Name": "Standard Preset Security Policy", + "IsValid": true, + "WhenChanged": "Date(1717562091000)", + "ExchangeVersion": "0.1 (8.0.535.0)", + "ObjectState": "Unchanged" + } +], + "dlp_compliance_policies": [ + { + "Mode": "Enable", + "DisplayName": "Default Office 365 DLP policy", + "Type": "Dlp", + "ExchangeLocation": [ + "All" + ], + "SharePointLocation": [ + "All" + ], + "SharePointLocationException": [ - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Admin", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ - "bobo@fakemail.com" - ] - } - }, - { - "Id": "Notification_Requestor_Admin_Assignment", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + ], + "OneDriveLocation": [ + "All" + ], + "OneDriveLocationException": [ - ], - "InheritableSettings": [ + ], + "ExchangeOnPremisesLocation": [ - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Requestor", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + ], + "SharePointOnPremisesLocation": [ - ] - } - }, - { - "Id": "Notification_Approver_Admin_Assignment", - "Target": { - "Caller": "Admin", - "EnforcedSettings": [ + ], + "SharePointOnPremisesLocationException": [ - ], - "InheritableSettings": [ + ], + "TeamsLocation": [ + "All" + ], + "TeamsLocationException": [ - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Approver", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + ], + "EndpointDlpLocation": [ - ] - } - }, - { - "Id": "Expiration_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + ], + "EndpointDlpLocationException": [ - ], - "InheritableSettings": [ + ], + "ThirdPartyAppDlpLocation": [ - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyExpirationRule", - "isExpirationRequired": true, - "maximumDuration": "PT8H" - } - }, - { - "Id": "Enablement_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + ], + "ThirdPartyAppDlpLocationException": [ - ], - "InheritableSettings": [ + ], + "OnPremisesScannerDlpLocation": [ + "All" + ], + "OnPremisesScannerDlpLocationException": [ - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyEnablementRule", - "enabledRules": [ - "Justification" - ] - } - }, - { - "Id": "Approval_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + ], + "PowerBIDlpLocation": [ - ], - "InheritableSettings": [ + ], + "PowerBIDlpLocationException": [ - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyApprovalRule", - "setting": { - "isApprovalRequired": false, - "isApprovalRequiredForExtension": false, - "isRequestorJustificationRequired": true, - "approvalMode": "SingleStage", - "approvalStages": [ - { - "approvalStageTimeOutInDays": 1, - "isApproverJustificationRequired": true, - "escalationTimeInMinutes": 0, - "isEscalationEnabled": false, - "primaryApprovers": [ + ], + "Locations": "", + "LocationInclusions": [ - ], - "escalationApprovers": [ + ], + "LocationExclusions": [ - ] - } - ] - } - } - }, - { - "Id": "AuthenticationContext_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + ], + "EndpointDlpExtendedLocations": "", + "ExchangeSender": [ - ], - "InheritableSettings": [ + ], + "ExchangeSenderException": [ - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyAuthenticationContextRule", - "isEnabled": false, - "claimValue": "" - } - }, - { - "Id": "Notification_Admin_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + ], + "PolicyTemplateInfo": { - ], - "InheritableSettings": [ + }, + "MatchedItemsCount": null, + "TotalItemsCount": null, + "TopNLocationStatistics": null, + "WorkloadStatistics": null, + "IsSimulationPolicy": false, + "SimulationStatus": null, + "AutoEnableAfter": null, + "IsFromSmartInsights": null, + "IsColdDataSimulationPolicy": false, + "ExtendedProperties": null, + "Summary": false, + "OneDriveSharedBy": [ - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Admin", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ - "bobo@fakemail.com" - ] - } - }, - { - "Id": "Notification_Requestor_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + ], + "ExceptIfOneDriveSharedBy": [ - ], - "InheritableSettings": [ + ], + "OneDriveSharedByMemberOf": [ - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Requestor", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + ], + "ExceptIfOneDriveSharedByMemberOf": [ - ] - } - }, - { - "Id": "Notification_Approver_EndUser_Assignment", - "Target": { - "Caller": "EndUser", - "EnforcedSettings": [ + ], + "ExchangeSenderMemberOf": [ - ], - "InheritableSettings": [ + ], + "ExchangeSenderMemberOfException": [ - ], - "Level": "Assignment", - "Operations": [ - "All" - ], - "TargetObjects": null - }, - "RuleSource": "PIM Test Group 2", - "RuleSourceType": "PIM Group", - "AdditionalProperties": { - "@odata.type": "#microsoft.graph.unifiedRoleManagementPolicyNotificationRule", - "notificationType": "Email", - "recipientType": "Approver", - "notificationLevel": "All", - "isDefaultRecipientsEnabled": true, - "notificationRecipients": [ + ], + "ExchangeAdaptiveScopes": null, + "ExchangeAdaptiveScopesException": null, + "SharePointAdaptiveScopes": null, + "SharePointAdaptiveScopesException": null, + "OneDriveAdaptiveScopes": null, + "OneDriveAdaptiveScopesException": null, + "TeamsAdaptiveScopes": null, + "TeamsAdaptiveScopesException": null, + "EndpointDlpAdaptiveScopes": null, + "EndpointDlpAdaptiveScopesException": null, + "ExpectedLocations": 0, + "CompletedLocations": 0, + "FailedLocations": 0, + "ItemStatistics": null, + "RuleMatchBlob": null, + "ErrorMetadata": null, + "UserAdministrativeUnitMembershipMap": null, + "ForceValidate": false, + "PolicyRulesMetaData": "{\"WhenRulesChangedUtc\":\"2023-10-05T17:47:20.3689468Z\"}", + "Workload": "Exchange, SharePoint, OneDriveForBusiness, Teams, OnPremisesScanner", + "Priority": 1, + "ObjectVersion": "fe559c64-4f24-4f09-09f6-08dc7675e468", + "CreatedBy": "", + "LastModifiedBy": "John Public", + "ReadOnly": false, + "ExternalIdentity": "", + "Comment": "This policy detects the presence of credit card numbers in externally shared documents and emails. End users are notified of the detection with the suggestion to consider either removing the sensitive data or restricting the sharing.", + "Enabled": true, + "DistributionStatus": "Pending", + "DistributionSyncStatus": "Unknown", + "DistributionResults": null, + "LastStatusUpdateTime": null, + "ModificationTimeUtc": "Date(1715970789503)", + "CreationTimeUtc": "Date(1614655720970)", + "PolicyRBACScopes": [ - ] - } - } - ] + ], + "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Default Office 365 DLP policy", + "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Default Office 365 DLP policy", + "IsValid": true, + "ExchangeVersion": "0.20 (15.0.0.0)", + "Name": "Default Office 365 DLP policy", + "DistinguishedName": "CN=Default Office 365 DLP policy,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", + "ObjectCategory": null, + "ObjectClass": [ + "msExchUnifiedPolicy" + ], + "WhenChanged": "Date(1715952789000)", + "WhenCreated": "Date(1617646100000)", + "WhenChangedUTC": "Date(1715952789000)", + "WhenCreatedUTC": "Date(1617646100000)", + "ExchangeObjectId": "8cb4f574-1a54-45e1-bf58-73bbe023ebad", + "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", + "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration", + "Guid": "8cb4f574-1a54-45e1-bf58-73bbe023ebad", + "OriginatingServer": "", + "ObjectState": "Changed" } ], - "service_plans": [ + "dlp_compliance_rules": [ { - "AppliesTo": "Company", - "ProvisioningStatus": "Success", - "ServicePlanId": "922ba911-5694-4e99-a794-73aed9bfeec8", - "ServicePlanName": "EXCHANGE_S_FOUNDATION_GOV", - "AdditionalProperties": { + "SubjectContainsWords": [ - } - }, - { - "AppliesTo": "Company", - "ProvisioningStatus": "Success", - "ServicePlanId": "1ddffef6-4f69-455e-89c7-d5d72105f915", - "ServicePlanName": "CDS_DB_CAPACITY_GOV", - "AdditionalProperties": { + ], + "ExceptIfSubjectContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "cd31b152-6326-4d1b-ae1b-997b625182e6", - "ServicePlanName": "MIP_S_Exchange", - "AdditionalProperties": { + ], + "SubjectOrBodyMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "b74d57b2-58e9-484a-9731-aeccbba954f0", - "ServicePlanName": "GRAPH_CONNECTORS_SEARCH_INDEX_TOPICEXP", - "AdditionalProperties": { + ], + "ExceptIfSubjectOrBodyMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "a6520331-d7d4-4276-95f5-15c0933bc757", - "ServicePlanName": "GRAPH_CONNECTORS_SEARCH_INDEX", - "AdditionalProperties": { + ], + "SubjectOrBodyContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "bf6f5520-59e3-4f82-974b-7dbbc4fd27c7", - "ServicePlanName": "SAFEDOCS", - "AdditionalProperties": { + ], + "ExceptIfSubjectOrBodyContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "9b7c50ec-cd50-44f2-bf48-d72de6f90717", - "ServicePlanName": "PROJECT_O365_P3_GOV", - "AdditionalProperties": { + ], + "DocumentMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "3fb82609-8c27-4f7b-bd51-30634711ee67", - "ServicePlanName": "BPOS_S_TODO_3", - "AdditionalProperties": { + ], + "ExceptIfDocumentMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "4a51bca5-1eff-43f5-878c-177680f191af", - "ServicePlanName": "WHITEBOARD_PLAN3", - "AdditionalProperties": { + ], + "DocumentContainsWords": [ - } - }, - { - "AppliesTo": "Company", - "ProvisioningStatus": "Success", - "ServicePlanId": "94065c59-bc8e-4e8b-89e5-5138d471eaff", - "ServicePlanName": "MICROSOFT_SEARCH", - "AdditionalProperties": { + ], + "ExceptIfDocumentContainsWords": [ - } - }, - { - "AppliesTo": "Company", - "ProvisioningStatus": "Success", - "ServicePlanId": "2b815d45-56e4-4e3a-b65c-66cb9175b560", - "ServicePlanName": "ContentExplorer_Standard", - "AdditionalProperties": { + ], + "SenderADAttributeMatchesPatterns": null, + "ExceptIfSenderADAttributeMatchesPatterns": null, + "SenderADAttributeContainsWords": null, + "ExceptIfSenderADAttributeContainsWords": null, + "RecipientADAttributeMatchesPatterns": null, + "ExceptIfRecipientADAttributeMatchesPatterns": null, + "RecipientADAttributeContainsWords": null, + "ExceptIfRecipientADAttributeContainsWords": null, + "ContentCharacterSetContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "c4801e8a-cb58-4c35-aca6-f2dcc106f287", - "ServicePlanName": "INFORMATION_BARRIERS", - "AdditionalProperties": { + ], + "ExceptIfContentCharacterSetContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "bce5e5ca-c2fd-4d53-8ee2-58dfffed4c10", - "ServicePlanName": "CDS_O365_P3_GCC", - "AdditionalProperties": { + ], + "DocumentNameMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "a7d3fb37-b6df-4085-b509-50810d991a39", - "ServicePlanName": "DYN365_CDS_O365_P3_GCC", - "AdditionalProperties": { + ], + "ExceptIfDocumentNameMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "d2d51368-76c9-4317-ada2-a12c004c432f", - "ServicePlanName": "ML_CLASSIFICATION", - "AdditionalProperties": { + ], + "MessageSizeOver": "", + "ExceptIfMessageSizeOver": "", + "AttachmentCountOver": null, + "MessageTypeMatches": null, + "ExceptIfMessageTypeMatches": null, + "UnscannableDocumentExtensionIs": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "64bfac92-2b17-4482-b5e5-a0304429de3e", - "ServicePlanName": "MICROSOFTENDPOINTDLP", - "AdditionalProperties": { + ], + "ExceptIfUnscannableDocumentExtensionIs": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "a31ef4a2-f787-435e-8335-e47eb0cafc94", - "ServicePlanName": "MCOSTANDARD_GOV", - "AdditionalProperties": { + ], + "HeaderContainsWords": null, + "ExceptIfHeaderContainsWords": null, + "HeaderContainsTokens": null, + "ExceptIfHeaderContainsTokens": null, + "DeviceManagementType": null, + "ExceptIfDeviceManagementType": null, + "AccessedBy": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "153f85dd-d912-4762-af6c-d6e0fb4f6692", - "ServicePlanName": "SHAREPOINTENTERPRISE_GOV", - "AdditionalProperties": { + ], + "ExceptIfAccessedBy": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "617b097b-4b93-4ede-83de-5f075bb5fb2f", - "ServicePlanName": "PREMIUM_ENCRYPTION", - "AdditionalProperties": { + ], + "AccessedByMemberOf": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "944e9726-f011-4353-b654-5f7d2663db76", - "ServicePlanName": "BI_AZURE_P_2_GOV", - "AdditionalProperties": { + ], + "ExceptIfAccessedByMemberOf": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "8055d84a-c172-42eb-b997-6c2ae4628246", - "ServicePlanName": "FLOW_O365_P3_GOV", - "AdditionalProperties": { + ], + "BlockAccess": true, + "BlockAccessScope": "All", + "EncryptRMSTemplate": null, + "EnforcePortalAccess": true, + "ApplyBrandingTemplate": "", + "RemoveRMSTemplate": false, + "EndpointDlpRestrictions": null, + "EndpointDlpBrowserRestrictions": null, + "ThirdPartyAppDlpRestrictions": null, + "OnPremisesScannerDlpRestrictions": null, + "PowerBIDlpRestrictions": null, + "AlertProperties": { + "AggregationType": "None" + }, + "GenerateAlert": [ + "true" + ], + "GenerateIncidentReport": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "0eacfc38-458a-40d3-9eab-9671258f1a3e", - "ServicePlanName": "POWERAPPS_O365_P3_GOV", - "AdditionalProperties": { + ], + "IncidentReportContent": null, + "NotifyUser": [ + "LastModifier" + ], + "NotifyAllowOverride": null, + "NotifyEmailCustomText": "", + "NotifyEmailCustomSubject": "", + "NotifyEmailCustomSenderDisplayName": "", + "NotifyEmailExchangeIncludeAttachment": true, + "NotifyEmailOnedriveRemediationActions": "NotSet", + "NotifyJustificationCustomText": "", + "NotifyJustificationCustomTextTranslations": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "8f9f0f3b-ca90-406c-a842-95579171f8ec", - "ServicePlanName": "SHAREPOINTWAC_GOV", - "AdditionalProperties": { + ], + "NotifyPolicyTipCustomText": "", + "NotifyUserType": "NotSet", + "NotifyPolicyTipCustomTextTranslations": [ + + ], + "NotifyOverrideRequirements": "None", + "NotifyPolicyTipDisplayOption": "Tip", + "NotifyPolicyTipUrl": "", + "NotifyPolicyTipCustomDialog": "", + "NotifyEndpointUser": null, + "RemoveHeader": [ + + ], + "AccessTimeControl": null, + "StopPolicyProcessing": false, + "SetHeader": null, + "AddRecipients": null, + "Moderate": null, + "ModifySubject": null, + "MapRecipients": null, + "RedirectMessageTo": null, + "PrependSubject": "", + "ApplyHtmlDisclaimer": null, + "Quarantine": false, + "TriggerPowerAutomateFlow": "", + "RestrictAccess": null, + "MipRestrictAccess": null, + "SourceType": "", + "Guid": "a7739b6b-9831-467a-a355-3ba7aab938bc", + "AdvancedRuleBuilderContext": null, + "ParentPolicyName": "Info_TypeITIN_Missing", + "ReportSeverityLevel": "Low", + "ActivationDate": null, + "ExpiryDate": null, + "SenderType": null, + "SenderAddressLocation": null, + "AdvancedRule": "{\r\n \"Version\": \"1.0\",\r\n \"Condition\": {\r\n \"Operator\": \"And\",\r\n \"SubConditions\": [\r\n {\r\n \"ConditionName\": \"ContentContainsSensitiveInformation\",\r\n \"Value\": [\r\n {\r\n \"Groups\": [\r\n {\r\n \"Name\": \"BadInfoTypes\",\r\n \"Operator\": \"Or\",\r\n \"Sensitivetypes\": [\r\n {\r\n \"Name\": \"U.S. Social Security Number (SSN)\",\r\n \"Id\": \"a44669fe-0d48-453d-a9b1-2cc83f2cba77\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"Medium\",\r\n \"Minconfidence\": 75,\r\n \"Maxconfidence\": 100\r\n },\r\n {\r\n \"Name\": \"U.S. / U.K. Passport Number\",\r\n \"Id\": \"178ec42a-18b4-47cc-85c7-d62c92fd67f8\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"Medium\",\r\n \"Minconfidence\": 75,\r\n \"Maxconfidence\": 100\r\n },\r\n {\r\n \"Name\": \"Credit Card Number\",\r\n \"Id\": \"50842eb7-edc8-4019-85dd-5a5c1f2bb085\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"High\",\r\n \"Minconfidence\": 85,\r\n \"Maxconfidence\": 100\r\n }\r\n ]\r\n }\r\n ],\r\n \"Operator\": \"And\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}", + "ExecutionRuleGuids": null, + "DisplayName": "Missing_ITIN_Has_UKPassports", + "StorageBindings": null, + "EvaluateRulePerComponent": false, + "IsAdvancedRule": true, + "ContentContainsSensitiveInformation": null, + "ExceptIfContentContainsSensitiveInformation": null, + "ContentMissingSensitivityLabel": null, + "ContentIsNotLabeled": false, + "AttachmentIsNotLabeled": false, + "MessageIsNotLabeled": false, + "DocumentCreatedBy": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "5b4ef465-7ea1-459a-9f91-033317755a51", - "ServicePlanName": "PROJECTWORKMANAGEMENT_GOV", - "AdditionalProperties": { + ], + "ExceptIfDocumentCreatedBy": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "d1cbfb67-18a8-4792-b643-630b7f19aad1", - "ServicePlanName": "EQUIVIO_ANALYTICS_GOV", - "AdditionalProperties": { + ], + "DocumentSizeOver": "", + "ExceptIfDocumentSizeOver": "", + "DocumentNameMatchesWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "304767db-7d23-49e8-a945-4a7eb65f9f28", - "ServicePlanName": "TEAMS_GOV", - "AdditionalProperties": { + ], + "ExceptIfDocumentNameMatchesWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "92c2089d-9a53-49fe-b1a6-9e6bdf959547", - "ServicePlanName": "STREAM_O365_E5_GOV", - "AdditionalProperties": { + ], + "AccessScope": null, + "NonBifurcatingAccessScope": null, + "ExceptIfAccessScope": null, + "FromScope": null, + "ExceptIfFromScope": null, + "WithImportance": null, + "ExceptIfWithImportance": null, + "ExternalScenarioDependancies": { + "ProtectionAlertId": "e95437f3-7b8b-4055-9383-2686e02de873" + }, + "ContentPropertyContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "65cc641f-cccd-4643-97e0-a17e3045e541", - "ServicePlanName": "RECORDS_MANAGEMENT", - "AdditionalProperties": { + ], + "ExceptIfContentPropertyContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "208120d1-9adb-4daf-8c22-816bd5d237e7", - "ServicePlanName": "EXCHANGE_ANALYTICS_GOV", - "AdditionalProperties": { + ], + "From": null, + "ExceptIfFrom": null, + "FromMemberOf": null, + "ExceptIfFromMemberOf": null, + "DocumentIsUnsupported": false, + "ExceptIfDocumentIsUnsupported": false, + "HasSenderOverride": false, + "ExceptIfHasSenderOverride": false, + "RestrictBrowserAccess": false, + "ProcessingLimitExceeded": false, + "ExceptIfProcessingLimitExceeded": false, + "SentTo": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "c1ec4a95-1f05-45b3-a911-aa3fa01094f5", - "ServicePlanName": "INTUNE_A", - "AdditionalProperties": { + ], + "ExceptIfSentTo": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "d587c7a3-bda9-4f99-8776-9bcf59c84f75", - "ServicePlanName": "INSIDER_RISK", - "AdditionalProperties": { + ], + "RecipientDomainIs": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "900018f1-0cdb-4ecb-94d4-90281760fdc6", - "ServicePlanName": "THREAT_INTELLIGENCE_GOV", - "AdditionalProperties": { + ], + "ExceptIfRecipientDomainIs": [ - } - }, - { - "AppliesTo": "Company", - "ProvisioningStatus": "Success", - "ServicePlanId": "493ff600-6a2b-4db6-ad37-a7d4eb214516", - "ServicePlanName": "ATP_ENTERPRISE_GOV", - "AdditionalProperties": { + ], + "DocumentIsPasswordProtected": false, + "ExceptIfDocumentIsPasswordProtected": false, + "SenderIPRanges": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "14ab5db5-e6c4-4b20-b4bc-13e36fd2227f", - "ServicePlanName": "ATA", - "AdditionalProperties": { + ], + "ExceptIfSenderIPRanges": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "6db1f1db-2b46-403f-be40-e39395f08dbb", - "ServicePlanName": "CUSTOMER_KEY", - "AdditionalProperties": { + ], + "ContentExtensionMatchesWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "6dc145d6-95dd-4191-b9c3-185575ee6f6b", - "ServicePlanName": "COMMUNICATIONS_DLP", - "AdditionalProperties": { + ], + "ExceptIfContentExtensionMatchesWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "2e2ddb96-6af9-4b1d-a3f0-d6ecfd22edb2", - "ServicePlanName": "ADALLOM_S_STANDALONE", - "AdditionalProperties": { + ], + "ContentFileTypeMatches": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "199a5c09-e0ca-4e37-8f7c-b05d533e1ea2", - "ServicePlanName": "MICROSOFTBOOKINGS", - "AdditionalProperties": { + ], + "ExceptIfContentFileTypeMatches": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "8a256a2b-b617-496d-b51b-e76466e88db0", - "ServicePlanName": "MFA_PREMIUM", - "AdditionalProperties": { + ], + "HeaderMatchesPatterns": null, + "ExceptIfHeaderMatchesPatterns": null, + "SubjectMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "db23fce2-a974-42ef-9002-d78dd42a0f22", - "ServicePlanName": "MCOEV_GOV", - "AdditionalProperties": { + ], + "ExceptIfSubjectMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "bf28f719-7844-4079-9c78-c1307898e192", - "ServicePlanName": "MTP", - "AdditionalProperties": { + ], + "AnyOfRecipientAddressContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "f544b08d-1645-4287-82de-8d91f37c02a1", - "ServicePlanName": "MCOMEETADV_GOV", - "AdditionalProperties": { + ], + "ExceptIfAnyOfRecipientAddressContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "de9234ff-6483-44d9-b15e-dca72fdd27af", - "ServicePlanName": "OFFICESUBSCRIPTION_GOV", - "AdditionalProperties": { + ], + "AnyOfRecipientAddressMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "2f442157-a11c-46b9-ae5b-6e39ff4e5849", - "ServicePlanName": "M365_ADVANCED_AUDITING", - "AdditionalProperties": { + ], + "ExceptIfAnyOfRecipientAddressMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "a413a9ff-720c-4822-98ef-2f37c2a21f4c", - "ServicePlanName": "MICROSOFT_COMMUNICATION_COMPLIANCE", - "AdditionalProperties": { + ], + "FromAddressMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "5136a095-5cf0-4aff-bec3-e84448b38ea5", - "ServicePlanName": "MIP_S_CLP1", - "AdditionalProperties": { + ], + "ExceptIfFromAddressMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "efb0351d-3b08-4503-993d-383af8de41e3", - "ServicePlanName": "MIP_S_CLP2", - "AdditionalProperties": { + ], + "FromAddressContainsWords": [ - } - }, - { - "AppliesTo": "Company", - "ProvisioningStatus": "Success", - "ServicePlanId": "d9fa6af4-e046-4c89-9226-729a0786685d", - "ServicePlanName": "Content_Explorer", - "AdditionalProperties": { + ], + "ExceptIfFromAddressContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "843da3a8-d2cc-4e7a-9e90-dc46019f964c", - "ServicePlanName": "FORMS_GOV_E5", - "AdditionalProperties": { + ], + "SenderDomainIs": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "8c3069c0-ccdb-44be-ab77-986203a67df2", - "ServicePlanName": "EXCHANGE_S_ENTERPRISE_GOV", - "AdditionalProperties": { + ], + "ExceptIfSenderDomainIs": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "89b5d3b1-3855-49fe-b46c-87c66dbc1526", - "ServicePlanName": "LOCKBOX_ENTERPRISE_GOV", - "AdditionalProperties": { + ], + "SentToMemberOf": null, + "ExceptIfSentToMemberOf": null, + "DocumentCreatedByMemberOf": null, + "ExceptIfDocumentCreatedByMemberOf": null, + "HasLabelDowngradedFrom": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "1b66aedf-8ca1-4f73-af76-ec76c6180f98", - "ServicePlanName": "RMS_S_PREMIUM_GOV", - "AdditionalProperties": { + ], + "ContentIsShared": false, + "ExceptIfContentIsShared": false, + "SharedByIRMUserRisk": [ - } + ], + "MessageLabelChangeDetected": null, + "ExceptIfMessageLabelChangeDetected": null, + "RuleErrorAction": null, + "RuleXml": "", + "ReadOnly": false, + "ErrorMetadata": null, + "ExternalIdentity": "", + "ImmutableId": "6c63bd2e-3caf-4817-bab8-1794c388b8c8", + "Priority": 0, + "Workload": "Exchange, SharePoint, OneDriveForBusiness, Teams", + "Policy": "0362dd12-1c3e-484b-983a-3b600a6f9e2a", + "Comment": "Sensitive info types required except ITIN. Has additional UK Passports instead.", + "Disabled": false, + "Mode": "Enforce", + "ObjectVersion": "d1826caf-850a-4c5a-c335-08dbfd7bb17b", + "MaximumBlobRuleLength": 0, + "CreatedBy": "John Public", + "LastModifiedBy": "John Public", + "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Missing_ITIN_Has_UKPassports", + "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Missing_ITIN_Has_UKPassports", + "IsValid": true, + "ExchangeVersion": "0.20 (15.0.0.0)", + "Name": "Missing_ITIN_Has_UKPassports", + "DistinguishedName": "CN=Missing_ITIN_Has_UKPassports,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", + "ObjectCategory": null, + "ObjectClass": [ + "msExchUnifiedRule" + ], + "WhenChanged": "Date(1702651190000)", + "WhenCreated": "Date(1702651039000)", + "WhenChangedUTC": "Date(1702651190000)", + "WhenCreatedUTC": "Date(1702651039000)", + "ExchangeObjectId": "a7739b6b-9831-467a-a355-3ba7aab938bc", + "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", + "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration", + "OriginatingServer": "", + "ObjectState": "Changed", + "IsObjectUnderSystemOperation": false, + "IsSummarizedPsRule": false }, { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "5400a66d-eaa5-427d-80f2-0f26d59d8fce", - "ServicePlanName": "RMS_S_PREMIUM2_GOV", - "AdditionalProperties": { + "SubjectContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "6a76346d-5d6e-4051-9fe3-ed3f312b5597", - "ServicePlanName": "RMS_S_ENTERPRISE_GOV", - "AdditionalProperties": { + ], + "ExceptIfSubjectContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "eec0eb4f-6444-4f95-aba0-50c24d67f998", - "ServicePlanName": "AAD_PREMIUM_P2", - "AdditionalProperties": { + ], + "SubjectOrBodyMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "41781fb2-bc02-4b7c-bd55-b576c07bb09d", - "ServicePlanName": "AAD_PREMIUM", - "AdditionalProperties": { + ], + "ExceptIfSubjectOrBodyMatchesPatterns": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "e26c2fcc-ab91-4a61-b35c-03cdc8dddf66", - "ServicePlanName": "INFO_GOVERNANCE", - "AdditionalProperties": { + ], + "SubjectOrBodyContainsWords": [ - } - }, - { - "AppliesTo": "User", - "ProvisioningStatus": "Success", - "ServicePlanId": "871d91ec-ec1a-452b-a83f-bd76c7d770ef", - "ServicePlanName": "WINDEFATP", - "AdditionalProperties": { + ], + "ExceptIfSubjectOrBodyContainsWords": [ - } - } -], - "directory_settings": [ - { - "DisplayName": "Group.Unified", - "Id": "5ce54204-ef8d-44c5-af88-dc8bd4c16069", - "TemplateId": "62375ab9-6b52-47ed-826b-58e47e0e304b", - "Values": [ - { - "Name": "NewUnifiedGroupWritebackDefault", - "Value": "true" - }, - { - "Name": "EnableMIPLabels", - "Value": "False" - }, - { - "Name": "CustomBlockedWordsList", - "Value": "" - }, - { - "Name": "EnableMSStandardBlockedWords", - "Value": "False" - }, - { - "Name": "ClassificationDescriptions", - "Value": "" - }, - { - "Name": "DefaultClassification", - "Value": "" - }, - { - "Name": "PrefixSuffixNamingRequirement", - "Value": "" - }, - { - "Name": "AllowGuestsToBeGroupOwner", - "Value": "False" - }, - { - "Name": "AllowGuestsToAccessGroups", - "Value": "True" - }, - { - "Name": "GuestUsageGuidelinesUrl", - "Value": "" - }, - { - "Name": "GroupCreationAllowedGroupId", - "Value": "67f62883-f97a-4192-a300-8a1576af8056" - }, - { - "Name": "AllowToAddGuests", - "Value": "True" - }, - { - "Name": "UsageGuidelinesUrl", - "Value": "" - }, - { - "Name": "ClassificationList", - "Value": "" - }, - { - "Name": "EnableGroupCreation", - "Value": "False" - } - ], - "AdditionalProperties": { + ], + "DocumentMatchesPatterns": [ + + ], + "ExceptIfDocumentMatchesPatterns": [ + + ], + "DocumentContainsWords": [ - } - }, - { - "DisplayName": "Consent Policy Settings", - "Id": "62c1305f-60f0-4096-8d72-e1f74e8627f5", - "TemplateId": "dffd5d46-495d-40a9-8e21-954ff55e198a", - "Values": [ - { - "Name": "EnableGroupSpecificConsent", - "Value": "false" - }, - { - "Name": "BlockUserConsentForRiskyApps", - "Value": "true" - }, - { - "Name": "EnableAdminConsentRequests", - "Value": "false" - }, - { - "Name": "ConstrainGroupSpecificConsentToMembersOfGroupId", - "Value": "" - } - ], - "AdditionalProperties": { + ], + "ExceptIfDocumentContainsWords": [ - } - } -], - "authentication_method": [ - { - "AuthenticationMethodConfigurations": [ - { - "ExcludeTargets": [ + ], + "SenderADAttributeMatchesPatterns": null, + "ExceptIfSenderADAttributeMatchesPatterns": null, + "SenderADAttributeContainsWords": null, + "ExceptIfSenderADAttributeContainsWords": null, + "RecipientADAttributeMatchesPatterns": null, + "ExceptIfRecipientADAttributeMatchesPatterns": null, + "RecipientADAttributeContainsWords": null, + "ExceptIfRecipientADAttributeContainsWords": null, + "ContentCharacterSetContainsWords": [ - ], - "Id": "Fido2", - "State": "enabled" - }, - { - "ExcludeTargets": [ + ], + "ExceptIfContentCharacterSetContainsWords": [ - ], - "Id": "MicrosoftAuthenticator", - "State": "enabled" - }, - { - "ExcludeTargets": [ + ], + "DocumentNameMatchesPatterns": [ - ], - "Id": "Sms", - "State": "disabled" - }, - { - "ExcludeTargets": [ + ], + "ExceptIfDocumentNameMatchesPatterns": [ - ], - "Id": "TemporaryAccessPass", - "State": "enabled" - }, - { - "ExcludeTargets": [ + ], + "MessageSizeOver": "", + "ExceptIfMessageSizeOver": "", + "AttachmentCountOver": null, + "MessageTypeMatches": null, + "ExceptIfMessageTypeMatches": null, + "UnscannableDocumentExtensionIs": [ - ], - "Id": "HardwareOath", - "State": "disabled" - }, - { - "ExcludeTargets": [ + ], + "ExceptIfUnscannableDocumentExtensionIs": [ - ], - "Id": "SoftwareOath", - "State": "disabled" - }, - { - "ExcludeTargets": [ + ], + "HeaderContainsWords": null, + "ExceptIfHeaderContainsWords": null, + "HeaderContainsTokens": null, + "ExceptIfHeaderContainsTokens": null, + "DeviceManagementType": null, + "ExceptIfDeviceManagementType": null, + "AccessedBy": [ - ], - "Id": "Voice", - "State": "disabled" - }, - { - "ExcludeTargets": [ + ], + "ExceptIfAccessedBy": [ - ], - "Id": "Email", - "State": "disabled" - }, - { - "ExcludeTargets": [ + ], + "AccessedByMemberOf": [ - ], - "Id": "X509Certificate", - "State": "enabled" - } - ], - "Description": "The tenant-wide policy that controls which authentication methods are allowed in the tenant, authentication method registration requirements, and self-service password reset settings", - "DisplayName": "Authentication Methods Policy", - "Id": "authenticationMethodsPolicy", - "LastModifiedDateTime": "Date(1708376786872)", - "PolicyMigrationState": "preMigration", - "PolicyVersion": "1.5", - "ReconfirmationInDays": null, - "RegistrationEnforcement": { - "AuthenticationMethodsRegistrationCampaign": { - "EnforceRegistrationAfterAllowedSnoozes": true, - "ExcludeTargets": [ - { - "Id": "64720f66-b5cc-41ae-aec7-562f90038952", - "TargetType": "group" - } - ], - "IncludeTargets": [ - { - "Id": "all_users", - "TargetType": "group", - "TargetedAuthenticationMethod": "microsoftAuthenticator" - } - ], - "SnoozeDurationInDays": 1, - "State": "disabled" - } - }, - "ReportSuspiciousActivitySettings": { - "IncludeTarget": { - "Id": "all_users", - "TargetType": "group" - }, - "State": "default", - "VoiceReportingCode": 0 - }, - "SystemCredentialPreferences": { - "ExcludeTargets": [ - - ], - "IncludeTargets": [ - { - "Id": "all_users", - "TargetType": "group" - } - ], - "State": "default" + ], + "ExceptIfAccessedByMemberOf": [ + + ], + "BlockAccess": false, + "BlockAccessScope": null, + "EncryptRMSTemplate": null, + "EnforcePortalAccess": true, + "ApplyBrandingTemplate": "", + "RemoveRMSTemplate": false, + "EndpointDlpRestrictions": [ + { + "setting": "CloudEgress", + "defaultmessage": "none", + "value": "Audit", + "appgroup": "none" + }, + { + "setting": "CopyPaste", + "defaultmessage": "none", + "value": "Audit", + "appgroup": "none" + }, + { + "setting": "RemovableMedia", + "defaultmessage": "none", + "value": "Audit", + "appgroup": "none" + }, + { + "setting": "NetworkShare", + "defaultmessage": "none", + "value": "Audit", + "appgroup": "none" + }, + { + "setting": "UnallowedApps", + "defaultmessage": "none", + "value": "Block", + "appgroup": "none" + }, + { + "setting": "Print", + "defaultmessage": "none", + "value": "Audit", + "appgroup": "none" } - } -], - "domain_settings": [ - { - "AuthenticationType": "Managed", - "AvailabilityStatus": null, - "DomainNameReferences": null, - "FederationConfiguration": null, - "Id": "tqhjy.onmicrosoft.com", - "IsAdminManaged": true, - "IsDefault": true, - "IsInitial": true, - "IsRoot": true, - "IsVerified": true, - "PasswordNotificationWindowInDays": 14, - "PasswordValidityPeriodInDays": 2147483647, - "ServiceConfigurationRecords": null, - "SharedEmailDomainInvitations": null, - "State": { - "LastActionDateTime": null, - "Operation": null, - "Status": null - }, - "SupportedServices": [ - "Email", - "OfficeCommunicationsOnline" - ], - "VerificationDnsRecords": null, - "AdditionalProperties": { + ], + "EndpointDlpBrowserRestrictions": null, + "ThirdPartyAppDlpRestrictions": null, + "OnPremisesScannerDlpRestrictions": null, + "PowerBIDlpRestrictions": null, + "AlertProperties": { + "AggregationType": "None" + }, + "GenerateAlert": [ + "true" + ], + "GenerateIncidentReport": [ - } - }, - { - "AuthenticationType": "Managed", - "AvailabilityStatus": null, - "DomainNameReferences": null, - "FederationConfiguration": null, - "Id": "tqhjy.onmicrosoft.com", - "IsAdminManaged": true, - "IsDefault": false, - "IsInitial": false, - "IsRoot": true, - "IsVerified": true, - "PasswordNotificationWindowInDays": 14, - "PasswordValidityPeriodInDays": 2147483647, - "ServiceConfigurationRecords": null, - "SharedEmailDomainInvitations": null, - "State": { - "LastActionDateTime": null, - "Operation": null, - "Status": null - }, - "SupportedServices": [ + ], + "IncidentReportContent": null, + "NotifyUser": [ + "LastModifier" + ], + "NotifyAllowOverride": null, + "NotifyEmailCustomText": "", + "NotifyEmailCustomSubject": "", + "NotifyEmailCustomSenderDisplayName": "", + "NotifyEmailExchangeIncludeAttachment": true, + "NotifyEmailOnedriveRemediationActions": "NotSet", + "NotifyJustificationCustomText": "", + "NotifyJustificationCustomTextTranslations": [ + + ], + "NotifyPolicyTipCustomText": "", + "NotifyUserType": "NotSet", + "NotifyPolicyTipCustomTextTranslations": [ + + ], + "NotifyOverrideRequirements": "None", + "NotifyPolicyTipDisplayOption": "Tip", + "NotifyPolicyTipUrl": "", + "NotifyPolicyTipCustomDialog": "", + "NotifyEndpointUser": null, + "RemoveHeader": [ + + ], + "AccessTimeControl": null, + "StopPolicyProcessing": false, + "SetHeader": null, + "AddRecipients": null, + "Moderate": null, + "ModifySubject": null, + "MapRecipients": null, + "RedirectMessageTo": null, + "PrependSubject": "", + "ApplyHtmlDisclaimer": null, + "Quarantine": false, + "TriggerPowerAutomateFlow": "", + "RestrictAccess": null, + "MipRestrictAccess": null, + "SourceType": "", + "Guid": "cb32ef11-441c-4536-a40e-a062000a55c5", + "AdvancedRuleBuilderContext": null, + "ParentPolicyName": "DevicePolicy_CCOnly", + "ReportSeverityLevel": "Low", + "ActivationDate": null, + "ExpiryDate": null, + "SenderType": null, + "SenderAddressLocation": null, + "AdvancedRule": "{\r\n \"Version\": \"1.0\",\r\n \"Condition\": {\r\n \"Operator\": \"And\",\r\n \"SubConditions\": [\r\n {\r\n \"ConditionName\": \"ContentContainsSensitiveInformation\",\r\n \"Value\": [\r\n {\r\n \"Groups\": [\r\n {\r\n \"Name\": \"CCOnly\",\r\n \"Operator\": \"Or\",\r\n \"Sensitivetypes\": [\r\n {\r\n \"Name\": \"Credit Card Number\",\r\n \"Id\": \"50842eb7-edc8-4019-85dd-5a5c1f2bb085\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"High\",\r\n \"Minconfidence\": 85,\r\n \"Maxconfidence\": 100\r\n }\r\n ]\r\n }\r\n ],\r\n \"Operator\": \"And\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}", + "ExecutionRuleGuids": null, + "DisplayName": "CreditCardsOnly", + "StorageBindings": null, + "EvaluateRulePerComponent": false, + "IsAdvancedRule": true, + "ContentContainsSensitiveInformation": null, + "ExceptIfContentContainsSensitiveInformation": null, + "ContentMissingSensitivityLabel": null, + "ContentIsNotLabeled": false, + "AttachmentIsNotLabeled": false, + "MessageIsNotLabeled": false, + "DocumentCreatedBy": [ ], - "VerificationDnsRecords": null, - "AdditionalProperties": { + "ExceptIfDocumentCreatedBy": [ - } - } -], - "license_information": [ - { - "SkuId": "eddf428b-da0e-4115-accf-b29eb0b83965", - "SkuPartNumber": "CDS_DB_CAPACITY_GOV", - "ConsumedUnits": 0, - "PrepaidUnits": { - "Enabled": 1, - "LockedOut": 0, - "Suspended": 0, - "Warning": 0 - } - }, - { - "SkuId": "e2be619b-b125-455f-8660-fb503e431a5d", - "SkuPartNumber": "M365_G5_GCC", - "ConsumedUnits": 30, - "PrepaidUnits": { - "Enabled": 30, - "LockedOut": 0, - "Suspended": 0, - "Warning": 0 - } - } -], - "total_user_count": 82, - "aad_successful_commands": [ - "Get-MgBetaIdentityConditionalAccessPolicy", - "Get-MgBetaSubscribedSku", - "Get-PrivilegedUser", - "Get-PrivilegedRole", - "Get-MgBetaUserCount", - "Get-MgBetaPolicyAuthorizationPolicy", - "Get-MgBetaDirectorySetting", - "Get-MgBetaPolicyAuthenticationMethodPolicy", - "Get-MgBetaDomain" -], - "aad_unsuccessful_commands": [ + ], + "DocumentSizeOver": "", + "ExceptIfDocumentSizeOver": "", + "DocumentNameMatchesWords": [ -], "protection_policy_rules": [ - { - "HostedContentFilterPolicy": "Strict Preset Security Policy1681329956650", - "AntiPhishPolicy": "Strict Preset Security Policy1681329955447", - "MalwareFilterPolicy": "Strict Preset Security Policy1681329957931", - "State": "Disabled", - "Priority": 0, - "Comments": null, - "Description": "If the message:\r\n\tIs sent to \u0027topdog@tqhjy.onmicrosoft.com\u0027\r\n\tand Is sent to a member of group \u0027topteam@tqhjy.onmicrosoft.com\u0027\r\n\tand recipients\u0027s address domain portion belongs to any of these domains: \u0027tqhjy.onmicrosoft.com\u0027\r\nTake the following actions:\r\n\tApply hosted content filter policy \"Strict Preset Security Policy1681329956650\"., Apply AntiPhish policy \"Strict Preset Security Policy1681329955447\"., Apply malware filter policy \"Strict Preset Security Policy1681329957931\".\r\n", - "RuleVersion": { - "Major": 15, - "Minor": 0, - "Build": 5, - "Revision": 2, - "MajorRevision": 0, - "MinorRevision": 2 - }, - "SentTo": [ - "topdog@tqhjy.onmicrosoft.com" - ], - "SentToMemberOf": [ - "topteam@tqhjy.onmicrosoft.com" - ], - "RecipientDomainIs": [ - "tqhjy.onmicrosoft.com" - ], - "ExceptIfSentTo": null, - "ExceptIfSentToMemberOf": null, - "ExceptIfRecipientDomainIs": null, - "Conditions": [ - "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.SentToPredicate", - "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.SentToMemberOfPredicate", - "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.RecipientDomainIsPredicate" - ], - "Exceptions": null, - "Identity": "Strict Preset Security Policy", - "DistinguishedName": "CN=Strict Preset Security Policy,CN=EOPProtectionPolicyRuleVersioned,CN=Rules,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM", - "Guid": "9d0f5aee-cf8c-4239-9ec4-3560118c1b7e", - "ImmutableId": "9d0f5aee-cf8c-4239-9ec4-3560118c1b7e", - "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", - "Name": "Strict Preset Security Policy", - "IsValid": true, - "WhenChanged": "Date(1712120866000)", - "ExchangeVersion": "0.1 (8.0.535.0)", - "ObjectState": "Unchanged" - }, - { - "HostedContentFilterPolicy": "Standard Preset Security Policy1659535432883", - "AntiPhishPolicy": "Standard Preset Security Policy1659535429826", - "MalwareFilterPolicy": "Standard Preset Security Policy1659535435292", - "State": "Enabled", - "Priority": 1, - "Comments": null, - "Description": "Take the following actions:\r\n\tApply hosted content filter policy \"Standard Preset Security Policy1659535432883\"., Apply AntiPhish policy \"Standard Preset Security Policy1659535429826\"., Apply malware filter policy \"Standard Preset Security Policy1659535435292\".\r\n", - "RuleVersion": { - "Major": 14, - "Minor": 0, - "Build": 0, - "Revision": 0, - "MajorRevision": 0, - "MinorRevision": 0 - }, - "SentTo": null, - "SentToMemberOf": null, - "RecipientDomainIs": null, - "ExceptIfSentTo": null, - "ExceptIfSentToMemberOf": null, - "ExceptIfRecipientDomainIs": null, - "Conditions": null, - "Exceptions": null, - "Identity": "Standard Preset Security Policy", - "DistinguishedName": "CN=Standard Preset Security Policy,CN=EOPProtectionPolicyRuleVersioned,CN=Rules,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM", - "Guid": "83318c49-93e8-497b-8fd3-614b090e6103", - "ImmutableId": "83318c49-93e8-497b-8fd3-614b090e6103", - "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", - "Name": "Standard Preset Security Policy", - "IsValid": true, - "WhenChanged": "Date(1712120902000)", - "ExchangeVersion": "0.1 (8.0.535.0)", - "ObjectState": "Unchanged" - } -], - "atp_policy_rules": [ - { - "SafeAttachmentPolicy": "Strict Preset Security Policy1681329958553", - "SafeLinksPolicy": "Strict Preset Security Policy1681329959203", - "State": "Enabled", - "Priority": 0, - "Comments": null, - "Description": "If the message:\r\n\tIs sent to \u0027jdoe@example.com\u0027\r\n\tand Is sent to a member of group \u0027mofuntonight@tqhjy.onmicrosoft.com\u0027\r\n\tand recipients\u0027s address domain portion belongs to any of these domains: \u0027badpeople.example.net\u0027\r\nTake the following actions:\r\n\tApply safe attachment policy \"Strict Preset Security Policy1681329958553\"., Apply safe links policy \"Strict Preset Security Policy1681329959203\".\r\n", - "RuleVersion": { - "Major": 15, - "Minor": 0, - "Build": 5, - "Revision": 2, - "MajorRevision": 0, - "MinorRevision": 2 - }, + ], + "ExceptIfDocumentNameMatchesWords": [ + + ], + "AccessScope": null, + "NonBifurcatingAccessScope": null, + "ExceptIfAccessScope": null, + "FromScope": null, + "ExceptIfFromScope": null, + "WithImportance": null, + "ExceptIfWithImportance": null, + "ExternalScenarioDependancies": { + "ProtectionAlertId": "d46f69a5-6277-49fc-ad26-e0b701c034d0" + }, + "ContentPropertyContainsWords": [ + + ], + "ExceptIfContentPropertyContainsWords": [ + + ], + "From": null, + "ExceptIfFrom": null, + "FromMemberOf": null, + "ExceptIfFromMemberOf": null, + "DocumentIsUnsupported": false, + "ExceptIfDocumentIsUnsupported": false, + "HasSenderOverride": false, + "ExceptIfHasSenderOverride": false, + "RestrictBrowserAccess": false, + "ProcessingLimitExceeded": false, + "ExceptIfProcessingLimitExceeded": false, "SentTo": [ - "jdoe@example.com" + ], - "SentToMemberOf": [ - "mofuntonight@tqhjy.onmicrosoft.com" + "ExceptIfSentTo": [ + ], "RecipientDomainIs": [ - "badpeople.example.net" - ], - "ExceptIfSentTo": null, - "ExceptIfSentToMemberOf": null, - "ExceptIfRecipientDomainIs": null, - "Conditions": [ - "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.SentToPredicate", - "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.SentToMemberOfPredicate", - "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.RecipientDomainIsPredicate" - ], - "Exceptions": null, - "Identity": "Strict Preset Security Policy", - "DistinguishedName": "CN=Strict Preset Security Policy,CN=ATPProtectionPolicyRuleVersioned,CN=Rules,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM", - "Guid": "92ea4876-f3bc-4f2f-9c6a-d4ad7bedc31e", - "ImmutableId": "92ea4876-f3bc-4f2f-9c6a-d4ad7bedc31e", - "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", - "Name": "Strict Preset Security Policy", - "IsValid": true, - "WhenChanged": "Date(1712121048000)", - "ExchangeVersion": "0.1 (8.0.535.0)", - "ObjectState": "Unchanged" - }, - { - "SafeAttachmentPolicy": "Standard Preset Security Policy1659535436109", - "SafeLinksPolicy": "Standard Preset Security Policy1659535436756", - "State": "Disabled", - "Priority": 1, - "Comments": null, - "Description": "Take the following actions:\r\n\tApply safe attachment policy \"Standard Preset Security Policy1659535436109\"., Apply safe links policy \"Standard Preset Security Policy1659535436756\".\r\n", - "RuleVersion": { - "Major": 14, - "Minor": 0, - "Build": 0, - "Revision": 0, - "MajorRevision": 0, - "MinorRevision": 0 - }, - "SentTo": null, - "SentToMemberOf": null, - "RecipientDomainIs": null, - "ExceptIfSentTo": null, - "ExceptIfSentToMemberOf": null, - "ExceptIfRecipientDomainIs": null, - "Conditions": null, - "Exceptions": null, - "Identity": "Standard Preset Security Policy", - "DistinguishedName": "CN=Standard Preset Security Policy,CN=ATPProtectionPolicyRuleVersioned,CN=Rules,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM", - "Guid": "d6c7c877-13b8-4baf-a85c-bc1c008fa515", - "ImmutableId": "d6c7c877-13b8-4baf-a85c-bc1c008fa515", - "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", - "Name": "Standard Preset Security Policy", - "IsValid": true, - "WhenChanged": "Date(1712120975000)", - "ExchangeVersion": "0.1 (8.0.535.0)", - "ObjectState": "Unchanged" - } -], - "dlp_compliance_policies": [ - { - "Mode": "Enable", - "DisplayName": "Default Office 365 DLP policy", - "Type": "Dlp", - "ExchangeLocation": [ - "All" - ], - "SharePointLocation": [ - "All" - ], - "SharePointLocationException": [ - - ], - "OneDriveLocation": [ - "All" - ], - "OneDriveLocationException": [ - - ], - "ExchangeOnPremisesLocation": [ - ], - "SharePointOnPremisesLocation": [ + ], + "ExceptIfRecipientDomainIs": [ - ], - "SharePointOnPremisesLocationException": [ + ], + "DocumentIsPasswordProtected": false, + "ExceptIfDocumentIsPasswordProtected": false, + "SenderIPRanges": [ - ], - "TeamsLocation": [ - "All" - ], - "TeamsLocationException": [ + ], + "ExceptIfSenderIPRanges": [ ], - "EndpointDlpLocation": [ - - ], - "EndpointDlpLocationException": [ + "ContentExtensionMatchesWords": [ ], - "ThirdPartyAppDlpLocation": [ - - ], - "ThirdPartyAppDlpLocationException": [ + "ExceptIfContentExtensionMatchesWords": [ - ], - "OnPremisesScannerDlpLocation": [ - "All" - ], - "OnPremisesScannerDlpLocationException": [ + ], + "ContentFileTypeMatches": [ - ], - "PowerBIDlpLocation": [ + ], + "ExceptIfContentFileTypeMatches": [ - ], - "PowerBIDlpLocationException": [ + ], + "HeaderMatchesPatterns": null, + "ExceptIfHeaderMatchesPatterns": null, + "SubjectMatchesPatterns": [ - ], - "Locations": "", - "LocationInclusions": [ + ], + "ExceptIfSubjectMatchesPatterns": [ - ], - "LocationExclusions": [ + ], + "AnyOfRecipientAddressContainsWords": [ - ], - "ExchangeSender": [ + ], + "ExceptIfAnyOfRecipientAddressContainsWords": [ - ], - "ExchangeSenderException": [ + ], + "AnyOfRecipientAddressMatchesPatterns": [ - ], - "PolicyTemplateInfo": { + ], + "ExceptIfAnyOfRecipientAddressMatchesPatterns": [ - }, - "MatchedItemsCount": null, - "TotalItemsCount": null, - "TopNLocationStatistics": null, - "WorkloadStatistics": null, - "IsSimulationPolicy": false, - "SimulationStatus": null, - "AutoEnableAfter": null, - "IsFromSmartInsights": null, - "IsColdDataSimulationPolicy": false, - "ExtendedProperties": null, - "Summary": false, - "OneDriveSharedBy": [ + ], + "FromAddressMatchesPatterns": [ - ], - "ExceptIfOneDriveSharedBy": [ + ], + "ExceptIfFromAddressMatchesPatterns": [ - ], - "OneDriveSharedByMemberOf": [ + ], + "FromAddressContainsWords": [ ], - "ExceptIfOneDriveSharedByMemberOf": [ + "ExceptIfFromAddressContainsWords": [ ], - "ExchangeSenderMemberOf": [ + "SenderDomainIs": [ + + ], + "ExceptIfSenderDomainIs": [ ], - "ExchangeSenderMemberOfException": [ + "SentToMemberOf": null, + "ExceptIfSentToMemberOf": null, + "DocumentCreatedByMemberOf": null, + "ExceptIfDocumentCreatedByMemberOf": null, + "HasLabelDowngradedFrom": [ - ], - "ExchangeAdaptiveScopes": null, - "ExchangeAdaptiveScopesException": null, - "SharePointAdaptiveScopes": null, - "SharePointAdaptiveScopesException": null, - "OneDriveAdaptiveScopes": null, - "OneDriveAdaptiveScopesException": null, - "TeamsAdaptiveScopes": null, - "TeamsAdaptiveScopesException": null, - "EndpointDlpAdaptiveScopes": null, - "EndpointDlpAdaptiveScopesException": null, - "ExpectedLocations": 0, - "CompletedLocations": 0, - "FailedLocations": 0, - "ItemStatistics": null, - "RuleMatchBlob": null, - "ErrorMetadata": null, - "UserAdministrativeUnitMembershipMap": null, - "ForceValidate": false, - "PolicyRulesMetaData": "{\"WhenRulesChangedUtc\":\"2023-10-05T17:47:20.3689468Z\"}", - "Workload": "Exchange, SharePoint, OneDriveForBusiness, Teams, OnPremisesScanner", - "Priority": 1, - "ObjectVersion": "a9b7f29e-8530-4ed6-eae0-08dbfd7d90b1", - "CreatedBy": "", - "LastModifiedBy": "John Doe", + ], + "ContentIsShared": false, + "ExceptIfContentIsShared": false, + "SharedByIRMUserRisk": [ + + ], + "MessageLabelChangeDetected": null, + "ExceptIfMessageLabelChangeDetected": null, + "RuleErrorAction": null, + "RuleXml": "", "ReadOnly": false, + "ErrorMetadata": null, "ExternalIdentity": "", - "Comment": "This policy detects the presence of credit card numbers in externally shared documents and emails. End users are notified of the detection with the suggestion to consider either removing the sensitive data or restricting the sharing.", - "Enabled": true, - "DistributionStatus": "Pending", - "DistributionSyncStatus": "Unknown", - "DistributionResults": null, - "LastStatusUpdateTime": null, - "ModificationTimeUtc": "Date(1702673594337)", - "CreationTimeUtc": "Date(1614655720970)", - "PolicyRBACScopes": [ - - ], - "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Default Office 365 DLP policy", - "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Default Office 365 DLP policy", + "ImmutableId": "37de612f-186b-4069-918f-b4c6f90037a8", + "Priority": 0, + "Workload": "Exchange, SharePoint, OneDriveForBusiness, EndpointDevices", + "Policy": "2a4e7cb6-9da7-468f-a58e-42975ea7cd71", + "Comment": "Rule that blocks access to credit card numbers on devices.", + "Disabled": false, + "Mode": "Enforce", + "ObjectVersion": "69df3855-a67f-4b5a-1b8a-08dbfd7c0c88", + "MaximumBlobRuleLength": 0, + "CreatedBy": "John Public", + "LastModifiedBy": "John Public", + "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/CreditCardsOnly", + "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/CreditCardsOnly", "IsValid": true, "ExchangeVersion": "0.20 (15.0.0.0)", - "Name": "Default Office 365 DLP policy", - "DistinguishedName": "CN=Default Office 365 DLP policy,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", + "Name": "CreditCardsOnly", + "DistinguishedName": "CN=CreditCardsOnly,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", "ObjectCategory": null, "ObjectClass": [ - "msExchUnifiedPolicy" + "msExchUnifiedRule" ], - "WhenChanged": "Date(1702651994000)", - "WhenCreated": "Date(1617646100000)", - "WhenChangedUTC": "Date(1702651994000)", - "WhenCreatedUTC": "Date(1617646100000)", - "ExchangeObjectId": "8cb4f574-1a54-45e1-bf58-73bbe023ebad", + "WhenChanged": "Date(1702651343000)", + "WhenCreated": "Date(1702651343000)", + "WhenChangedUTC": "Date(1702651343000)", + "WhenCreatedUTC": "Date(1702651343000)", + "ExchangeObjectId": "cb32ef11-441c-4536-a40e-a062000a55c5", "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration", - "Guid": "8cb4f574-1a54-45e1-bf58-73bbe023ebad", "OriginatingServer": "", - "ObjectState": "Changed" + "ObjectState": "New", + "IsObjectUnderSystemOperation": false, + "IsSummarizedPsRule": false }, { - "Mode": "Enable", - "DisplayName": "Info_TypeITIN_Missing", - "Type": "Dlp", - "ExchangeLocation": [ - - ], - "SharePointLocation": [ + "SubjectContainsWords": [ - ], - "SharePointLocationException": [ + ], + "ExceptIfSubjectContainsWords": [ - ], - "OneDriveLocation": [ + ], + "SubjectOrBodyMatchesPatterns": [ - ], - "OneDriveLocationException": [ + ], + "ExceptIfSubjectOrBodyMatchesPatterns": [ - ], - "ExchangeOnPremisesLocation": [ + ], + "SubjectOrBodyContainsWords": [ ], - "SharePointOnPremisesLocation": [ + "ExceptIfSubjectOrBodyContainsWords": [ - ], - "SharePointOnPremisesLocationException": [ + ], + "DocumentMatchesPatterns": [ - ], - "TeamsLocation": [ - "All" - ], - "TeamsLocationException": [ + ], + "ExceptIfDocumentMatchesPatterns": [ - ], - "EndpointDlpLocation": [ + ], + "DocumentContainsWords": [ - ], - "EndpointDlpLocationException": [ + ], + "ExceptIfDocumentContainsWords": [ - ], - "ThirdPartyAppDlpLocation": [ + ], + "SenderADAttributeMatchesPatterns": null, + "ExceptIfSenderADAttributeMatchesPatterns": null, + "SenderADAttributeContainsWords": null, + "ExceptIfSenderADAttributeContainsWords": null, + "RecipientADAttributeMatchesPatterns": null, + "ExceptIfRecipientADAttributeMatchesPatterns": null, + "RecipientADAttributeContainsWords": null, + "ExceptIfRecipientADAttributeContainsWords": null, + "ContentCharacterSetContainsWords": [ - ], - "ThirdPartyAppDlpLocationException": [ + ], + "ExceptIfContentCharacterSetContainsWords": [ - ], - "OnPremisesScannerDlpLocation": [ + ], + "DocumentNameMatchesPatterns": [ - ], - "OnPremisesScannerDlpLocationException": [ + ], + "ExceptIfDocumentNameMatchesPatterns": [ - ], - "PowerBIDlpLocation": [ + ], + "MessageSizeOver": "", + "ExceptIfMessageSizeOver": "", + "AttachmentCountOver": null, + "MessageTypeMatches": null, + "ExceptIfMessageTypeMatches": null, + "UnscannableDocumentExtensionIs": [ - ], - "PowerBIDlpLocationException": [ + ], + "ExceptIfUnscannableDocumentExtensionIs": [ + + ], + "HeaderContainsWords": null, + "ExceptIfHeaderContainsWords": null, + "HeaderContainsTokens": null, + "ExceptIfHeaderContainsTokens": null, + "DeviceManagementType": null, + "ExceptIfDeviceManagementType": null, + "AccessedBy": [ - ], - "Locations": "", - "LocationInclusions": [ + ], + "ExceptIfAccessedBy": [ ], - "LocationExclusions": [ + "AccessedByMemberOf": [ ], - "ExchangeSender": [ - - ], - "ExchangeSenderException": [ + "ExceptIfAccessedByMemberOf": [ + ], + "BlockAccess": true, + "BlockAccessScope": "All", + "EncryptRMSTemplate": null, + "EnforcePortalAccess": true, + "ApplyBrandingTemplate": "", + "RemoveRMSTemplate": false, + "EndpointDlpRestrictions": [ + { + "setting": "CloudEgress", + "defaultmessage": "none", + "value": "Audit", + "appgroup": "none" + }, + { + "setting": "CopyPaste", + "defaultmessage": "none", + "value": "Audit", + "appgroup": "none" + }, + { + "setting": "RemovableMedia", + "defaultmessage": "none", + "value": "Audit", + "appgroup": "none" + }, + { + "setting": "NetworkShare", + "defaultmessage": "none", + "value": "Audit", + "appgroup": "none" + }, + { + "setting": "UnallowedApps", + "defaultmessage": "none", + "value": "Block", + "appgroup": "none" + }, + { + "setting": "Print", + "defaultmessage": "none", + "value": "Audit", + "appgroup": "none" + } ], - "PolicyTemplateInfo": null, - "MatchedItemsCount": null, - "TotalItemsCount": null, - "TopNLocationStatistics": null, - "WorkloadStatistics": null, - "IsSimulationPolicy": false, - "SimulationStatus": null, - "AutoEnableAfter": null, - "IsFromSmartInsights": null, - "IsColdDataSimulationPolicy": false, - "ExtendedProperties": null, - "Summary": false, - "OneDriveSharedBy": [ - - ], - "ExceptIfOneDriveSharedBy": [ + "EndpointDlpBrowserRestrictions": null, + "ThirdPartyAppDlpRestrictions": null, + "OnPremisesScannerDlpRestrictions": null, + "PowerBIDlpRestrictions": null, + "AlertProperties": { + "AggregationType": "None" + }, + "GenerateAlert": [ + "true" + ], + "GenerateIncidentReport": [ - ], - "OneDriveSharedByMemberOf": [ + ], + "IncidentReportContent": null, + "NotifyUser": [ + "LastModifier" + ], + "NotifyAllowOverride": null, + "NotifyEmailCustomText": "", + "NotifyEmailCustomSubject": "", + "NotifyEmailCustomSenderDisplayName": "", + "NotifyEmailExchangeIncludeAttachment": true, + "NotifyEmailOnedriveRemediationActions": "NotSet", + "NotifyJustificationCustomText": "", + "NotifyJustificationCustomTextTranslations": [ - ], - "ExceptIfOneDriveSharedByMemberOf": [ + ], + "NotifyPolicyTipCustomText": "", + "NotifyUserType": "NotSet", + "NotifyPolicyTipCustomTextTranslations": [ - ], - "ExchangeSenderMemberOf": [ + ], + "NotifyOverrideRequirements": "None", + "NotifyPolicyTipDisplayOption": "Tip", + "NotifyPolicyTipUrl": "", + "NotifyPolicyTipCustomDialog": "", + "NotifyEndpointUser": null, + "RemoveHeader": [ - ], - "ExchangeSenderMemberOfException": [ + ], + "AccessTimeControl": null, + "StopPolicyProcessing": false, + "SetHeader": null, + "AddRecipients": null, + "Moderate": null, + "ModifySubject": null, + "MapRecipients": null, + "RedirectMessageTo": null, + "PrependSubject": "", + "ApplyHtmlDisclaimer": null, + "Quarantine": false, + "TriggerPowerAutomateFlow": "", + "RestrictAccess": null, + "MipRestrictAccess": null, + "SourceType": "", + "Guid": "33285a89-e80c-4522-9954-ef58ab4e383a", + "AdvancedRuleBuilderContext": null, + "ParentPolicyName": "Escaped characters such as \\.\\O\\S\\T seem to be an issue.", + "ReportSeverityLevel": "Low", + "ActivationDate": null, + "ExpiryDate": null, + "SenderType": null, + "SenderAddressLocation": null, + "AdvancedRule": "{\r\n \"Version\": \"1.0\",\r\n \"Condition\": {\r\n \"Operator\": \"And\",\r\n \"SubConditions\": [\r\n {\r\n \"ConditionName\": \"ContentContainsSensitiveInformation\",\r\n \"Value\": [\r\n {\r\n \"Groups\": [\r\n {\r\n \"Name\": \"Sensitive Info Types with escapes \\\\.\\\\O\\\\S\\\\T\",\r\n \"Operator\": \"Or\",\r\n \"Sensitivetypes\": [\r\n {\r\n \"Name\": \"Credit Card Number\",\r\n \"Id\": \"50842eb7-edc8-4019-85dd-5a5c1f2bb085\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"High\",\r\n \"Minconfidence\": 85,\r\n \"Maxconfidence\": 100\r\n },\r\n {\r\n \"Name\": \"U.S. Individual Taxpayer Identification Number (ITIN)\",\r\n \"Id\": \"e55e2a32-f92d-4985-a35d-a0b269eb687b\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"Medium\",\r\n \"Minconfidence\": 75,\r\n \"Maxconfidence\": 100\r\n },\r\n {\r\n \"Name\": \"U.S. Social Security Number (SSN)\",\r\n \"Id\": \"a44669fe-0d48-453d-a9b1-2cc83f2cba77\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"Medium\",\r\n \"Minconfidence\": 75,\r\n \"Maxconfidence\": 100\r\n }\r\n ]\r\n }\r\n ],\r\n \"Operator\": \"And\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}", + "ExecutionRuleGuids": null, + "DisplayName": "Are escaped rule names a problem", + "StorageBindings": null, + "EvaluateRulePerComponent": false, + "IsAdvancedRule": true, + "ContentContainsSensitiveInformation": null, + "ExceptIfContentContainsSensitiveInformation": null, + "ContentMissingSensitivityLabel": null, + "ContentIsNotLabeled": false, + "AttachmentIsNotLabeled": false, + "MessageIsNotLabeled": false, + "DocumentCreatedBy": [ - ], - "ExchangeAdaptiveScopes": null, - "ExchangeAdaptiveScopesException": null, - "SharePointAdaptiveScopes": null, - "SharePointAdaptiveScopesException": null, - "OneDriveAdaptiveScopes": null, - "OneDriveAdaptiveScopesException": null, - "TeamsAdaptiveScopes": null, - "TeamsAdaptiveScopesException": null, - "EndpointDlpAdaptiveScopes": null, - "EndpointDlpAdaptiveScopesException": null, - "ExpectedLocations": 0, - "CompletedLocations": 0, - "FailedLocations": 0, - "ItemStatistics": null, - "RuleMatchBlob": null, - "ErrorMetadata": null, - "UserAdministrativeUnitMembershipMap": null, - "ForceValidate": false, - "PolicyRulesMetaData": "{\"WhenRulesChangedUtc\":\"2023-12-15T14:39:23.8092225Z\"}", - "Workload": "Exchange, SharePoint, OneDriveForBusiness, Teams", - "Priority": 5, - "ObjectVersion": "e302b4e8-6634-4c91-9616-08dbfd7bb1d1", - "CreatedBy": "John Doe", - "LastModifiedBy": "John Doe", - "ReadOnly": false, - "ExternalIdentity": "", - "Comment": "Custom policy meets all requirements for DLP under baseline EXCEPT it is missing the ITIN and instead has UK passports listed.", - "Enabled": true, - "DistributionStatus": "Pending", - "DistributionSyncStatus": "Unknown", - "DistributionResults": null, - "LastStatusUpdateTime": null, - "ModificationTimeUtc": "Date(1702672790917)", - "CreationTimeUtc": "Date(1702672630117)", - "PolicyRBACScopes": [ + ], + "ExceptIfDocumentCreatedBy": [ - ], - "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Info_TypeITIN_Missing", - "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Info_TypeITIN_Missing", - "IsValid": true, - "ExchangeVersion": "0.20 (15.0.0.0)", - "Name": "Info_TypeITIN_Missing", - "DistinguishedName": "CN=Info_TypeITIN_Missing,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", - "ObjectCategory": null, - "ObjectClass": [ - "msExchUnifiedPolicy" - ], - "WhenChanged": "Date(1702651190000)", - "WhenCreated": "Date(1702651030000)", - "WhenChangedUTC": "Date(1702651190000)", - "WhenCreatedUTC": "Date(1702651030000)", - "ExchangeObjectId": "0362dd12-1c3e-484b-983a-3b600a6f9e2a", - "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", - "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration", - "Guid": "0362dd12-1c3e-484b-983a-3b600a6f9e2a", - "OriginatingServer": "", - "ObjectState": "Changed" - }, - { - "Mode": "Enable", - "DisplayName": "DevicePolicy_CCOnly", - "Type": "Dlp", - "ExchangeLocation": [ + ], + "DocumentSizeOver": "", + "ExceptIfDocumentSizeOver": "", + "DocumentNameMatchesWords": [ - ], - "SharePointLocation": [ + ], + "ExceptIfDocumentNameMatchesWords": [ - ], - "SharePointLocationException": [ + ], + "AccessScope": null, + "NonBifurcatingAccessScope": null, + "ExceptIfAccessScope": null, + "FromScope": null, + "ExceptIfFromScope": null, + "WithImportance": null, + "ExceptIfWithImportance": null, + "ExternalScenarioDependancies": { + "ProtectionAlertId": "96e8531f-40be-418f-8c4f-341009daf3bb" + }, + "ContentPropertyContainsWords": [ - ], - "OneDriveLocation": [ + ], + "ExceptIfContentPropertyContainsWords": [ - ], - "OneDriveLocationException": [ + ], + "From": null, + "ExceptIfFrom": null, + "FromMemberOf": null, + "ExceptIfFromMemberOf": null, + "DocumentIsUnsupported": false, + "ExceptIfDocumentIsUnsupported": false, + "HasSenderOverride": false, + "ExceptIfHasSenderOverride": false, + "RestrictBrowserAccess": false, + "ProcessingLimitExceeded": false, + "ExceptIfProcessingLimitExceeded": false, + "SentTo": [ - ], - "ExchangeOnPremisesLocation": [ + ], + "ExceptIfSentTo": [ - ], - "SharePointOnPremisesLocation": [ + ], + "RecipientDomainIs": [ - ], - "SharePointOnPremisesLocationException": [ + ], + "ExceptIfRecipientDomainIs": [ - ], - "TeamsLocation": [ + ], + "DocumentIsPasswordProtected": false, + "ExceptIfDocumentIsPasswordProtected": false, + "SenderIPRanges": [ - ], - "TeamsLocationException": [ + ], + "ExceptIfSenderIPRanges": [ ], - "EndpointDlpLocation": [ - "All" - ], - "EndpointDlpLocationException": [ + "ContentExtensionMatchesWords": [ ], - "ThirdPartyAppDlpLocation": [ - - ], - "ThirdPartyAppDlpLocationException": [ + "ExceptIfContentExtensionMatchesWords": [ - ], - "OnPremisesScannerDlpLocation": [ + ], + "ContentFileTypeMatches": [ - ], - "OnPremisesScannerDlpLocationException": [ + ], + "ExceptIfContentFileTypeMatches": [ - ], - "PowerBIDlpLocation": [ + ], + "HeaderMatchesPatterns": null, + "ExceptIfHeaderMatchesPatterns": null, + "SubjectMatchesPatterns": [ - ], - "PowerBIDlpLocationException": [ + ], + "ExceptIfSubjectMatchesPatterns": [ - ], - "Locations": "", - "LocationInclusions": [ + ], + "AnyOfRecipientAddressContainsWords": [ - ], - "LocationExclusions": [ + ], + "ExceptIfAnyOfRecipientAddressContainsWords": [ - ], - "ExchangeSender": [ + ], + "AnyOfRecipientAddressMatchesPatterns": [ - ], - "ExchangeSenderException": [ + ], + "ExceptIfAnyOfRecipientAddressMatchesPatterns": [ - ], - "PolicyTemplateInfo": null, - "MatchedItemsCount": null, - "TotalItemsCount": null, - "TopNLocationStatistics": null, - "WorkloadStatistics": null, - "IsSimulationPolicy": false, - "SimulationStatus": null, - "AutoEnableAfter": null, - "IsFromSmartInsights": null, - "IsColdDataSimulationPolicy": false, - "ExtendedProperties": null, - "Summary": false, - "OneDriveSharedBy": [ + ], + "FromAddressMatchesPatterns": [ - ], - "ExceptIfOneDriveSharedBy": [ + ], + "ExceptIfFromAddressMatchesPatterns": [ - ], - "OneDriveSharedByMemberOf": [ + ], + "FromAddressContainsWords": [ ], - "ExceptIfOneDriveSharedByMemberOf": [ + "ExceptIfFromAddressContainsWords": [ ], - "ExchangeSenderMemberOf": [ + "SenderDomainIs": [ + + ], + "ExceptIfSenderDomainIs": [ ], - "ExchangeSenderMemberOfException": [ + "SentToMemberOf": null, + "ExceptIfSentToMemberOf": null, + "DocumentCreatedByMemberOf": null, + "ExceptIfDocumentCreatedByMemberOf": null, + "HasLabelDowngradedFrom": [ - ], - "ExchangeAdaptiveScopes": null, - "ExchangeAdaptiveScopesException": null, - "SharePointAdaptiveScopes": null, - "SharePointAdaptiveScopesException": null, - "OneDriveAdaptiveScopes": null, - "OneDriveAdaptiveScopesException": null, - "TeamsAdaptiveScopes": null, - "TeamsAdaptiveScopesException": null, - "EndpointDlpAdaptiveScopes": null, - "EndpointDlpAdaptiveScopesException": null, - "ExpectedLocations": 0, - "CompletedLocations": 0, - "FailedLocations": 0, - "ItemStatistics": null, - "RuleMatchBlob": null, - "ErrorMetadata": null, - "UserAdministrativeUnitMembershipMap": null, - "ForceValidate": false, - "PolicyRulesMetaData": "{\"WhenRulesChangedUtc\":\"2023-12-15T14:42:23.5450374Z\"}", - "Workload": "Exchange, SharePoint, OneDriveForBusiness, EndpointDevices", - "Priority": 6, - "ObjectVersion": "2b7e0c63-b0d5-4338-dc06-08dbfd7c0cca", - "CreatedBy": "John Doe", - "LastModifiedBy": "John Doe", + ], + "ContentIsShared": false, + "ExceptIfContentIsShared": false, + "SharedByIRMUserRisk": [ + + ], + "MessageLabelChangeDetected": null, + "ExceptIfMessageLabelChangeDetected": null, + "RuleErrorAction": null, + "RuleXml": "", "ReadOnly": false, + "ErrorMetadata": null, "ExternalIdentity": "", - "Comment": "Custom policy that protects devices by blocking access to credit card numbers only.", - "Enabled": true, - "DistributionStatus": "Pending", - "DistributionSyncStatus": "Unknown", - "DistributionResults": null, - "LastStatusUpdateTime": null, - "ModificationTimeUtc": "Date(1702672943547)", - "CreationTimeUtc": "Date(1702672936403)", - "PolicyRBACScopes": [ - - ], - "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/DevicePolicy_CCOnly", - "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/DevicePolicy_CCOnly", + "ImmutableId": "07fef34e-65b6-459f-a460-ec6d1ac8edb0", + "Priority": 0, + "Workload": "Exchange, SharePoint, OneDriveForBusiness, Teams, EndpointDevices", + "Policy": "3e6ae832-d413-498e-9cc1-6b725713992b", + "Comment": "Checking for issues with escapes in rule names.", + "Disabled": false, + "Mode": "Enforce", + "ObjectVersion": "e0cb8e78-e9f8-4aa3-2f31-08dc4aa0ac8c", + "MaximumBlobRuleLength": 0, + "CreatedBy": "John Public", + "LastModifiedBy": "John Public", + "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Are escaped rule names a problem", + "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Are escaped rule names a problem", "IsValid": true, "ExchangeVersion": "0.20 (15.0.0.0)", - "Name": "DevicePolicy_CCOnly", - "DistinguishedName": "CN=DevicePolicy_CCOnly,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", + "Name": "Are escaped rule names a problem", + "DistinguishedName": "CN=Are escaped rule names a problem,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", "ObjectCategory": null, "ObjectClass": [ - "msExchUnifiedPolicy" + "msExchUnifiedRule" ], - "WhenChanged": "Date(1702651343000)", - "WhenCreated": "Date(1702651336000)", - "WhenChangedUTC": "Date(1702651343000)", - "WhenCreatedUTC": "Date(1702651336000)", - "ExchangeObjectId": "2a4e7cb6-9da7-468f-a58e-42975ea7cd71", + "WhenChanged": "Date(1711133312000)", + "WhenCreated": "Date(1711133312000)", + "WhenChangedUTC": "Date(1711133312000)", + "WhenCreatedUTC": "Date(1711133312000)", + "ExchangeObjectId": "33285a89-e80c-4522-9954-ef58ab4e383a", "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration", - "Guid": "2a4e7cb6-9da7-468f-a58e-42975ea7cd71", "OriginatingServer": "", - "ObjectState": "Changed" - } -], - "dlp_compliance_rules": [ + "ObjectState": "New", + "IsObjectUnderSystemOperation": false, + "IsSummarizedPsRule": false + }, { "SubjectContainsWords": [ @@ -11321,6 +11364,7 @@ ], "MessageSizeOver": "", "ExceptIfMessageSizeOver": "", + "AttachmentCountOver": null, "MessageTypeMatches": null, "ExceptIfMessageTypeMatches": null, "UnscannableDocumentExtensionIs": [ @@ -11347,8 +11391,8 @@ "ExceptIfAccessedByMemberOf": [ ], - "BlockAccess": true, - "BlockAccessScope": "All", + "BlockAccess": false, + "BlockAccessScope": null, "EncryptRMSTemplate": null, "EnforcePortalAccess": true, "ApplyBrandingTemplate": "", @@ -11369,25 +11413,25 @@ ], "IncidentReportContent": null, "NotifyUser": [ - "LastModifier" + ], "NotifyAllowOverride": null, "NotifyEmailCustomText": "", "NotifyEmailCustomSubject": "", "NotifyEmailCustomSenderDisplayName": "", "NotifyEmailExchangeIncludeAttachment": true, - "NotifyEmailOnedriveRemediationActions": "NotSet", + "NotifyEmailOnedriveRemediationActions": null, "NotifyJustificationCustomText": "", "NotifyJustificationCustomTextTranslations": [ ], "NotifyPolicyTipCustomText": "", - "NotifyUserType": "NotSet", + "NotifyUserType": null, "NotifyPolicyTipCustomTextTranslations": [ ], - "NotifyOverrideRequirements": "None", - "NotifyPolicyTipDisplayOption": "Tip", + "NotifyOverrideRequirements": null, + "NotifyPolicyTipDisplayOption": null, "NotifyPolicyTipUrl": "", "NotifyPolicyTipCustomDialog": "", "NotifyEndpointUser": null, @@ -11407,22 +11451,54 @@ "Quarantine": false, "TriggerPowerAutomateFlow": "", "RestrictAccess": null, + "MipRestrictAccess": null, "SourceType": "", - "Guid": "a7739b6b-9831-467a-a355-3ba7aab938bc", + "Guid": "53b168f2-012b-4d2f-a15c-1e05bedae10d", "AdvancedRuleBuilderContext": null, - "ParentPolicyName": "Info_TypeITIN_Missing", + "ParentPolicyName": "PR Test Policy", "ReportSeverityLevel": "Low", "ActivationDate": null, "ExpiryDate": null, "SenderType": null, "SenderAddressLocation": null, - "AdvancedRule": "{\r\n \"Version\": \"1.0\",\r\n \"Condition\": {\r\n \"Operator\": \"And\",\r\n \"SubConditions\": [\r\n {\r\n \"ConditionName\": \"ContentContainsSensitiveInformation\",\r\n \"Value\": [\r\n {\r\n \"Groups\": [\r\n {\r\n \"Name\": \"BadInfoTypes\",\r\n \"Operator\": \"Or\",\r\n \"Sensitivetypes\": [\r\n {\r\n \"Name\": \"U.S. Social Security Number (SSN)\",\r\n \"Id\": \"a44669fe-0d48-453d-a9b1-2cc83f2cba77\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"Medium\",\r\n \"Minconfidence\": 75,\r\n \"Maxconfidence\": 100\r\n },\r\n {\r\n \"Name\": \"U.S. / U.K. Passport Number\",\r\n \"Id\": \"178ec42a-18b4-47cc-85c7-d62c92fd67f8\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"Medium\",\r\n \"Minconfidence\": 75,\r\n \"Maxconfidence\": 100\r\n },\r\n {\r\n \"Name\": \"Credit Card Number\",\r\n \"Id\": \"50842eb7-edc8-4019-85dd-5a5c1f2bb085\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"High\",\r\n \"Minconfidence\": 85,\r\n \"Maxconfidence\": 100\r\n }\r\n ]\r\n }\r\n ],\r\n \"Operator\": \"And\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}", + "AdvancedRule": "{\r\n \"Version\": \"1.0\",\r\n \"Condition\": {\r\n \"Operator\": \"And\",\r\n \"SubConditions\": [\r\n {\r\n \"ConditionName\": \"ContentContainsSensitiveInformation\",\r\n \"Value\": [\r\n {\r\n \"id\": \"a44669fe-0d48-453d-a9b1-2cc83f2cba77\",\r\n \"maxconfidence\": \"100\",\r\n \"name\": \"U.S. Social Security Number (SSN)\",\r\n \"maxcount\": \"-1\",\r\n \"minconfidence\": \"75\",\r\n \"classifiertype\": \"Content\",\r\n \"mincount\": \"1\",\r\n \"confidencelevel\": \"Medium\"\r\n },\r\n {\r\n \"id\": \"50842eb7-edc8-4019-85dd-5a5c1f2bb085\",\r\n \"maxconfidence\": \"100\",\r\n \"name\": \"Credit Card Number\",\r\n \"maxcount\": \"-1\",\r\n \"minconfidence\": \"85\",\r\n \"classifiertype\": \"Content\",\r\n \"mincount\": \"1\",\r\n \"confidencelevel\": \"High\"\r\n },\r\n {\r\n \"id\": \"e55e2a32-f92d-4985-a35d-a0b269eb687b\",\r\n \"maxconfidence\": \"100\",\r\n \"name\": \"U.S. Individual Taxpayer Identification Number (ITIN)\",\r\n \"maxcount\": \"-1\",\r\n \"minconfidence\": \"75\",\r\n \"classifiertype\": \"Content\",\r\n \"mincount\": \"1\",\r\n \"confidencelevel\": \"Medium\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}", "ExecutionRuleGuids": null, - "DisplayName": "Missing_ITIN_Has_UKPassports", + "DisplayName": "PII-temp", "StorageBindings": null, "EvaluateRulePerComponent": false, - "IsAdvancedRule": true, - "ContentContainsSensitiveInformation": null, + "IsAdvancedRule": false, + "ContentContainsSensitiveInformation": [ + { + "maxconfidence": "100", + "confidencelevel": "Medium", + "id": "a44669fe-0d48-453d-a9b1-2cc83f2cba77", + "minconfidence": "75", + "classifiertype": "Content", + "name": "U.S. Social Security Number (SSN)", + "mincount": "1", + "maxcount": "-1" + }, + { + "maxconfidence": "100", + "confidencelevel": "High", + "id": "50842eb7-edc8-4019-85dd-5a5c1f2bb085", + "minconfidence": "85", + "classifiertype": "Content", + "name": "Credit Card Number", + "mincount": "1", + "maxcount": "-1" + }, + { + "maxconfidence": "100", + "confidencelevel": "Medium", + "id": "e55e2a32-f92d-4985-a35d-a0b269eb687b", + "minconfidence": "75", + "classifiertype": "Content", + "name": "U.S. Individual Taxpayer Identification Number (ITIN)", + "mincount": "1", + "maxcount": "-1" + } + ], "ExceptIfContentContainsSensitiveInformation": null, "ContentMissingSensitivityLabel": null, "ContentIsNotLabeled": false, @@ -11450,7 +11526,7 @@ "WithImportance": null, "ExceptIfWithImportance": null, "ExternalScenarioDependancies": { - "ProtectionAlertId": "e95437f3-7b8b-4055-9383-2686e02de873" + "ProtectionAlertId": "48c87377-6fdd-45d7-91a6-bbbebd3d99f8" }, "ContentPropertyContainsWords": [ @@ -11558,37 +11634,38 @@ "ReadOnly": false, "ErrorMetadata": null, "ExternalIdentity": "", - "ImmutableId": "6c63bd2e-3caf-4817-bab8-1794c388b8c8", + "ImmutableId": "8328f2c9-860e-4bbd-9f5c-1ef615a64947", "Priority": 0, - "Workload": "Exchange, SharePoint, OneDriveForBusiness, Teams", - "Policy": "0362dd12-1c3e-484b-983a-3b600a6f9e2a", - "Comment": "Sensitive info types required except ITIN. Has additional UK Passports instead.", + "Workload": "Exchange, SharePoint, OneDriveForBusiness, Teams, ThirdPartyApps", + "Policy": "46f77b71-78a1-428f-a433-a7c8cca1c6e7", + "Comment": "", "Disabled": false, "Mode": "Enforce", - "ObjectVersion": "d1826caf-850a-4c5a-c335-08dbfd7bb17b", + "ObjectVersion": "a1351454-19ea-4b35-14d0-08dbd1737c02", "MaximumBlobRuleLength": 0, "CreatedBy": "John Doe", "LastModifiedBy": "John Doe", - "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Missing_ITIN_Has_UKPassports", - "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Missing_ITIN_Has_UKPassports", + "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/PII-temp", + "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/PII-temp", "IsValid": true, "ExchangeVersion": "0.20 (15.0.0.0)", - "Name": "Missing_ITIN_Has_UKPassports", - "DistinguishedName": "CN=Missing_ITIN_Has_UKPassports,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", + "Name": "PII-temp", + "DistinguishedName": "CN=PII-temp,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", "ObjectCategory": null, "ObjectClass": [ "msExchUnifiedRule" ], - "WhenChanged": "Date(1702651190000)", - "WhenCreated": "Date(1702651039000)", - "WhenChangedUTC": "Date(1702651190000)", - "WhenCreatedUTC": "Date(1702651039000)", - "ExchangeObjectId": "a7739b6b-9831-467a-a355-3ba7aab938bc", + "WhenChanged": "Date(1697809813000)", + "WhenCreated": "Date(1697725866000)", + "WhenChangedUTC": "Date(1697809813000)", + "WhenCreatedUTC": "Date(1697725866000)", + "ExchangeObjectId": "53b168f2-012b-4d2f-a15c-1e05bedae10d", "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration", "OriginatingServer": "", "ObjectState": "Changed", - "IsObjectUnderSystemOperation": false + "IsObjectUnderSystemOperation": false, + "IsSummarizedPsRule": false }, { "SubjectContainsWords": [ @@ -11643,6 +11720,7 @@ ], "MessageSizeOver": "", "ExceptIfMessageSizeOver": "", + "AttachmentCountOver": null, "MessageTypeMatches": null, "ExceptIfMessageTypeMatches": null, "UnscannableDocumentExtensionIs": [ @@ -11666,53 +11744,16 @@ "AccessedByMemberOf": [ ], - "ExceptIfAccessedByMemberOf": [ - - ], - "BlockAccess": false, - "BlockAccessScope": null, - "EncryptRMSTemplate": null, - "EnforcePortalAccess": true, - "ApplyBrandingTemplate": "", - "RemoveRMSTemplate": false, - "EndpointDlpRestrictions": [ - { - "setting": "CloudEgress", - "defaultmessage": "none", - "value": "Audit", - "appgroup": "none" - }, - { - "setting": "CopyPaste", - "defaultmessage": "none", - "value": "Audit", - "appgroup": "none" - }, - { - "setting": "RemovableMedia", - "defaultmessage": "none", - "value": "Audit", - "appgroup": "none" - }, - { - "setting": "NetworkShare", - "defaultmessage": "none", - "value": "Audit", - "appgroup": "none" - }, - { - "setting": "UnallowedApps", - "defaultmessage": "none", - "value": "Block", - "appgroup": "none" - }, - { - "setting": "Print", - "defaultmessage": "none", - "value": "Audit", - "appgroup": "none" - } - ], + "ExceptIfAccessedByMemberOf": [ + + ], + "BlockAccess": true, + "BlockAccessScope": "All", + "EncryptRMSTemplate": null, + "EnforcePortalAccess": true, + "ApplyBrandingTemplate": "", + "RemoveRMSTemplate": false, + "EndpointDlpRestrictions": null, "EndpointDlpBrowserRestrictions": null, "ThirdPartyAppDlpRestrictions": null, "OnPremisesScannerDlpRestrictions": null, @@ -11728,25 +11769,25 @@ ], "IncidentReportContent": null, "NotifyUser": [ - "LastModifier" + ], "NotifyAllowOverride": null, "NotifyEmailCustomText": "", "NotifyEmailCustomSubject": "", "NotifyEmailCustomSenderDisplayName": "", "NotifyEmailExchangeIncludeAttachment": true, - "NotifyEmailOnedriveRemediationActions": "NotSet", + "NotifyEmailOnedriveRemediationActions": null, "NotifyJustificationCustomText": "", "NotifyJustificationCustomTextTranslations": [ ], "NotifyPolicyTipCustomText": "", - "NotifyUserType": "NotSet", + "NotifyUserType": null, "NotifyPolicyTipCustomTextTranslations": [ ], - "NotifyOverrideRequirements": "None", - "NotifyPolicyTipDisplayOption": "Tip", + "NotifyOverrideRequirements": null, + "NotifyPolicyTipDisplayOption": null, "NotifyPolicyTipUrl": "", "NotifyPolicyTipCustomDialog": "", "NotifyEndpointUser": null, @@ -11766,18 +11807,19 @@ "Quarantine": false, "TriggerPowerAutomateFlow": "", "RestrictAccess": null, + "MipRestrictAccess": null, "SourceType": "", - "Guid": "cb32ef11-441c-4536-a40e-a062000a55c5", + "Guid": "b01a6475-0529-411d-8d00-53cb06de1804", "AdvancedRuleBuilderContext": null, - "ParentPolicyName": "DevicePolicy_CCOnly", + "ParentPolicyName": "Defender Baseline Testing Policy", "ReportSeverityLevel": "Low", "ActivationDate": null, "ExpiryDate": null, "SenderType": null, "SenderAddressLocation": null, - "AdvancedRule": "{\r\n \"Version\": \"1.0\",\r\n \"Condition\": {\r\n \"Operator\": \"And\",\r\n \"SubConditions\": [\r\n {\r\n \"ConditionName\": \"ContentContainsSensitiveInformation\",\r\n \"Value\": [\r\n {\r\n \"Groups\": [\r\n {\r\n \"Name\": \"CCOnly\",\r\n \"Operator\": \"Or\",\r\n \"Sensitivetypes\": [\r\n {\r\n \"Name\": \"Credit Card Number\",\r\n \"Id\": \"50842eb7-edc8-4019-85dd-5a5c1f2bb085\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"High\",\r\n \"Minconfidence\": 85,\r\n \"Maxconfidence\": 100\r\n }\r\n ]\r\n }\r\n ],\r\n \"Operator\": \"And\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}", + "AdvancedRule": "{\r\n \"Version\": \"1.0\",\r\n \"Condition\": {\r\n \"Operator\": \"And\",\r\n \"SubConditions\": [\r\n {\r\n \"ConditionName\": \"ContentContainsSensitiveInformation\",\r\n \"Value\": [\r\n {\r\n \"Groups\": [\r\n {\r\n \"Name\": \"Default\",\r\n \"Operator\": \"Or\",\r\n \"Sensitivetypes\": [\r\n {\r\n \"Name\": \"Credit Card Number\",\r\n \"Id\": \"50842eb7-edc8-4019-85dd-5a5c1f2bb085\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"High\",\r\n \"Minconfidence\": 85,\r\n \"Maxconfidence\": 100\r\n },\r\n {\r\n \"Name\": \"U.S. Individual Taxpayer Identification Number (ITIN)\",\r\n \"Id\": \"e55e2a32-f92d-4985-a35d-a0b269eb687b\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"Medium\",\r\n \"Minconfidence\": 75,\r\n \"Maxconfidence\": 100\r\n },\r\n {\r\n \"Name\": \"U.S. Social Security Number (SSN)\",\r\n \"Id\": \"a44669fe-0d48-453d-a9b1-2cc83f2cba77\",\r\n \"Mincount\": 1,\r\n \"Maxcount\": -1,\r\n \"Confidencelevel\": \"Medium\",\r\n \"Minconfidence\": 75,\r\n \"Maxconfidence\": 100\r\n }\r\n ]\r\n }\r\n ],\r\n \"Operator\": \"And\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}", "ExecutionRuleGuids": null, - "DisplayName": "CreditCardsOnly", + "DisplayName": "Default", "StorageBindings": null, "EvaluateRulePerComponent": false, "IsAdvancedRule": true, @@ -11809,7 +11851,7 @@ "WithImportance": null, "ExceptIfWithImportance": null, "ExternalScenarioDependancies": { - "ProtectionAlertId": "d46f69a5-6277-49fc-ad26-e0b701c034d0" + "ProtectionAlertId": "7d53937e-b4f5-45d0-9bd8-7ea0305553bb" }, "ContentPropertyContainsWords": [ @@ -11917,39 +11959,39 @@ "ReadOnly": false, "ErrorMetadata": null, "ExternalIdentity": "", - "ImmutableId": "37de612f-186b-4069-918f-b4c6f90037a8", + "ImmutableId": "5090ec10-3b5b-464b-b789-4e65bc6b5e3e", "Priority": 0, - "Workload": "Exchange, SharePoint, OneDriveForBusiness, EndpointDevices", - "Policy": "2a4e7cb6-9da7-468f-a58e-42975ea7cd71", - "Comment": "Rule that blocks access to credit card numbers on devices.", + "Workload": "Exchange, SharePoint, OneDriveForBusiness, Teams", + "Policy": "8038a28b-7b5c-42a8-a852-4bb68707afec", + "Comment": "", "Disabled": false, "Mode": "Enforce", - "ObjectVersion": "69df3855-a67f-4b5a-1b8a-08dbfd7c0c88", + "ObjectVersion": "3b836b63-457d-441d-dd73-08dbc5db81c6", "MaximumBlobRuleLength": 0, - "CreatedBy": "John Doe", - "LastModifiedBy": "John Doe", - "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/CreditCardsOnly", - "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/CreditCardsOnly", + "CreatedBy": "John Public", + "LastModifiedBy": "John Public", + "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Default", + "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Default", "IsValid": true, "ExchangeVersion": "0.20 (15.0.0.0)", - "Name": "CreditCardsOnly", - "DistinguishedName": "CN=CreditCardsOnly,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", + "Name": "Default", + "DistinguishedName": "CN=Default,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", "ObjectCategory": null, "ObjectClass": [ "msExchUnifiedRule" ], - "WhenChanged": "Date(1702651343000)", - "WhenCreated": "Date(1702651343000)", - "WhenChangedUTC": "Date(1702651343000)", - "WhenCreatedUTC": "Date(1702651343000)", - "ExchangeObjectId": "cb32ef11-441c-4536-a40e-a062000a55c5", + "WhenChanged": "Date(1696535076000)", + "WhenCreated": "Date(1696535076000)", + "WhenChangedUTC": "Date(1696535076000)", + "WhenCreatedUTC": "Date(1696535076000)", + "ExchangeObjectId": "b01a6475-0529-411d-8d00-53cb06de1804", "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration", "OriginatingServer": "", "ObjectState": "New", - "IsObjectUnderSystemOperation": false + "IsObjectUnderSystemOperation": false, + "IsSummarizedPsRule": false }, - { "SubjectContainsWords": [ @@ -12003,6 +12045,7 @@ ], "MessageSizeOver": "", "ExceptIfMessageSizeOver": "", + "AttachmentCountOver": null, "MessageTypeMatches": null, "ExceptIfMessageTypeMatches": null, "UnscannableDocumentExtensionIs": [ @@ -12089,6 +12132,7 @@ "Quarantine": false, "TriggerPowerAutomateFlow": "", "RestrictAccess": null, + "MipRestrictAccess": null, "SourceType": "", "Guid": "74f600e2-dccc-4d6f-a748-7bff5ed5da69", "AdvancedRuleBuilderContext": null, @@ -12281,7 +12325,7 @@ "ObjectVersion": "f0bf389d-c2df-49af-e933-08dbc5cb3521", "MaximumBlobRuleLength": 0, "CreatedBy": "John Doe", - "LastModifiedBy": "John Doe", + "LastModifiedBy": "John Public", "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Baseline Rule", "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Baseline Rule", "IsValid": true, @@ -12301,7 +12345,8 @@ "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration", "OriginatingServer": "", "ObjectState": "Changed", - "IsObjectUnderSystemOperation": false + "IsObjectUnderSystemOperation": false, + "IsSummarizedPsRule": false }, { "SubjectContainsWords": [ @@ -12356,6 +12401,7 @@ ], "MessageSizeOver": "", "ExceptIfMessageSizeOver": "", + "AttachmentCountOver": null, "MessageTypeMatches": null, "ExceptIfMessageTypeMatches": null, "UnscannableDocumentExtensionIs": [ @@ -12442,10 +12488,11 @@ "Quarantine": false, "TriggerPowerAutomateFlow": "", "RestrictAccess": null, + "MipRestrictAccess": null, "SourceType": "", "Guid": "f2e78982-66b6-488a-a43a-e921800f6304", "AdvancedRuleBuilderContext": null, - "ParentPolicyName": "Tenant DLP Policy for PII", + "ParentPolicyName": "SCuBA DLP Policy for PII", "ReportSeverityLevel": "Low", "ActivationDate": null, "ExpiryDate": null, @@ -12453,7 +12500,7 @@ "SenderAddressLocation": null, "AdvancedRule": "{\r\n \"Version\": \"1.0\",\r\n \"Condition\": {\r\n \"Operator\": \"And\",\r\n \"SubConditions\": [\r\n {\r\n \"ConditionName\": \"AccessScope\",\r\n \"Value\": \"NotInOrganization\"\r\n },\r\n {\r\n \"ConditionName\": \"ContentContainsSensitiveInformation\",\r\n \"Value\": [\r\n {\r\n \"id\": \"50842eb7-edc8-4019-85dd-5a5c1f2bb085\",\r\n \"maxconfidence\": \"100\",\r\n \"name\": \"Credit Card Number\",\r\n \"maxcount\": \"9\",\r\n \"minconfidence\": \"85\",\r\n \"classifiertype\": \"Content\",\r\n \"mincount\": \"1\",\r\n \"confidencelevel\": \"High\"\r\n },\r\n {\r\n \"id\": \"a2ce32a8-f935-4bb6-8e96-2a5157672e2c\",\r\n \"maxconfidence\": \"100\",\r\n \"name\": \"U.S. Bank Account Number\",\r\n \"maxcount\": \"9\",\r\n \"minconfidence\": \"75\",\r\n \"classifiertype\": \"Content\",\r\n \"mincount\": \"1\",\r\n \"confidencelevel\": \"Medium\"\r\n },\r\n {\r\n \"id\": \"cb353f78-2b72-4c3c-8827-92ebe4f69fdf\",\r\n \"maxconfidence\": \"100\",\r\n \"name\": \"ABA Routing Number\",\r\n \"maxcount\": \"9\",\r\n \"minconfidence\": \"75\",\r\n \"classifiertype\": \"Content\",\r\n \"mincount\": \"1\",\r\n \"confidencelevel\": \"Medium\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}", "ExecutionRuleGuids": null, - "DisplayName": "Low volume of content detected Tenant DLP Policy for PII", + "DisplayName": "Low volume of content detected SCuBA DLP Policy for PII", "StorageBindings": null, "EvaluateRulePerComponent": false, "IsAdvancedRule": false, @@ -12634,13 +12681,13 @@ "ObjectVersion": "f6f7ec90-c0aa-4ae4-e784-08dafa37f4cf", "MaximumBlobRuleLength": 0, "CreatedBy": "d459e626-e311-4242-bb40-263313097103", - "LastModifiedBy": "John Doe", - "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Low volume of content detected Tenant DLP Policy for PII", - "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Low volume of content detected Tenant DLP Policy for PII", + "LastModifiedBy": "John Public", + "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Low volume of content detected SCuBA DLP Policy for PII", + "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Low volume of content detected SCuBA DLP Policy for PII", "IsValid": true, "ExchangeVersion": "0.20 (15.0.0.0)", - "Name": "Low volume of content detected Tenant DLP Policy for PII", - "DistinguishedName": "CN=Low volume of content detected Tenant DLP Policy for PII,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", + "Name": "Low volume of content detected SCuBA DLP Policy for PII", + "DistinguishedName": "CN=Low volume of content detected SCuBA DLP Policy for PII,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", "ObjectCategory": null, "ObjectClass": [ "msExchUnifiedRule" @@ -12654,7 +12701,8 @@ "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration", "OriginatingServer": "", "ObjectState": "Changed", - "IsObjectUnderSystemOperation": false + "IsObjectUnderSystemOperation": false, + "IsSummarizedPsRule": false }, { "SubjectContainsWords": [ @@ -12709,6 +12757,7 @@ ], "MessageSizeOver": "", "ExceptIfMessageSizeOver": "", + "AttachmentCountOver": null, "MessageTypeMatches": null, "ExceptIfMessageTypeMatches": null, "UnscannableDocumentExtensionIs": [ @@ -12795,10 +12844,11 @@ "Quarantine": false, "TriggerPowerAutomateFlow": "", "RestrictAccess": null, + "MipRestrictAccess": null, "SourceType": "", "Guid": "8c40d462-f7c0-434d-bd37-d35c083c297a", "AdvancedRuleBuilderContext": null, - "ParentPolicyName": "Tenant DLP Policy for PII", + "ParentPolicyName": "SCuBA DLP Policy for PII", "ReportSeverityLevel": "High", "ActivationDate": null, "ExpiryDate": null, @@ -12806,7 +12856,7 @@ "SenderAddressLocation": null, "AdvancedRule": "{\r\n \"Version\": \"1.0\",\r\n \"Condition\": {\r\n \"Operator\": \"And\",\r\n \"SubConditions\": [\r\n {\r\n \"ConditionName\": \"AccessScope\",\r\n \"Value\": \"NotInOrganization\"\r\n },\r\n {\r\n \"ConditionName\": \"ContentContainsSensitiveInformation\",\r\n \"Value\": [\r\n {\r\n \"id\": \"50842eb7-edc8-4019-85dd-5a5c1f2bb085\",\r\n \"maxconfidence\": \"100\",\r\n \"name\": \"Credit Card Number\",\r\n \"maxcount\": \"-1\",\r\n \"minconfidence\": \"85\",\r\n \"classifiertype\": \"Content\",\r\n \"mincount\": \"10\",\r\n \"confidencelevel\": \"High\"\r\n },\r\n {\r\n \"id\": \"a2ce32a8-f935-4bb6-8e96-2a5157672e2c\",\r\n \"maxconfidence\": \"100\",\r\n \"name\": \"U.S. Bank Account Number\",\r\n \"maxcount\": \"-1\",\r\n \"minconfidence\": \"75\",\r\n \"classifiertype\": \"Content\",\r\n \"mincount\": \"10\",\r\n \"confidencelevel\": \"Medium\"\r\n },\r\n {\r\n \"id\": \"cb353f78-2b72-4c3c-8827-92ebe4f69fdf\",\r\n \"maxconfidence\": \"100\",\r\n \"name\": \"ABA Routing Number\",\r\n \"maxcount\": \"-1\",\r\n \"minconfidence\": \"75\",\r\n \"classifiertype\": \"Content\",\r\n \"mincount\": \"10\",\r\n \"confidencelevel\": \"Medium\"\r\n }\r\n ]\r\n }\r\n ]\r\n }\r\n}", "ExecutionRuleGuids": null, - "DisplayName": "High volume of content detected Tenant DLP Policy for PII", + "DisplayName": "High volume of content detected SCuBA DLP Policy for PII", "StorageBindings": null, "EvaluateRulePerComponent": false, "IsAdvancedRule": false, @@ -12987,13 +13037,13 @@ "ObjectVersion": "daf9a24d-19dd-4978-51b9-08dafa37f6c9", "MaximumBlobRuleLength": 0, "CreatedBy": "d459e626-e311-4242-bb40-263313097103", - "LastModifiedBy": "John Doe", - "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/High volume of content detected Tenant DLP Policy for PII", - "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/High volume of content detected Tenant DLP Policy for PII", + "LastModifiedBy": "John Public", + "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/High volume of content detected SCuBA DLP Policy for PII", + "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/High volume of content detected SCuBA DLP Policy for PII", "IsValid": true, "ExchangeVersion": "0.20 (15.0.0.0)", - "Name": "High volume of content detected Tenant DLP Policy for PII", - "DistinguishedName": "CN=High volume of content detected Tenant DLP Policy for PII,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", + "Name": "High volume of content detected SCuBA DLP Policy for PII", + "DistinguishedName": "CN=High volume of content detected SCuBA DLP Policy for PII,CN=Configuration,CN=tqhjy.onmicrosoft.com,OU=Microsoft Exchange Hosted Organizations,DC=FFO,DC=extest,DC=microsoft,DC=com", "ObjectCategory": null, "ObjectClass": [ "msExchUnifiedRule" @@ -13007,7 +13057,8 @@ "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration", "OriginatingServer": "", "ObjectState": "Changed", - "IsObjectUnderSystemOperation": false + "IsObjectUnderSystemOperation": false, + "IsSummarizedPsRule": false }, { "SubjectContainsWords": [ @@ -13062,6 +13113,7 @@ ], "MessageSizeOver": "", "ExceptIfMessageSizeOver": "", + "AttachmentCountOver": null, "MessageTypeMatches": null, "ExceptIfMessageTypeMatches": null, "UnscannableDocumentExtensionIs": [ @@ -13148,6 +13200,7 @@ "Quarantine": false, "TriggerPowerAutomateFlow": "", "RestrictAccess": null, + "MipRestrictAccess": null, "SourceType": "", "Guid": "6198a220-b7ac-4308-aeb4-fd520a263121", "AdvancedRuleBuilderContext": null, @@ -13308,8 +13361,8 @@ "Mode": "Enforce", "ObjectVersion": "000b9c42-97fe-4529-30e1-08dbcf31cf97", "MaximumBlobRuleLength": 0, - "CreatedBy": "John Doe", - "LastModifiedBy": "John Doe", + "CreatedBy": "John Public", + "LastModifiedBy": "John Public", "Identity": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Restrict sensitive info types", "Id": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration/Restrict sensitive info types", "IsValid": true, @@ -13329,7 +13382,8 @@ "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com/Configuration", "OriginatingServer": "", "ObjectState": "Changed", - "IsObjectUnderSystemOperation": false + "IsObjectUnderSystemOperation": false, + "IsSummarizedPsRule": false } ], "anti_phish_policies": [ @@ -13362,7 +13416,7 @@ "DmarcQuarantineAction": "Quarantine", "PhishThresholdLevel": 4, "TargetedUsersToProtect": [ - "John Doe;jdoe@tqhjy.onmicrosoft.com" + ], "TargetedUserActionRecipients": [ @@ -13380,7 +13434,7 @@ ], "ExcludedSenders": [ - "jdoe@tqhjy.onmicrosoft.com" + "johnpublic@tqhjy.onmicrosoft.com" ], "ExcludedSubDomains": [ @@ -13400,15 +13454,15 @@ "top", "msExchHostedContentFilterConfig" ], - "WhenChanged": "Date(1712119219000)", + "WhenChanged": "Date(1717562328000)", "WhenCreated": "Date(1681329956000)", - "WhenChangedUTC": "Date(1712119219000)", + "WhenChangedUTC": "Date(1717562328000)", "WhenCreatedUTC": "Date(1681329956000)", "ExchangeObjectId": "dd855979-da0e-4109-b218-cebf593d1771", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "Guid": "dd855979-da0e-4109-b218-cebf593d1771", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "ObjectState": "Unchanged" }, { @@ -13440,8 +13494,7 @@ "DmarcQuarantineAction": "Quarantine", "PhishThresholdLevel": 2, "TargetedUsersToProtect": [ - "John Doe;jdoe@tqhjy.onmicrosoft.com", - "John Q. Public;jqpublic@tqhjy.onmicrosoft.com" + "John Public;johnpublic@tqhjy.onmicrosoft.com" ], "TargetedUserActionRecipients": [ @@ -13487,7 +13540,7 @@ "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "Guid": "1c36a79e-281c-41ac-adf0-441a9ef992c3", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "ObjectState": "Unchanged" }, { @@ -13519,7 +13572,7 @@ "DmarcQuarantineAction": "Quarantine", "PhishThresholdLevel": 3, "TargetedUsersToProtect": [ - "John Doe;jdoe@y2zj1.onmicrosoft.com" + ], "TargetedUserActionRecipients": [ @@ -13557,15 +13610,15 @@ "top", "msExchHostedContentFilterConfig" ], - "WhenChanged": "Date(1712119219000)", + "WhenChanged": "Date(1717562328000)", "WhenCreated": "Date(1659535432000)", - "WhenChangedUTC": "Date(1712119219000)", + "WhenChangedUTC": "Date(1717562328000)", "WhenCreatedUTC": "Date(1659535432000)", "ExchangeObjectId": "c039f211-68f7-43e8-822f-91c1e0e018f7", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "Guid": "c039f211-68f7-43e8-822f-91c1e0e018f7", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "ObjectState": "Unchanged" } ], @@ -13584,6 +13637,7 @@ "Threshold": null, "VolumeThreshold": null, "ExternalScenarioData": { + "DlpRuleMode": "Enable", "DlpRuleId": "2e3f0308-5340-46ac-9f8d-d54f208a8024" }, "TimeWindow": null, @@ -13623,7 +13677,7 @@ "Comment": "", "Disabled": false, "Mode": "Enforce", - "ObjectVersion": "e8dd557d-bb74-4f37-acab-08dbc5cb1f27", + "ObjectVersion": "6a796a7d-d170-433a-266f-08dc7675e3e0", "MaximumBlobRuleLength": 0, "CreatedBy": "", "LastModifiedBy": "", @@ -13638,9 +13692,9 @@ "ObjectClass": [ "msExchUnifiedRule" ], - "WhenChanged": "Date(1696528039000)", + "WhenChanged": "Date(1715952788000)", "WhenCreated": "Date(1651249999000)", - "WhenChangedUTC": "Date(1696528039000)", + "WhenChangedUTC": "Date(1715952788000)", "WhenCreatedUTC": "Date(1651249999000)", "ExchangeObjectId": "b314399f-5d64-4c49-98c3-06deb1be2b6f", "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", @@ -13662,6 +13716,7 @@ "Threshold": null, "VolumeThreshold": null, "ExternalScenarioData": { + "DlpRuleMode": "Disable", "DlpRuleId": "6c63bd2e-3caf-4817-bab8-1794c388b8c8" }, "TimeWindow": null, @@ -13701,7 +13756,7 @@ "Comment": "", "Disabled": false, "Mode": "Enforce", - "ObjectVersion": "4e469c14-ff32-4393-a9b2-08dbfd7ba06e", + "ObjectVersion": "f1bdcd22-6090-46ee-31eb-08dc5b00e60b", "MaximumBlobRuleLength": 0, "CreatedBy": "", "LastModifiedBy": "", @@ -13716,9 +13771,9 @@ "ObjectClass": [ "msExchUnifiedRule" ], - "WhenChanged": "Date(1702651161000)", + "WhenChanged": "Date(1712933859000)", "WhenCreated": "Date(1702651035000)", - "WhenChangedUTC": "Date(1702651161000)", + "WhenChangedUTC": "Date(1712933859000)", "WhenCreatedUTC": "Date(1702651035000)", "ExchangeObjectId": "e95437f3-7b8b-4055-9383-2686e02de873", "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", @@ -13740,8 +13795,9 @@ "Threshold": null, "VolumeThreshold": null, "ExternalScenarioData": { - "DlpRuleId": "07fef34e-65b6-459f-a460-ec6d1ac8edb0", - "EndpointDlpRestrictiveOperations": "FileUploadedToCloud,FileCopiedToClipboard,FileCopiedToRemovableMedia,FileCopiedToNetworkShare,FileAccessedByUnallowedApp,FilePrinted" + "DlpRuleMode": "Disable", + "EndpointDlpRestrictiveOperations": "FileUploadedToCloud,FileCopiedToClipboard,FileCopiedToRemovableMedia,FileCopiedToNetworkShare,FileAccessedByUnallowedApp,FilePrinted", + "DlpRuleId": "07fef34e-65b6-459f-a460-ec6d1ac8edb0" }, "TimeWindow": null, "NotifyUserOnFilterMatch": false, @@ -13780,7 +13836,7 @@ "Comment": "", "Disabled": false, "Mode": "Enforce", - "ObjectVersion": "8500b55a-83aa-49db-1038-08dc4aa0aadf", + "ObjectVersion": "36ba8930-6dea-4556-2acc-08dc5b00ab9a", "MaximumBlobRuleLength": 0, "CreatedBy": "", "LastModifiedBy": "", @@ -13795,9 +13851,9 @@ "ObjectClass": [ "msExchUnifiedRule" ], - "WhenChanged": "Date(1711133310000)", + "WhenChanged": "Date(1712933761000)", "WhenCreated": "Date(1711133310000)", - "WhenChangedUTC": "Date(1711133310000)", + "WhenChangedUTC": "Date(1712933761000)", "WhenCreatedUTC": "Date(1711133310000)", "ExchangeObjectId": "96e8531f-40be-418f-8c4f-341009daf3bb", "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", @@ -13975,6 +14031,7 @@ "Threshold": null, "VolumeThreshold": null, "ExternalScenarioData": { + "DlpRuleMode": "Disable", "DlpRuleId": "af0870b6-6d6d-4bed-95e5-60529f32f325" }, "TimeWindow": null, @@ -14014,7 +14071,7 @@ "Comment": "", "Disabled": false, "Mode": "Enforce", - "ObjectVersion": "aef6370e-9f0d-41b9-a6d9-08dbcf31ce63", + "ObjectVersion": "ebf0c03b-4d8c-43ba-28aa-08dc76747b41", "MaximumBlobRuleLength": 0, "CreatedBy": "", "LastModifiedBy": "", @@ -14029,9 +14086,9 @@ "ObjectClass": [ "msExchUnifiedRule" ], - "WhenChanged": "Date(1697561702000)", + "WhenChanged": "Date(1715952186000)", "WhenCreated": "Date(1696535520000)", - "WhenChangedUTC": "Date(1697561702000)", + "WhenChangedUTC": "Date(1715952186000)", "WhenCreatedUTC": "Date(1696535520000)", "ExchangeObjectId": "44b57ad0-aaf5-4cf5-ab12-db2ff27ea8b6", "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", @@ -14053,8 +14110,9 @@ "Threshold": null, "VolumeThreshold": null, "ExternalScenarioData": { - "DlpRuleId": "37de612f-186b-4069-918f-b4c6f90037a8", - "EndpointDlpRestrictiveOperations": "FileUploadedToCloud,FileCopiedToClipboard,FileCopiedToRemovableMedia,FileCopiedToNetworkShare,FileAccessedByUnallowedApp,FilePrinted" + "DlpRuleMode": "Disable", + "EndpointDlpRestrictiveOperations": "FileUploadedToCloud,FileCopiedToClipboard,FileCopiedToRemovableMedia,FileCopiedToNetworkShare,FileAccessedByUnallowedApp,FilePrinted", + "DlpRuleId": "37de612f-186b-4069-918f-b4c6f90037a8" }, "TimeWindow": null, "NotifyUserOnFilterMatch": false, @@ -14093,7 +14151,7 @@ "Comment": "", "Disabled": false, "Mode": "Enforce", - "ObjectVersion": "2c2fc461-d990-4922-acfe-08dbfd7c0aeb", + "ObjectVersion": "2c2a1a4c-4b60-40b3-319a-08dc5b00c885", "MaximumBlobRuleLength": 0, "CreatedBy": "", "LastModifiedBy": "", @@ -14108,9 +14166,9 @@ "ObjectClass": [ "msExchUnifiedRule" ], - "WhenChanged": "Date(1702651340000)", + "WhenChanged": "Date(1712933810000)", "WhenCreated": "Date(1702651340000)", - "WhenChangedUTC": "Date(1702651340000)", + "WhenChangedUTC": "Date(1712933810000)", "WhenCreatedUTC": "Date(1702651340000)", "ExchangeObjectId": "d46f69a5-6277-49fc-ad26-e0b701c034d0", "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com", @@ -14845,7 +14903,7 @@ "Comment": "This alert is triggered when a reply-all storm is detected and at least one reply-all to the mail thread has been blocked. See the Reply-all Storm Protection mail flow report for more information. -V1.0.0.0", "Disabled": false, "Mode": "Enforce", - "ObjectVersion": "073f2143-7626-4989-4373-08dc5376d6f7", + "ObjectVersion": "eeefce15-488d-4e3e-d3dc-08dc855917f2", "MaximumBlobRuleLength": 0, "CreatedBy": "", "LastModifiedBy": "", @@ -14860,10 +14918,10 @@ "ObjectClass": [ "msExchUnifiedRule" ], - "WhenChanged": "Date(1712104905000)", - "WhenCreated": "Date(1712104905000)", - "WhenChangedUTC": "Date(1712104905000)", - "WhenCreatedUTC": "Date(1712104905000)", + "WhenChanged": "Date(1717589688000)", + "WhenCreated": "Date(1717589688000)", + "WhenChangedUTC": "Date(1717589688000)", + "WhenCreatedUTC": "Date(1717589688000)", "ExchangeObjectId": "ce504573-4841-4e45-81e2-21e8a11ba221", "OrganizationalUnitRoot": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/f00ed340-8f84-4eb4-83f3-0075a22b262e", "OrganizationId": "FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/f00ed340-8f84-4eb4-83f3-0075a22b262e - FFO.extest.microsoft.com/Microsoft Exchange Hosted Organizations/f00ed340-8f84-4eb4-83f3-0075a22b262e/Configuration", @@ -15254,7 +15312,7 @@ "LogicalOperationName": null, "NotificationEnabled": true, "NotifyUser": [ - "cloudsecurity@example.com" + "cloudsecurity@example.net" ], "Severity": "Informational", "Threshold": null, @@ -15330,7 +15388,7 @@ "LogicalOperationName": null, "NotificationEnabled": true, "NotifyUser": [ - "cloudsecurity@example.com" + "cloudsecurity@example.net" ], "Severity": "Informational", "Threshold": null, @@ -15632,7 +15690,7 @@ "LogicalOperationName": null, "NotificationEnabled": true, "NotifyUser": [ - "cloudsecurity@example.com" + "cloudsecurity@example.net" ], "Severity": "Medium", "Threshold": null, @@ -16238,7 +16296,7 @@ "LogicalOperationName": null, "NotificationEnabled": true, "NotifyUser": [ - "cloudsecurity@example.com" + "cloudsecurity@example.net" ], "Severity": "Medium", "Threshold": null, @@ -16466,7 +16524,7 @@ "LogicalOperationName": null, "NotificationEnabled": true, "NotifyUser": [ - "cloudsecurity@example.com" + "cloudsecurity@example.net" ], "Severity": "Informational", "Threshold": null, @@ -16616,7 +16674,7 @@ "LogicalOperationName": null, "NotificationEnabled": true, "NotifyUser": [ - "cloudsecurity@example.com" + "cloudsecurity@example.net" ], "Severity": "High", "Threshold": null, @@ -16764,7 +16822,7 @@ "LogicalOperationName": null, "NotificationEnabled": true, "NotifyUser": [ - "cloudsecurity@cacilabs.net" + "cloudsecurity@example.net" ], "Severity": "High", "Threshold": 2000, @@ -16916,7 +16974,7 @@ "LogicalOperationName": null, "NotificationEnabled": true, "NotifyUser": [ - "cloudsecurity@example.com" + "cloudsecurity@example.net" ], "Severity": "High", "Threshold": null, @@ -17218,7 +17276,7 @@ "LogicalOperationName": null, "NotificationEnabled": true, "NotifyUser": [ - "cloudsecurity@example.com" + "cloudsecurity@example.net" ], "Severity": "Informational", "Threshold": null, @@ -17292,7 +17350,7 @@ "LogicalOperationName": null, "NotificationEnabled": true, "NotifyUser": [ - "cloudsecurity@example.com" + "cloudsecurity@example.net" ], "Severity": "Medium", "Threshold": null, @@ -17772,16 +17830,16 @@ "top", "msExchAdminAuditLogConfig" ], - "WhenChanged": "Date(1712120672000)", + "WhenChanged": "Date(1717564760000)", "WhenCreated": "Date(1619484594000)", - "WhenChangedUTC": "Date(1712120672000)", + "WhenChangedUTC": "Date(1717564760000)", "WhenCreatedUTC": "Date(1619484594000)", "ExchangeObjectId": "35b89a9b-b235-4d67-ba7f-7ddeab032801", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "Id": "Admin Audit Log Settings", "Guid": "97423bd9-ae36-4a1f-a225-5e007478854f", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "IsValid": true, "ObjectState": "Changed" } @@ -17803,19 +17861,20 @@ "top", "msExchHostedContentFilterConfig" ], - "WhenChanged": "Date(1712121120000)", + "WhenChanged": "Date(1717562382000)", "WhenCreated": "Date(1626469503000)", - "WhenChangedUTC": "Date(1712121120000)", + "WhenChangedUTC": "Date(1717562382000)", "WhenCreatedUTC": "Date(1626469503000)", "ExchangeObjectId": "2aaee10f-6955-4976-be8b-ac1952fcb627", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "Guid": "2aaee10f-6955-4976-be8b-ac1952fcb627", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "ObjectState": "Unchanged" } ], "defender_license": true, + "defender_dlp_license": true, "defender_successful_commands": [ "Get-AdminAuditLogConfig", "Get-EOPProtectionPolicyRule", @@ -17864,16 +17923,16 @@ "top", "msExchDomainContentConfig" ], - "WhenChanged": "Date(1712118555000)", + "WhenChanged": "Date(1717562000000)", "WhenCreated": "Date(1619484412000)", - "WhenChangedUTC": "Date(1712118555000)", + "WhenChangedUTC": "Date(1717562000000)", "WhenCreatedUTC": "Date(1619484412000)", "ExchangeObjectId": "2042facf-0e9e-4738-ad60-56d6c5d43b5d", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "Id": "Default", "Guid": "5c597b00-69f6-44cf-b30b-474fb38a1e0a", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "IsValid": true, "ObjectState": "Unchanged" } @@ -17882,8 +17941,8 @@ { "domain": "tqhjy.onmicrosoft.com", "rdata": [ - "mscid=d/1e071KOhkmP8Aanr5sNgUqyTBrvrMx5nKSswPxu5ZsqL0bdAgVo3m7f5VYu+inbKA5YviUPzz/SxNS0ploJQ==", - "v=spf1 include:spf.protection.outlook.com -all" + "v=spf1 include:spf.protection.outlook.com -all", + "mscid=d/1e071KOhkmP8Aanr5sNgUqyTBhaBMx5nKSswPxu5ZsqL0bdAgVo3m7f5VYu+inbKA5YviUPzz/SxNS0ploJQ==" ], "log": [ { @@ -17900,10 +17959,10 @@ "AdminDisplayName": "", "Selector1KeySize": 2048, "Selector1CNAME": "selector1-tqhjy-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com", - "Selector1PublicKey": "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/z5b0VYtWAnksnJLIo1HiKP5j0sTa93y6eIe7eRn3EfCMfnw4f0Ew6wmX/2NIsszvF0XG0mkdffCVsUa5WnzDvfhR5fkSMqGI/I4JaR+b8qHdNToVesTbk/kFv+j41TcxWgJw1j4Xeo6URJG6qx1ujh6zshr21/frskm/tq7Qlp7LpQn1uiHDO2g1If9tlvKRxOzxMV8ldzIjU4MKsLlUDLIj/LjezemQXiPsZqrMOe0Kqs3Tusv6IoWKaQpiiooIhsH+0fI2JXyjJu7623jOIAuDtl7YHdR6cC7umMq44tAgEL9Uf8IHv02FoM0B3nSIzs9ier9X4E0/exampleQIDAQAB;", + "Selector1PublicKey": "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohoPDhGToRO8y7acaWL2w15wsCmwabxgTwODro2c1BeRYXfnUMStICo3w4ZrYDtGZDSA7hm0x7OHujF1CoQnXiBmrQ154wtomPyx3Op/VC6+b9di4z15XBvhXh/fLBUdEJ6wsybMLmQ+WPQA6vsM3UN5Cv5rl2SylFoM//eLmw5R6NmMIj3GQg9b+vQl2cKNXqII2gZrB07P6xt2wW1VA/LPjdRFUEys9YzBgOqM53VaODWDXDIvUH/nPRVAtOEsV19u66jyzZnzcz9a7ATxizix7DnySzI3koVlOGi/+dLx8FYIAZ/75wkH1O/gH8/n4C66uwRm/example+QIDAQAB;", "Selector2KeySize": 2048, "Selector2CNAME": "selector2-tqhjy-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com", - "Selector2PublicKey": "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVK8DFIgYjps1Ckt4UjOQiBMqpb9G1WiwIci61Amx0sQzZTD8xb8rRSboEm89e5WRChcpZe7FN7XveJtbWYHmp4+e4niN5wGHaDt7NoCdTQ6dgRdyPa0d4Yf8si1uYYu7iC4LkQMI/zSLAQAQWEEHKqqJPHoAAbyKEuj8vynlWGsCAaprqOjyPqciy4YfcYd5ZISmpY5yJ/FNIrc2FeZjSPb65XzYMtgTbP9xC7lK6kGnBJDKqHaccXhVyvkl39AX4VkMzuVTlZbr120T+zMFDLNCJeNMBabl8JcrL0OYRule+75C3bPO4u/cZ1TmAGknX7apzvavEK2ByexampleQIDAQAB;", + "Selector2PublicKey": "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0N9/MWtBA7REPZSGKz9hfYIgF5jm5uri7RVSkaptlnvK0AI6jmJ4TvZ4beFzrfJDh6cIt5gX0UqnTzF9/0UZeyfRuUQAUew/sXU8FZXEnt+Bxr9k8PkAaqr2ksYhY/n46DxrWu1X/Cz7tye5FBnsTbyI6PnaBCfcgzwFnULaojUtdqSQGF7dt4HcyZGnUX1YLNwhp4Lyi9g1bZF6EdNMYHuKXFIsRo5qmEMagIsi557jGlGNTqTKJ9aZWGiCgjFJ14mTUN/itKXb5RqBAfG9KeZQXk6hWGTe7H9lVOshMZgV4t0FyaisrGg5GselbKZukxcA8xsOndexampleAQIDAQAB;", "Enabled": true, "IsDefault": true, "HeaderCanonicalization": "Relaxed", @@ -17937,7 +17996,7 @@ "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "Guid": "476371c0-bf15-4101-84a7-a3a03b4266f1", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "ObjectState": "Unchanged" } ], @@ -17960,13 +18019,8 @@ }, { "query_method": "traditional", - "query_result": "Query returned NXDomain", - "query_name": "selector1-example-mail-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com" - }, - { - "query_method": "traditional", - "query_result": "Query returned NXDomain", - "query_name": "selector2-example-mail-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com" + "query_result": "Query returned 2 txt records", + "query_name": "selector1-tqhjy-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com" } ] } @@ -18106,16 +18160,16 @@ "container", "msExchTransportSettings" ], - "WhenChanged": "Date(1712118761000)", + "WhenChanged": "Date(1717562155000)", "WhenCreated": "Date(1619484398000)", - "WhenChangedUTC": "Date(1712118761000)", + "WhenChangedUTC": "Date(1717562155000)", "WhenCreatedUTC": "Date(1619484398000)", "ExchangeObjectId": "7ef195bd-4f88-46bc-97e6-db6c7665321b", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "Id": "Transport Settings", "Guid": "01d25010-40a8-4d0a-9419-fb1d775b4d16", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "IsValid": true, "ObjectState": "Unchanged" } @@ -18146,7 +18200,7 @@ "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "Id": "Default Sharing Policy", "Guid": "137df5c0-4fe4-49bb-923c-e2bdfd89f448", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "IsValid": true, "ObjectState": "Changed" } @@ -18157,7 +18211,7 @@ "DlpPolicy": null, "DlpPolicyId": "00000000-0000-0000-0000-000000000000", "Comments": null, - "CreatedBy": "Top Dog", + "CreatedBy": "John Public", "LastModifiedBy": "Microsoft Exchange", "ManuallyModified": false, "ActivationDate": null, @@ -18356,9 +18410,219 @@ "Guid": "d60d0c37-4f9d-4bcb-8b5e-2c91edfd4cbb", "ImmutableId": "d60d0c37-4f9d-4bcb-8b5e-2c91edfd4cbb", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", - "Name": "Sender is located outside the organization prepend \"[External]\"", + "Name": "Sender is located outside the organization prepend \"[External]\"", + "IsValid": true, + "WhenChanged": "Date(1717562280000)", + "ExchangeVersion": "0.1 (8.0.535.0)", + "ObjectState": "Unchanged" + }, + { + "Priority": 1, + "DlpPolicy": null, + "DlpPolicyId": "00000000-0000-0000-0000-000000000000", + "Comments": null, + "CreatedBy": "John Public", + "LastModifiedBy": "Microsoft Exchange", + "ManuallyModified": false, + "ActivationDate": null, + "ExpiryDate": null, + "Description": "If the message:\r\n\tIs received from \u0027Outside the organization\u0027\r\nTake the following actions:\r\n\tPrepend the subject with \u0027[External]\u0027\r\n", + "RuleVersion": { + "Major": 14, + "Minor": 0, + "Build": 0, + "Revision": 0, + "MajorRevision": 0, + "MinorRevision": 0 + }, + "Size": 327, + "Conditions": [ + "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.FromScopePredicate" + ], + "Exceptions": null, + "Actions": [ + "Microsoft.Exchange.MessagingPolicies.Rules.Tasks.PrependSubjectAction" + ], + "State": "Enabled", + "Mode": "Enforce", + "IsRuleConfigurationSupported": true, + "RuleConfigurationUnsupportedReason": "", + "RuleErrorAction": "Ignore", + "SenderAddressLocation": "Header", + "RecipientAddressType": "Resolved", + "RuleSubType": "None", + "RegexSize": 0, + "UseLegacyRegex": false, + "From": null, + "FromMemberOf": null, + "FromScope": "NotInOrganization", + "SentTo": null, + "SentToMemberOf": null, + "SentToScope": null, + "BetweenMemberOf1": null, + "BetweenMemberOf2": null, + "ManagerAddresses": null, + "ManagerForEvaluatedUser": null, + "SenderManagementRelationship": null, + "ADComparisonAttribute": null, + "ADComparisonOperator": null, + "SenderADAttributeContainsWords": null, + "SenderADAttributeMatchesPatterns": null, + "RecipientADAttributeContainsWords": null, + "RecipientADAttributeMatchesPatterns": null, + "AnyOfToHeader": null, + "AnyOfToHeaderMemberOf": null, + "AnyOfCcHeader": null, + "AnyOfCcHeaderMemberOf": null, + "AnyOfToCcHeader": null, + "AnyOfToCcHeaderMemberOf": null, + "HasClassification": null, + "HasNoClassification": false, + "SubjectContainsWords": null, + "SubjectOrBodyContainsWords": null, + "HeaderContainsMessageHeader": null, + "HeaderContainsWords": null, + "FromAddressContainsWords": null, + "SenderDomainIs": null, + "RecipientDomainIs": null, + "SubjectMatchesPatterns": null, + "SubjectOrBodyMatchesPatterns": null, + "HeaderMatchesMessageHeader": null, + "HeaderMatchesPatterns": null, + "FromAddressMatchesPatterns": null, + "AttachmentNameMatchesPatterns": null, + "AttachmentExtensionMatchesWords": null, + "AttachmentPropertyContainsWords": null, + "ContentCharacterSetContainsWords": null, + "HasSenderOverride": false, + "MessageContainsDataClassifications": null, + "MessageContainsAllDataClassifications": null, + "SenderIpRanges": null, + "SCLOver": null, + "AttachmentSizeOver": null, + "MessageSizeOver": null, + "WithImportance": null, + "MessageTypeMatches": null, + "RecipientAddressContainsWords": null, + "RecipientAddressMatchesPatterns": null, + "SenderInRecipientList": null, + "RecipientInSenderList": null, + "AttachmentContainsWords": null, + "AttachmentMatchesPatterns": null, + "AttachmentIsUnsupported": false, + "AttachmentProcessingLimitExceeded": false, + "AttachmentHasExecutableContent": false, + "AttachmentIsPasswordProtected": false, + "AnyOfRecipientAddressContainsWords": null, + "AnyOfRecipientAddressMatchesPatterns": null, + "ExceptIfFrom": null, + "ExceptIfFromMemberOf": null, + "ExceptIfFromScope": null, + "ExceptIfSentTo": null, + "ExceptIfSentToMemberOf": null, + "ExceptIfSentToScope": null, + "ExceptIfBetweenMemberOf1": null, + "ExceptIfBetweenMemberOf2": null, + "ExceptIfManagerAddresses": null, + "ExceptIfManagerForEvaluatedUser": null, + "ExceptIfSenderManagementRelationship": null, + "ExceptIfADComparisonAttribute": null, + "ExceptIfADComparisonOperator": null, + "ExceptIfSenderADAttributeContainsWords": null, + "ExceptIfSenderADAttributeMatchesPatterns": null, + "ExceptIfRecipientADAttributeContainsWords": null, + "ExceptIfRecipientADAttributeMatchesPatterns": null, + "ExceptIfAnyOfToHeader": null, + "ExceptIfAnyOfToHeaderMemberOf": null, + "ExceptIfAnyOfCcHeader": null, + "ExceptIfAnyOfCcHeaderMemberOf": null, + "ExceptIfAnyOfToCcHeader": null, + "ExceptIfAnyOfToCcHeaderMemberOf": null, + "ExceptIfHasClassification": null, + "ExceptIfHasNoClassification": false, + "ExceptIfSubjectContainsWords": null, + "ExceptIfSubjectOrBodyContainsWords": null, + "ExceptIfHeaderContainsMessageHeader": null, + "ExceptIfHeaderContainsWords": null, + "ExceptIfFromAddressContainsWords": null, + "ExceptIfSenderDomainIs": null, + "ExceptIfRecipientDomainIs": null, + "ExceptIfSubjectMatchesPatterns": null, + "ExceptIfSubjectOrBodyMatchesPatterns": null, + "ExceptIfHeaderMatchesMessageHeader": null, + "ExceptIfHeaderMatchesPatterns": null, + "ExceptIfFromAddressMatchesPatterns": null, + "ExceptIfAttachmentNameMatchesPatterns": null, + "ExceptIfAttachmentExtensionMatchesWords": null, + "ExceptIfAttachmentPropertyContainsWords": null, + "ExceptIfContentCharacterSetContainsWords": null, + "ExceptIfSCLOver": null, + "ExceptIfAttachmentSizeOver": null, + "ExceptIfMessageSizeOver": null, + "ExceptIfWithImportance": null, + "ExceptIfMessageTypeMatches": null, + "ExceptIfRecipientAddressContainsWords": null, + "ExceptIfRecipientAddressMatchesPatterns": null, + "ExceptIfSenderInRecipientList": null, + "ExceptIfRecipientInSenderList": null, + "ExceptIfAttachmentContainsWords": null, + "ExceptIfAttachmentMatchesPatterns": null, + "ExceptIfAttachmentIsUnsupported": false, + "ExceptIfAttachmentProcessingLimitExceeded": false, + "ExceptIfAttachmentHasExecutableContent": false, + "ExceptIfAttachmentIsPasswordProtected": false, + "ExceptIfAnyOfRecipientAddressContainsWords": null, + "ExceptIfAnyOfRecipientAddressMatchesPatterns": null, + "ExceptIfHasSenderOverride": false, + "ExceptIfMessageContainsDataClassifications": null, + "ExceptIfMessageContainsAllDataClassifications": null, + "ExceptIfSenderIpRanges": null, + "PrependSubject": "[External]", + "SetAuditSeverity": null, + "ApplyClassification": null, + "ApplyHtmlDisclaimerLocation": null, + "ApplyHtmlDisclaimerText": null, + "ApplyHtmlDisclaimerFallbackAction": null, + "ApplyRightsProtectionTemplate": null, + "ApplyRightsProtectionCustomizationTemplate": null, + "SetSCL": null, + "SetHeaderName": null, + "SetHeaderValue": null, + "RemoveHeader": null, + "AddToRecipients": null, + "CopyTo": null, + "BlindCopyTo": null, + "AddManagerAsRecipientType": null, + "ModerateMessageByUser": null, + "ModerateMessageByManager": false, + "RedirectMessageTo": null, + "RejectMessageEnhancedStatusCode": null, + "RejectMessageReasonText": null, + "DeleteMessage": false, + "Disconnect": false, + "Quarantine": false, + "SmtpRejectMessageRejectText": null, + "SmtpRejectMessageRejectStatusCode": null, + "LogEventText": null, + "StopRuleProcessing": false, + "SenderNotificationType": null, + "GenerateIncidentReport": null, + "IncidentReportContent": null, + "RouteMessageOutboundConnector": null, + "RouteMessageOutboundRequireTls": false, + "ApplyOME": false, + "RemoveOME": false, + "RemoveOMEv2": false, + "RemoveRMSAttachmentEncryption": false, + "GenerateNotification": null, + "Identity": "Sender Warning", + "DistinguishedName": "CN=Sender Warning,CN=TransportVersioned,CN=Rules,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM", + "Guid": "dbc63ee9-ad16-4faf-81c9-55ae2881e3ed", + "ImmutableId": "dbc63ee9-ad16-4faf-81c9-55ae2881e3ed", + "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", + "Name": "Sender Warning", "IsValid": true, - "WhenChanged": "Date(1712118891000)", + "WhenChanged": "Date(1717562298000)", "ExchangeVersion": "0.1 (8.0.535.0)", "ObjectState": "Unchanged" } @@ -18386,15 +18650,15 @@ "top", "msExchHostedConnectionFilterPolicy" ], - "WhenChanged": "Date(1712119159000)", + "WhenChanged": "Date(1717562554000)", "WhenCreated": "Date(1619484586000)", - "WhenChangedUTC": "Date(1712119159000)", + "WhenChangedUTC": "Date(1717562554000)", "WhenCreatedUTC": "Date(1619484586000)", "ExchangeObjectId": "7021b7cf-b9fa-4280-94ff-fba468dbb0ab", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "Guid": "ddb99cb3-211b-47ee-bc9c-86e6c8d0e692", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "ObjectState": "Unchanged" } ], @@ -18441,9 +18705,9 @@ "environments": "@{disablePreferredDataLocationForTeamsEnvironment=False}", "governance": "@{disableAdminDigest=False; disableDeveloperEnvironmentCreationByNonAdminUsers=False; enableDefaultEnvironmentRouting=False; policy=; environmentRoutingAllMakers=False}", "licensing": "@{disableBillingPolicyCreationByNonAdminUsers=False; enableTenantCapacityReportForEnvironmentAdmins=False; storageCapacityConsumptionWarningThreshold=85; enableTenantLicensingReportForEnvironmentAdmins=False; disableUseOfUnassignedAIBuilderCredits=False}", - "powerPages": "", + "powerPages": "@{enableGenerativeAIFeaturesForSiteUsers=All}", "champions": "@{disableChampionsInvitationReachout=False; disableSkillsMatchInvitationReachout=False}", - "intelligence": "@{disableCopilot=False; enableOpenAiBotPublishing=True; disableCopilotFeedback=True; disableCopilotFeedbackMetadata=False}", + "intelligence": "@{disableCopilot=False; enableOpenAiBotPublishing=False; disableCopilotFeedback=True; disableCopilotFeedbackMetadata=False}", "modelExperimentation": "@{enableModelDataSharing=False; disableDataLogging=False}", "catalogSettings": "@{powerCatalogAudienceSetting=All}", "userManagementSettings": "@{enableDeleteDisabledUserinAllEnvironments=False}", @@ -18456,7 +18720,7 @@ { "value": [ { - "name": "dc769829-e705-4c1e-a19b-4961102d236e", + "name": "05f3cae7-fdf3-41d7-af81-6d7982810e8d", "displayName": "DLP functional test", "defaultConnectorsClassification": "General", "connectorGroups": [ @@ -18490,12 +18754,12 @@ "createdBy": { "displayName": "Service Principal (754baa5d-03d8-401a-a3d4-c2178cac1adc)" }, - "createdTime": "2024-04-03T04:30:26.7862702Z", + "createdTime": "2024-06-05T04:31:32.9182239Z", "lastModifiedBy": { "displayName": "Service Principal (754baa5d-03d8-401a-a3d4-c2178cac1adc)" }, - "lastModifiedTime": "2024-04-03T04:30:26.7862702Z", - "etag": "84b5f54a-6e84-4aec-8450-45d14653103d", + "lastModifiedTime": "2024-06-05T04:31:32.9182239Z", + "etag": "84ac9b77-d76d-48d9-93d5-42787e5d1689", "isLegacySchemaVersion": true } ] @@ -18511,9 +18775,42 @@ } ], "environment_list": [ + { + "EnvironmentName": "407cbeff-b477-e3b4-9ca7-097888a9ec4e", + "DisplayName": "Test-NonDefault (orgffbba88c)", + "Description": "Testing MS.POWERPLATFORM.2.2", + "IsDefault": false, + "Location": "usgov", + "CreatedTime": "2023-12-06T20:18:16.9766324Z", + "CreatedBy": { + "id": "c8975770-8c3d-43ef-8466-678584a32de5", + "displayName": "John Doe", + "email": "johndoe@tqhjy.onmicrosoft.com", + "type": "User", + "tenantId": "ca08493a-c9c8-4db0-a9e8-d3b4bafac269", + "userPrincipalName": "johndoe@tqhjy.onmicrosoft.com" + }, + "LastModifiedTime": "2023-12-06T20:18:27.5107576Z", + "LastModifiedBy": null, + "CreationType": "User", + "EnvironmentType": "Sandbox", + "CommonDataServiceDatabaseProvisioningState": "Succeeded", + "CommonDataServiceDatabaseType": "Common Data Service for Apps", + "Internal": { + "id": "/providers/Microsoft.BusinessAppPlatform/scopes/admin/environments/407cbeff-b477-e3b4-9ca7-097888a9ec4e", + "type": "Microsoft.BusinessAppPlatform/scopes/environments", + "location": "usgov", + "name": "407cbeff-b477-e3b4-9ca7-097888a9ec4e", + "properties": "@{tenantId=ca08493a-c9c8-4db0-a9e8-d3b4bafac269; azureRegionHint=usgovtexas; displayName=Test-NonDefault (orgffbba88c); description=Testing MS.POWERPLATFORM.2.2; createdTime=2023-12-06T20:18:16.9766324Z; createdBy=; lastModifiedTime=2023-12-06T20:18:27.5107576Z; provisioningState=Succeeded; creationType=User; environmentSku=Sandbox; environmentType=Production; isDefault=False; permissions=; runtimeEndpoints=; linkedEnvironmentMetadata=; trialScenarioType=None; notificationMetadata=; retentionPeriod=P7D; states=; updateCadence=; retentionDetails=; protectionStatus=; cluster=; connectedGroups=System.Object[]; lifecycleOperationsEnforcement=; governanceConfiguration=; bingChatEnabled=False}" + }, + "InternalCds": null, + "OrganizationId": "af751393-6f94-ee11-8175-001dd804a214", + "SecurityGroupId": "f13e38d1-c8bb-486e-aa73-f0383d04050d", + "RetentionPeriod": 7 + }, { "EnvironmentName": "Default-ca08493a-c9c8-4db0-a9e8-d3b4bafac269", - "DisplayName": "tqhjy (default) (org8537b7dc)", + "DisplayName": "tqhjy (default) (org1234abcd)", "Description": null, "IsDefault": true, "Location": "usgov", @@ -18534,7 +18831,7 @@ "type": "Microsoft.BusinessAppPlatform/scopes/environments", "location": "usgov", "name": "Default-ca08493a-c9c8-4db0-a9e8-d3b4bafac269", - "properties": "@{tenantId=ca08493a-c9c8-4db0-a9e8-d3b4bafac269; azureRegionHint=usgovtexas; displayName=tqhjy (default) (org8537b7dc); createdTime=2021-12-13T20:40:14.1749137Z; createdBy=; provisioningState=Succeeded; creationType=DefaultTenant; environmentSku=Default; environmentType=Production; isDefault=True; permissions=; runtimeEndpoints=; linkedEnvironmentMetadata=; trialScenarioType=None; retentionPeriod=P7D; states=; updateCadence=; retentionDetails=; protectionStatus=; cluster=; connectedGroups=System.Object[]; lifecycleOperationsEnforcement=; governanceConfiguration=; bingChatEnabled=False}" + "properties": "@{tenantId=ca08493a-c9c8-4db0-a9e8-d3b4bafac269; azureRegionHint=usgovtexas; displayName=tqhjy (default) (org1234abcd); createdTime=2021-12-13T20:40:14.1749137Z; createdBy=; provisioningState=Succeeded; creationType=DefaultTenant; environmentSku=Default; environmentType=Production; isDefault=True; permissions=; runtimeEndpoints=; linkedEnvironmentMetadata=; trialScenarioType=None; retentionPeriod=P7D; states=; updateCadence=; retentionDetails=; protectionStatus=; cluster=; connectedGroups=System.Object[]; lifecycleOperationsEnforcement=; governanceConfiguration=; bingChatEnabled=False}" }, "InternalCds": null, "OrganizationId": "ff4adc41-8f11-42a1-9e5a-d208f91a6db4", @@ -18552,8 +18849,8 @@ ], "SPO_tenant": [ { - "HideDefaultThemes": false, "StorageQuota": 1355776, + "BonusStorageQuotaMB": 0, "StorageQuotaAllocated": 0, "ResourceQuota": 0, "ResourceQuotaAllocated": 0, @@ -18561,6 +18858,7 @@ "CompatibilityRange": "15,15", "ExternalServicesEnabled": true, "NoAccessRedirectUrl": null, + "ArchiveRedirectUrl": null, "SharingCapability": 0, "DisplayStartASiteOption": true, "StartASiteFormUrl": null, @@ -18568,13 +18866,20 @@ "ShowAllUsersClaim": false, "OfficeClientADALDisabled": false, "LegacyAuthProtocolsEnabled": false, + "DisableCustomAppAuthentication": true, + "IsSharePointAddInsDisabled": false, + "SiteOwnerManageLegacyServicePrincipalEnabled": false, "ShowEveryoneExceptExternalUsersClaim": true, + "AllowEveryoneExceptExternalUsersClaimInPrivateSite": true, "SearchResolveExactEmailOrUPN": false, - "RequireAcceptingAccountMatchInvitedAccount": true, + "RequireAcceptingAccountMatchInvitedAccount": false, "ProvisionSharedWithEveryoneFolder": false, "SignInAccelerationDomain": "", "EnableGuestSignInAcceleration": false, "UsePersistentCookiesForExplorerView": false, + "ContentTypeSyncSiteTemplatesList": [ + + ], "BccExternalSharingInvitations": false, "BccExternalSharingInvitationsList": null, "UserVoiceForFeedbackEnabled": true, @@ -18584,21 +18889,25 @@ ], "RequireAnonymousLinksExpireInDays": 30, - "SharingAllowedDomainList": "admirable.example.org good.example.com", - "SharingBlockedDomainList": "evil.example.net nefarious.example.info", - "SharingDomainRestrictionMode": 0, + "SharingAllowedDomainList": "admirable.us good.org", + "SharingBlockedDomainList": "evil.is.us nefarious.com", + "SharingDomainRestrictionMode": 1, "OneDriveForGuestsEnabled": false, "IPAddressEnforcement": false, "IPAddressAllowList": "", "IPAddressWACTokenLifetime": 15, + "EnableTenantRestrictionsInsights": false, + "EnablePromotedFileHandlers": true, "UseFindPeopleInPeoplePicker": false, - "DefaultSharingLinkType": 3, + "DefaultSharingLinkType": 1, "ODBMembersCanShare": 0, "ODBAccessRequests": 0, "PreventExternalUsersFromResharing": true, "ShowPeoplePickerSuggestionsForGuestUsers": false, + "AppOnlyBypassPeoplePickerPolicies": false, + "EnableDiscoverableByOrganizationForVideos": true, "FileAnonymousLinkType": 1, - "FolderAnonymousLinkType": 1, + "FolderAnonymousLinkType": 2, "NotifyOwnersWhenItemsReshared": true, "NotifyOwnersWhenInvitationsAccepted": true, "NotificationsInOneDriveForBusinessEnabled": true, @@ -18606,110 +18915,234 @@ "SpecialCharactersStateInFileFolderNames": 1, "OwnerAnonymousNotification": true, "CommentsOnSitePagesDisabled": false, + "CommentsOnFilesDisabled": false, + "CommentsOnListItemsDisabled": false, + "ViewersCanCommentOnMediaDisabled": false, "SocialBarOnSitePagesDisabled": false, "OrphanedPersonalSitesRetentionPeriod": 90, "PermissiveBrowserFileHandlingOverride": false, "DisallowInfectedFileDownload": false, "DefaultLinkPermission": 1, + "CustomizedExternalSharingServiceUrl": "", "ConditionalAccessPolicy": 0, "AllowDownloadingNonWebViewableFiles": true, + "LimitedAccessFileType": 1, "AllowEditing": true, "ApplyAppEnforcedRestrictionsToAdHocRecipients": true, "FilePickerExternalImageSearchEnabled": true, "EmailAttestationRequired": true, - "EmailAttestationReAuthDays": 30, + "EmailAttestationReAuthDays": 29, "DisabledWebPartIds": null, - "DisableCustomAppAuthentication": true, + "EnableMinimumVersionRequirement": true, "MarkNewFilesSensitiveByDefault": 0, - "StopNew2013Workflows": false, - "ViewInFileExplorerEnabled": false, - "DisableSpacesActivation": false, - "AllowFilesWithKeepLabelToBeDeletedSPO": true, - "AllowFilesWithKeepLabelToBeDeletedODB": true, - "DisableAddToOneDrive": false, - "IsFluidEnabled": true, - "DisablePersonalListCreation": false, + "EnableAIPIntegration": false, + "AllowCommentsTextOnEmailEnabled": true, + "ConditionalAccessPolicyErrorHelpLink": "", + "EnableAzureADB2BIntegration": false, + "IncludeAtAGlanceInShareEmails": true, "ExternalUserExpirationRequired": true, "ExternalUserExpireInDays": 100, - "DisplayNamesOfFileViewers": true, - "DisplayNamesOfFileViewersInSpo": true, + "BlockDownloadLinksFileType": 1, + "AnyoneLinkTrackUsers": false, + "OneDriveLoopDefaultSharingLinkScope": -1, + "OneDriveLoopDefaultSharingLinkRole": 0, + "OneDriveRequestFilesLinkEnabled": false, + "OneDriveRequestFilesLinkExpirationInDays": 1, + "OneDriveSharingCapability": 0, + "OneDriveDefaultShareLinkScope": -1, + "OneDriveDefaultShareLinkRole": 0, + "OneDriveDefaultLinkToExistingAccess": false, + "OneDriveBlockGuestsAsSiteAdmin": 0, + "CoreLoopDefaultSharingLinkScope": -1, + "CoreLoopDefaultSharingLinkRole": 0, + "CoreSharingCapability": 0, + "CoreRequestFilesLinkEnabled": false, + "CoreRequestFilesLinkExpirationInDays": 10, + "CoreDefaultShareLinkScope": -1, + "CoreDefaultShareLinkRole": 0, + "CoreDefaultLinkToExistingAccess": false, + "CoreBlockGuestsAsSiteAdmin": 0, + "BlockAppAccessWithAuthenticationContext": false, + "AllowAnonymousMeetingParticipantsToAccessWhiteboards": 0, + "Workflows2013State": 2, + "IsFluidEnabled": true, + "IsWBFluidEnabled": true, + "IsCollabMeetingNotesFluidEnabled": true, "IsLoopEnabled": true, + "DisableDocumentLibraryDefaultLabeling": false, + "EnableSensitivityLabelForPDF": false, + "BlockSendLabelMismatchEmail": false, + "LabelMismatchEmailHelpLink": null, + "DisableAddShortcutsToOneDrive": false, + "EnableAutoNewsDigest": true, + "Workflow2010Disabled": true, + "StopNew2010Workflows": false, + "StopNew2013Workflows": false, + "DisableBackToClassic": false, + "BlockUserInfoVisibility": "ExternalPeopleInOD", + "BlockUserInfoVisibilityInOneDrive": 1, + "BlockUserInfoVisibilityInSharePoint": 0, + "AllowOverrideForBlockUserInfoVisibility": false, + "InformationBarriersSuspension": true, + "IBImplicitGroupBased": false, + "AppBypassInformationBarriers": false, + "DefaultOneDriveInformationBarrierMode": "Explicit", + "AllOrganizationSecurityGroupId": null, + "DisablePersonalListCreation": false, "DisabledModernListTemplateIds": [ ], - "RestrictedAccessControl": false + "DisableSpacesActivation": false, + "DisableVivaConnectionsAnalytics": false, + "HideSyncButtonOnTeamSite": false, + "AllowGuestUserShareToUsersNotInSiteCollection": false, + "DisableOutlookPSTVersionTrimming": false, + "EnableVersionExpirationSetting": false, + "EnableAutoExpirationVersionTrim": false, + "ExpireVersionsAfterDays": 0, + "MajorVersionLimit": 500, + "StreamLaunchConfig": 0, + "MediaTranscription": 0, + "MediaTranscriptionAutomaticFeatures": 0, + "ViewInFileExplorerEnabled": false, + "AuthContextResilienceMode": 0, + "ReduceTempTokenLifetimeEnabled": false, + "ReduceTempTokenLifetimeValue": 15, + "ShowOpenInDesktopOptionForSyncedFiles": false, + "ShowPeoplePickerGroupSuggestionsForIB": false, + "EnableRestrictedAccessControl": false, + "BlockDownloadFileTypePolicy": false, + "BlockDownloadFileTypeIds": [ + + ], + "ExcludedBlockDownloadGroupIds": [ + + ], + "TlsTokenBindingPolicyValue": 0, + "LegacyBrowserAuthProtocolsEnabled": true, + "RecycleBinRetentionPeriod": 93, + "IsEnableAppAuthPopUpEnabled": false, + "IsDataAccessInCardDesignerEnabled": false, + "MassDeleteNotificationDisabled": false, + "BusinessConnectivityServiceDisabled": false, + "RansomwareProtectionEnabled": false, + "AllowSensitivityLabelOnRecords": false, + "DelayDenyAddAndCustomizePagesEnforcement": false, + "EsignatureEnabled": false, + "ESignatureSiteList": [ + + ], + "ESignatureThirdPartyProviderInfoList": [ + "\"{\\\"ProviderName\\\":\\\"DocuSign\\\",\\\"IsEnabled\\\":false}\"", + "\"{\\\"ProviderName\\\":\\\"AdobeSign\\\",\\\"IsEnabled\\\":false}\"" + ] } ], "SPO_site": [ { - "AllowDownloadingNonWebViewableFiles": false, - "AllowEditing": true, - "AllowSelfServiceUpgrade": true, - "AnonymousLinkExpirationInDays": 30, - "BlockDownloadLinksFileType": 1, - "CommentsOnSitePagesDisabled": false, + "LastContentModifiedDate": "Date(1714422719717)", + "Status": "Active", + "ArchiveStatus": "NotArchived", + "BonusDiskQuota": 0, + "ResourceUsageCurrent": 0, + "ResourceUsageAverage": 0, + "StorageUsageCurrent": 1, + "LockIssue": null, + "WebsCount": 1, "CompatibilityLevel": 15, - "ConditionalAccessPolicy": 0, - "DefaultLinkPermission": 0, - "DefaultLinkToExistingAccess": false, - "DefaultSharingLinkType": 0, - "DenyAddAndCustomizePages": 2, - "Description": "", - "DisableAppViews": 2, - "DisableCompanyWideSharingLinks": 2, - "DisableFlows": 2, "DisableSharingForNonOwnersStatus": null, - "ExternalUserExpirationInDays": 0, - "GroupId": "00000000-0000-0000-0000-000000000000", "HubSiteId": "00000000-0000-0000-0000-000000000000", - "InformationSegment": null, "IsHubSite": false, - "LastContentModifiedDate": "Date(1711475812767)", - "LimitedAccessFileType": 1, + "RelatedGroupId": "00000000-0000-0000-0000-000000000000", + "GroupId": "00000000-0000-0000-0000-000000000000", + "Url": "https://tqhjy.sharepoint.com/", "LocaleId": 1033, - "LockIssue": null, "LockState": "Unlock", - "OverrideTenantAnonymousLinkExpirationPolicy": true, - "OverrideTenantExternalUserExpirationPolicy": false, "Owner": "c64580cf-5b99-4c0a-b15b-db035c63e177", - "OwnerEmail": null, - "OwnerLoginName": "c:0t.c|tenant|c64580cf-5b99-4c0a-b15b-db035c63e177", - "OwnerName": "Global Administrator", - "ProtectionLevelName": null, - "PWAEnabled": 1, - "RelatedGroupId": "00000000-0000-0000-0000-000000000000", + "StorageQuota": 26214400, + "StorageQuotaWarningLevel": 25574400, "ResourceQuota": 300, "ResourceQuotaWarningLevel": 255, - "ResourceUsageAverage": 0, - "ResourceUsageCurrent": 0, - "RestrictedToGeo": 3, + "Template": "SITEPAGEPUBLISHING#0", + "Title": "Communication site", + "AllowSelfServiceUpgrade": true, + "DenyAddAndCustomizePages": 2, + "PWAEnabled": 1, + "SharingCapability": 0, + "SiteDefinedSharingCapability": 2, "SandboxedCodeActivationCapability": 2, - "SensitivityLabel": null, + "DisableCompanyWideSharingLinks": 2, + "DisableAppViews": 2, + "DisableFlows": 2, + "AuthenticationContextName": null, + "StorageQuotaType": null, + "RestrictedToGeo": 3, + "ShowPeoplePickerSuggestionsForGuestUsers": false, + "SharingDomainRestrictionMode": 0, "SharingAllowedDomainList": "", "SharingBlockedDomainList": "", - "SharingCapability": 0, - "SharingDomainRestrictionMode": 0, - "ShowPeoplePickerSuggestionsForGuestUsers": false, - "SiteDefinedSharingCapability": 2, + "ConditionalAccessPolicy": 0, + "AllowDownloadingNonWebViewableFiles": false, + "LimitedAccessFileType": 1, + "AllowEditing": true, + "SensitivityLabel": null, + "CommentsOnSitePagesDisabled": false, "SocialBarOnSitePagesDisabled": false, - "Status": "Active", - "StorageQuota": 26214400, - "StorageQuotaType": null, - "StorageQuotaWarningLevel": 25574400, - "StorageUsageCurrent": 1, - "Template": "SITEPAGEPUBLISHING#0", - "Title": "Communication site", - "Url": "https://tqhjy.sharepoint.com/", - "WebsCount": 1 + "DefaultSharingLinkType": 0, + "DefaultLinkPermission": 0, + "DefaultLinkToExistingAccess": false, + "AnonymousLinkExpirationInDays": 30, + "OverrideTenantAnonymousLinkExpirationPolicy": true, + "ExternalUserExpirationInDays": 0, + "OverrideTenantExternalUserExpirationPolicy": false, + "SharingLockDownEnabled": false, + "SharingLockDownCanBeCleared": true, + "InformationSegment": [ + + ], + "InformationBarriersMode": "", + "BlockDownloadLinksFileType": 1, + "OverrideBlockUserInfoVisibility": 0, + "IsTeamsConnected": false, + "IsTeamsChannelConnected": false, + "TeamsChannelType": 0, + "MediaTranscription": 0, + "ExcludedBlockDownloadGroupIds": [ + + ], + "ExcludeBlockDownloadPolicySiteOwners": false, + "ReadOnlyForBlockDownloadPolicy": false, + "ExcludeBlockDownloadSharePointGroups": [ + + ], + "BlockDownloadPolicy": false, + "LoopDefaultSharingLinkScope": -1, + "LoopDefaultSharingLinkRole": 0, + "RequestFilesLinkEnabled": false, + "RequestFilesLinkExpirationInDays": -1, + "OverrideSharingCapability": false, + "DefaultShareLinkScope": -1, + "DefaultShareLinkRole": 0, + "BlockGuestsAsSiteAdmin": 0, + "ReadOnlyForUnmanagedDevices": false, + "RestrictedAccessControl": false, + "AuthenticationContextLimitedAccess": false, + "RestrictedAccessControlGroups": [ + + ], + "ListsShowHeaderAndNavigation": false, + "EnableAutoExpirationVersionTrim": false, + "ExpireVersionsAfterDays": 0, + "MajorVersionLimit": 0 } ], - "OneDrive_PnP_Flag": true, + "OneDrive_PnP_Flag": false, "SharePoint_successful_commands": [ "Get-MgBetaOrganization", - "Get-PnPTenant", - "Get-PnPTenantSite", "Get-SPOTenant", - "Get-SPOSite" + "Get-SPOSite", + "Get-PnPTenant", + "Get-PnPTenantSite" ], "SharePoint_unsuccessful_commands": [ @@ -18726,60 +19159,56 @@ "CompanyPartnership": [ "Microsoft.Teams.ConfigAPI.Cmdlets.Generated.Models.CompanyPartnership" ], - "CompanyTags": [ - "servicescope.microsoft.com/ServiceScope=GCC", - "o365.microsoft.com/startdate=637492760673881089", - "o365.microsoft.com/version=15" - ], + "CompanyTags": null, "Country": null, "CountryAbbreviation": "US", "DefaultPoolFqdn": null, "DirSyncEnabled": true, "DisplayName": "tqhjy", - "LastSyncTimeStamp": "Date(1707351996744)", + "LastSyncTimeStamp": "Date(1714421480081)", "NameRecordingDisabled": null, "Pools": null, "PostalCode": "20528-0380", "PreferredLanguage": "en", "ProvisionedPlan": [ - "exchange", - "exchange", - "RMSOnline", - "RMSOnline", - "RMSOnline", - "Adallom", - "RMSOnline", - "RMSOnline", - "exchange", - "exchange", - "exchange", - "exchange", - "SCO", - "SharePoint", - "SharePoint", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", - "exchange", "MicrosoftCommunicationsOnline", "MicrosoftCommunicationsOnline", "MicrosoftCommunicationsOnline", - "ProjectWorkManagement", - "Adallom", - "RMSOnline", - "SCO" + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline", + "MicrosoftCommunicationsOnline" ], "ServiceInfo": "[{}]", "ServiceInstance": "MicrosoftCommunicationsOnline/GOV-1B-G6", @@ -18800,7 +19229,7 @@ }, "TeamsUpgradeEffectiveMode": "TeamsOnly", "TeamsUpgradeNotificationsEnabled": false, - "TeamsUpgradeOverridePolicy": "ProvisionedAsTeams", + "TeamsUpgradeOverridePolicy": "UpgradeToTeams", "TeamsUpgradePolicyIsReadOnly": "ModeAndNotifications", "TenantId": "ca08493a-c9c8-4db0-a9e8-d3b4bafac269", "TnmAccountId": null, @@ -18810,7 +19239,7 @@ "Microsoft.Teams.ConfigAPI.Cmdlets.Generated.Models.TenantVerifiedSipDomain", "Microsoft.Teams.ConfigAPI.Cmdlets.Generated.Models.TenantVerifiedSipDomain" ], - "WhenChanged": "Date(1692188532143)", + "WhenChanged": null, "WhenCreated": "Date(-62135596800000)", "LastProvisionTimeStamps": { "TenantSipDomains": "2023-08-16T12:21:39.4275558+00:00", @@ -18908,6 +19337,7 @@ "WatermarkForScreenSharingOpacity": 30, "WatermarkForScreenSharingPattern": "Tiled", "WatermarkForAnonymousUsers": "JoinWithAudioOnly", + "DetectSensitiveContentDuringScreenSharing": false, "AudibleRecordingNotification": "PstnOnly", "ConnectToMeetingControls": "Enabled", "Copilot": "EnabledWithTranscript", @@ -18915,7 +19345,8 @@ "VoiceIsolation": "Enabled", "ExternalMeetingJoin": "EnabledForAnyone", "ContentSharingInExternalMeetings": "EnabledForAnyone", - "AllowedUsersForMeetingContext": "InvitedUsers" + "AllowedUsersForMeetingContext": "InvitedUsers", + "SmsNotifications": "OnAllowOrganizerOverride" }, { "Identity": "Tag:Custom Policy 1", @@ -18999,6 +19430,7 @@ "WatermarkForScreenSharingOpacity": 30, "WatermarkForScreenSharingPattern": "Tiled", "WatermarkForAnonymousUsers": "JoinWithAudioOnly", + "DetectSensitiveContentDuringScreenSharing": false, "AudibleRecordingNotification": "PstnOnly", "ConnectToMeetingControls": "Enabled", "Copilot": "EnabledWithTranscript", @@ -19006,98 +19438,8 @@ "VoiceIsolation": "Enabled", "ExternalMeetingJoin": "EnabledForAnyone", "ContentSharingInExternalMeetings": "EnabledForAnyone", - "AllowedUsersForMeetingContext": "InvitedUsers" - }, - { - "Identity": "Tag:NKK-Temp", - "Description": null, - "AllowChannelMeetingScheduling": true, - "AllowMeetNow": true, - "AllowPrivateMeetNow": true, - "MeetingChatEnabledType": "Enabled", - "AllowExternalNonTrustedMeetingChat": true, - "CopyRestriction": true, - "LiveCaptionsEnabledType": "DisabledUserOverride", - "DesignatedPresenterRoleMode": "EveryoneUserOverride", - "AllowIPAudio": true, - "AllowIPVideo": true, - "AllowEngagementReport": "Enabled", - "AllowTrackingInReport": "EnabledUserOverride", - "IPAudioMode": "EnabledOutgoingIncoming", - "IPVideoMode": "EnabledOutgoingIncoming", - "AllowAnonymousUsersToDialOut": false, - "AllowAnonymousUsersToStartMeeting": false, - "AllowAnonymousUsersToJoinMeeting": true, - "BlockedAnonymousJoinClientTypes": null, - "AllowedStreamingMediaInput": null, - "ExplicitRecordingConsent": "Disabled", - "AllowLocalRecording": false, - "AutoRecording": "Enabled", - "ParticipantNameChange": "Disabled", - "AllowPrivateMeetingScheduling": true, - "AutoAdmittedUsers": "EveryoneInCompanyExcludingGuests", - "AllowCloudRecording": true, - "AllowRecordingStorageOutsideRegion": false, - "RecordingStorageMode": "OneDriveForBusiness", - "AllowOutlookAddIn": true, - "AllowPowerPointSharing": true, - "AllowParticipantGiveRequestControl": true, - "AllowExternalParticipantGiveRequestControl": false, - "AllowSharedNotes": true, - "AllowWhiteboard": true, - "AllowTranscription": false, - "AllowNetworkConfigurationSettingsLookup": false, - "MediaBitRateKb": 50000, - "ScreenSharingMode": "EntireScreen", - "VideoFiltersMode": "AllFilters", - "AllowPSTNUsersToBypassLobby": false, - "AllowOrganizersToOverrideLobbySettings": false, - "PreferredMeetingProviderForIslandsMode": "TeamsAndSfb", - "AllowNDIStreaming": false, - "SpeakerAttributionMode": "EnabledUserOverride", - "EnrollUserOverride": "Disabled", - "RoomAttributeUserOverride": "Off", - "StreamingAttendeeMode": "Disabled", - "AttendeeIdentityMasking": "DisabledUserOverride", - "AllowBreakoutRooms": true, - "TeamsCameraFarEndPTZMode": "Disabled", - "AllowMeetingReactions": true, - "AllowMeetingRegistration": true, - "WhoCanRegister": "Everyone", - "AllowScreenContentDigitization": "Enabled", - "AllowCarbonSummary": true, - "RoomPeopleNameUserOverride": "Off", - "AllowMeetingCoach": true, - "NewMeetingRecordingExpirationDays": 120, - "LiveStreamingMode": "Disabled", - "MeetingInviteLanguages": null, - "ChannelRecordingDownload": "Allow", - "AllowCartCaptionsScheduling": "DisabledUserOverride", - "AllowTasksFromTranscript": "Enabled", - "InfoShownInReportMode": "FullInformation", - "LiveInterpretationEnabledType": "DisabledUserOverride", - "QnAEngagementMode": "Enabled", - "AllowImmersiveView": true, - "AllowAvatarsInGallery": true, - "AllowAnnotations": true, - "AllowDocumentCollaboration": "Enabled", - "AllowWatermarkForScreenSharing": false, - "AllowWatermarkForCameraVideo": false, - "AllowWatermarkCustomizationForCameraVideo": true, - "WatermarkForCameraVideoOpacity": 30, - "WatermarkForCameraVideoPattern": "Tiled", - "AllowWatermarkCustomizationForScreenSharing": true, - "WatermarkForScreenSharingOpacity": 30, - "WatermarkForScreenSharingPattern": "Tiled", - "WatermarkForAnonymousUsers": "JoinWithAudioOnly", - "AudibleRecordingNotification": "PstnOnly", - "ConnectToMeetingControls": "Enabled", - "Copilot": "EnabledWithTranscript", - "AutomaticallyStartCopilot": "Disabled", - "VoiceIsolation": "Enabled", - "ExternalMeetingJoin": "EnabledForAnyone", - "ContentSharingInExternalMeetings": "EnabledForAnyone", - "AllowedUsersForMeetingContext": "InvitedUsers" + "AllowedUsersForMeetingContext": "InvitedUsers", + "SmsNotifications": "OnAllowOrganizerOverride" }, { "Identity": "Tag:AllOn", @@ -19180,7 +19522,8 @@ "AllowWatermarkCustomizationForScreenSharing": true, "WatermarkForScreenSharingOpacity": 30, "WatermarkForScreenSharingPattern": "Tiled", - "WatermarkForAnonymousUsers": "JoinWithAudioOnly", + "WatermarkForAnonymousUsers": "WatermarkWithDisplayName", + "DetectSensitiveContentDuringScreenSharing": true, "AudibleRecordingNotification": "PstnOnly", "ConnectToMeetingControls": "Enabled", "Copilot": "EnabledWithTranscript", @@ -19188,7 +19531,8 @@ "VoiceIsolation": "Enabled", "ExternalMeetingJoin": "EnabledForAnyone", "ContentSharingInExternalMeetings": "EnabledForAnyone", - "AllowedUsersForMeetingContext": "InvitedUsers" + "AllowedUsersForMeetingContext": "InvitedUsers", + "SmsNotifications": "OnAllowOrganizerOverride" }, { "Identity": "Tag:RestrictedAnonymousAccess", @@ -19271,7 +19615,8 @@ "AllowWatermarkCustomizationForScreenSharing": true, "WatermarkForScreenSharingOpacity": 30, "WatermarkForScreenSharingPattern": "Tiled", - "WatermarkForAnonymousUsers": "JoinWithAudioOnly", + "WatermarkForAnonymousUsers": "WatermarkWithDisplayName", + "DetectSensitiveContentDuringScreenSharing": true, "AudibleRecordingNotification": "PstnOnly", "ConnectToMeetingControls": "Enabled", "Copilot": "EnabledWithTranscript", @@ -19279,7 +19624,8 @@ "VoiceIsolation": "Enabled", "ExternalMeetingJoin": "EnabledForAnyone", "ContentSharingInExternalMeetings": "EnabledForAnyone", - "AllowedUsersForMeetingContext": "InvitedUsers" + "AllowedUsersForMeetingContext": "InvitedUsers", + "SmsNotifications": "OnAllowOrganizerOverride" }, { "Identity": "Tag:AllOff", @@ -19362,7 +19708,8 @@ "AllowWatermarkCustomizationForScreenSharing": true, "WatermarkForScreenSharingOpacity": 30, "WatermarkForScreenSharingPattern": "Tiled", - "WatermarkForAnonymousUsers": "JoinWithAudioOnly", + "WatermarkForAnonymousUsers": "WatermarkWithDisplayName", + "DetectSensitiveContentDuringScreenSharing": true, "AudibleRecordingNotification": "PstnOnly", "ConnectToMeetingControls": "Enabled", "Copilot": "EnabledWithTranscript", @@ -19370,7 +19717,8 @@ "VoiceIsolation": "Enabled", "ExternalMeetingJoin": "EnabledForAnyone", "ContentSharingInExternalMeetings": "EnabledForAnyone", - "AllowedUsersForMeetingContext": "InvitedUsers" + "AllowedUsersForMeetingContext": "InvitedUsers", + "SmsNotifications": "OnAllowOrganizerOverride" }, { "Identity": "Tag:RestrictedAnonymousNoRecording", @@ -19453,7 +19801,8 @@ "AllowWatermarkCustomizationForScreenSharing": true, "WatermarkForScreenSharingOpacity": 30, "WatermarkForScreenSharingPattern": "Tiled", - "WatermarkForAnonymousUsers": "JoinWithAudioOnly", + "WatermarkForAnonymousUsers": "WatermarkWithDisplayName", + "DetectSensitiveContentDuringScreenSharing": true, "AudibleRecordingNotification": "PstnOnly", "ConnectToMeetingControls": "Enabled", "Copilot": "EnabledWithTranscript", @@ -19461,7 +19810,8 @@ "VoiceIsolation": "Enabled", "ExternalMeetingJoin": "EnabledForAnyone", "ContentSharingInExternalMeetings": "EnabledForAnyone", - "AllowedUsersForMeetingContext": "InvitedUsers" + "AllowedUsersForMeetingContext": "InvitedUsers", + "SmsNotifications": "OnAllowOrganizerOverride" }, { "Identity": "Tag:Default", @@ -19544,7 +19894,8 @@ "AllowWatermarkCustomizationForScreenSharing": true, "WatermarkForScreenSharingOpacity": 30, "WatermarkForScreenSharingPattern": "Tiled", - "WatermarkForAnonymousUsers": "JoinWithAudioOnly", + "WatermarkForAnonymousUsers": "WatermarkWithDisplayName", + "DetectSensitiveContentDuringScreenSharing": true, "AudibleRecordingNotification": "PstnOnly", "ConnectToMeetingControls": "Enabled", "Copilot": "EnabledWithTranscript", @@ -19552,7 +19903,8 @@ "VoiceIsolation": "Enabled", "ExternalMeetingJoin": "EnabledForAnyone", "ContentSharingInExternalMeetings": "EnabledForAnyone", - "AllowedUsersForMeetingContext": "InvitedUsers" + "AllowedUsersForMeetingContext": "InvitedUsers", + "SmsNotifications": "OnAllowOrganizerOverride" }, { "Identity": "Tag:Kiosk", @@ -19635,7 +19987,8 @@ "AllowWatermarkCustomizationForScreenSharing": true, "WatermarkForScreenSharingOpacity": 30, "WatermarkForScreenSharingPattern": "Tiled", - "WatermarkForAnonymousUsers": "JoinWithAudioOnly", + "WatermarkForAnonymousUsers": "WatermarkWithDisplayName", + "DetectSensitiveContentDuringScreenSharing": true, "AudibleRecordingNotification": "PstnOnly", "ConnectToMeetingControls": "Enabled", "Copilot": "EnabledWithTranscript", @@ -19643,13 +19996,14 @@ "VoiceIsolation": "Enabled", "ExternalMeetingJoin": "EnabledForAnyone", "ContentSharingInExternalMeetings": "EnabledForAnyone", - "AllowedUsersForMeetingContext": "InvitedUsers" + "AllowedUsersForMeetingContext": "InvitedUsers", + "SmsNotifications": "OnAllowOrganizerOverride" } ], "federation_configuration": [ { "AllowedDomains": { - "AllowedDomain": "Domain=domains.example.com" + "AllowedDomain": "Domain=domains.r.us" }, "BlockedDomains": [ @@ -19663,6 +20017,7 @@ "SharedSipAddressSpace": false, "RestrictTeamsConsumerToExternalUserProfiles": false, "BlockAllSubdomains": false, + "ExternalAccessWithTrialTenants": "Blocked", "DataSource": null, "Key": { "ScopeClass": "Global", diff --git a/PowerShell/ScubaGear/Sample-Reports/TestResults.csv b/PowerShell/ScubaGear/Sample-Reports/TestResults.csv index ebe535de0..f3878b594 100644 --- a/PowerShell/ScubaGear/Sample-Reports/TestResults.csv +++ b/PowerShell/ScubaGear/Sample-Reports/TestResults.csv @@ -1,16 +1,17 @@ "ActualValue","Commandlet","Criticality","PolicyId","ReportDetails","RequirementMet" """""","Get-MgBetaSubscribedSku, Get-PrivilegedUser","Shall","MS.AAD.7.3v1","0 admin(s) that are not cloud-only found","True" -,"","Shall/Not-Implemented","MS.AAD.3.3v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"","Shall/Not-Implemented","MS.AAD.4.1v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"","Should/Not-Implemented","MS.AAD.2.2v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"","Should/Not-Implemented","MS.AAD.8.3v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"Get-MgBetaPolicyAuthenticationMethodPolicy","Shall","MS.AAD.3.5v1","This policy is only applicable if the tenant has their Manage Migration feature set to Migration Complete. See Secure Configuration Baseline policy for more info","False" +,"","Shall/Not-Implemented","MS.AAD.4.1v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" +,"","Should/Not-Implemented","MS.AAD.2.2v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" +,"","Should/Not-Implemented","MS.AAD.8.3v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" +,"Get-MgBetaPolicyAuthenticationMethodPolicy","Shall/Not-Implemented","MS.AAD.3.5v1","This policy is only applicable if the tenant has their Manage Migration feature set to Migration Complete. See Secure Configuration Baseline policy for more info","False" """preMigration""","Get-MgBetaPolicyAuthenticationMethodPolicy","Shall","MS.AAD.3.4v1","Requirement not met","False" +"{""AdditionalProperties"":{""@odata.type"":""#microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration"",""featureSettings"":{""companionAppAllowedState"":{""excludeTarget"":""@{id=00000000-0000-0000-0000-000000000000; targetType=group}"",""includeTarget"":""@{id=all_users; targetType=group}"",""state"":""default""},""displayAppInformationRequiredState"":{""excludeTarget"":""@{id=00000000-0000-0000-0000-000000000000; targetType=group}"",""includeTarget"":""@{id=all_users; targetType=group}"",""state"":""enabled""},""displayLocationInformationRequiredState"":{""excludeTarget"":""@{id=00000000-0000-0000-0000-000000000000; targetType=group}"",""includeTarget"":""@{id=all_users; targetType=group}"",""state"":""enabled""},""numberMatchingRequiredState"":{""excludeTarget"":""@{id=00000000-0000-0000-0000-000000000000; targetType=group}"",""includeTarget"":""@{id=all_users; targetType=group}"",""state"":""enabled""}},""includeTargets"":[{""authenticationMode"":""any"",""id"":""all_users"",""isRegistrationRequired"":false,""targetType"":""group""}],""includeTargets@odata.context"":""https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations(\u0027MicrosoftAuthenticator\u0027)/microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration/includeTargets"",""isSoftwareOathEnabled"":false},""ExcludeTargets"":[],""Id"":""MicrosoftAuthenticator"",""State"":""enabled""}","Get-MgBetaPolicyAuthenticationMethodPolicy","Shall","MS.AAD.3.3v1","Requirement met","True" "{""all_admin_consent_policies"":[{""Name"":""EnableAdminConsentRequests"",""SettingsGroup"":""Consent Policy Settings"",""Value"":""false""}]}","Get-MgBetaDirectorySetting","Shall","MS.AAD.5.3v1","Requirement not met","False" "{""all_allow_invite_values"":[{""AllowInvitesFromValue"":""adminsAndGuestInviters"",""PolicyId"":""authorizationPolicy""}]}","Get-MgBetaPolicyAuthorizationPolicy","Should","MS.AAD.8.2v1","Permission level set to ""adminsAndGuestInviters"" (authorizationPolicy)","True" "{""all_allowed_create_values"":[{""DefaultUser_AllowedToCreateApps"":false,""PolicyId"":""authorizationPolicy""}]}","Get-MgBetaPolicyAuthorizationPolicy","Shall","MS.AAD.5.1v1","0 authorization policies found that allow non-admin users to register third-party applications","True" "{""all_grant_policy_values"":[{""DefaultUser_DefaultGrantPolicy"":[""ManagePermissionGrantsForOwnedResource.microsoft-dynamically-managed-permissions-for-chat"",""ManagePermissionGrantsForOwnedResource.microsoft-dynamically-managed-permissions-for-team"",""ManagePermissionGrantsForSelf.microsoft-user-default-legacy""],""PolicyId"":""authorizationPolicy""}]}","Get-MgBetaPolicyAuthorizationPolicy","Shall","MS.AAD.5.2v1","1 authorization policies found that allow non-admin users to consent to third-party applications:
authorizationPolicy","False" "{""all_roleid_values"":[{""GuestUserRoleId"":""10dae51f-b6af-4016-8d66-8c2a99b929b3"",""GuestUserRoleIdString"":""Limited access"",""Id"":""authorizationPolicy""}]}","Get-MgBetaPolicyAuthorizationPolicy","Should","MS.AAD.8.1v1","Permission level set to ""Limited access"" (authorizationPolicy)","True" +,"Get-MgBetaDirectorySetting","Shall","MS.AAD.5.4v1","Requirement not met","False" ,"Get-MgBetaIdentityConditionalAccessPolicy","Shall","MS.AAD.3.1v1","0 conditional access policy(s) found that meet(s) all requirements. View all CA policies.","False" ,"Get-MgBetaIdentityConditionalAccessPolicy","Shall","MS.AAD.3.6v1","0 conditional access policy(s) found that meet(s) all requirements. View all CA policies.","False" ,"Get-MgBetaIdentityConditionalAccessPolicy","Should","MS.AAD.3.7v1","0 conditional access policy(s) found that meet(s) all requirements. View all CA policies.","False" @@ -18,8 +19,8 @@ ,"Get-MgBetaSubscribedSku, Get-PrivilegedRole","Shall","MS.AAD.7.8v1","0 role(s) or group(s) without notification e-mail configured for Global Administrator activations found","True" "[""Application Administrator"",""Exchange Administrator"",""Global Administrator"",""Privileged Role Administrator"",""SharePoint Administrator"",""User Administrator""]","Get-MgBetaSubscribedSku, Get-PrivilegedRole","Shall","MS.AAD.7.4v1","6 role(s) that contain users with permanent active assignment:
Application Administrator, Exchange Administrator, Global Administrator, Privileged Role Administrator, SharePoint Administrator, User Administrator","False" "[""Application Administrator"",""Global Administrator"",""Privileged Role Administrator"",""User Administrator""]","Get-MgBetaSubscribedSku, Get-PrivilegedRole","Shall","MS.AAD.7.5v1","4 role(s) assigned to users outside of PIM:
Application Administrator, Global Administrator, Privileged Role Administrator, User Administrator","False" -"[""Cloud Application Administrator(Directory Role)"",""Exchange Administrator(Directory Role)"",""Global Administrator(Directory Role)"",""Hybrid Identity Administrator(Directory Role)"",""PIM Test Group(PIM Group)"",""Privileged Role Administrator(Directory Role)"",""SharePoint Administrator(Directory Role)""]","Get-MgBetaSubscribedSku, Get-PrivilegedRole","Shall","MS.AAD.7.7v1","7 role(s) or group(s) without notification e-mail configured for role assignments found:
Cloud Application Administrator(Directory Role), Exchange Administrator(Directory Role), Global Administrator(Directory Role), Hybrid Identity Administrator(Directory Role), PIM Test Group(PIM Group), Privileged Role Administrator(Directory Role), SharePoint Administrator(Directory Role)","False" -"[""Cloud Application Administrator(Directory Role)"",""Exchange Administrator(Directory Role)"",""Hybrid Identity Administrator(Directory Role)"",""PIM Test Group(PIM Group)"",""Privileged Role Administrator(Directory Role)"",""SharePoint Administrator(Directory Role)""]","Get-MgBetaSubscribedSku, Get-PrivilegedRole","Should","MS.AAD.7.9v1","6 role(s) or group(s) without notification e-mail configured for role activations found:
Cloud Application Administrator(Directory Role), Exchange Administrator(Directory Role), Hybrid Identity Administrator(Directory Role), PIM Test Group(PIM Group), Privileged Role Administrator(Directory Role), SharePoint Administrator(Directory Role)","False" +"[""Cloud Application Administrator(Directory Role)"",""Exchange Administrator(Directory Role)"",""Global Administrator(Directory Role)"",""Hybrid Identity Administrator(Directory Role)"",""Privileged Role Administrator(Directory Role)"",""SharePoint Administrator(Directory Role)""]","Get-MgBetaSubscribedSku, Get-PrivilegedRole","Shall","MS.AAD.7.7v1","6 role(s) or group(s) without notification e-mail configured for role assignments found:
Cloud Application Administrator(Directory Role), Exchange Administrator(Directory Role), Global Administrator(Directory Role), Hybrid Identity Administrator(Directory Role), Privileged Role Administrator(Directory Role), SharePoint Administrator(Directory Role)","False" +"[""Cloud Application Administrator(Directory Role)"",""Exchange Administrator(Directory Role)"",""Hybrid Identity Administrator(Directory Role)"",""Privileged Role Administrator(Directory Role)"",""SharePoint Administrator(Directory Role)""]","Get-MgBetaSubscribedSku, Get-PrivilegedRole","Should","MS.AAD.7.9v1","5 role(s) or group(s) without notification e-mail configured for role activations found:
Cloud Application Administrator(Directory Role), Exchange Administrator(Directory Role), Hybrid Identity Administrator(Directory Role), Privileged Role Administrator(Directory Role), SharePoint Administrator(Directory Role)","False" """Global Administrator(Directory Role)""","Get-MgBetaSubscribedSku, Get-PrivilegedRole","Shall","MS.AAD.7.6v1","1 role(s) or group(s) allowing activation without approval found:
Global Administrator(Directory Role)","False" "[""Jane Doe"",""John Public""]","Get-MgBetaSubscribedSku, Get-PrivilegedUser","Shall","MS.AAD.7.1v1","2 global admin(s) found:
Jane Doe, John Public","True" "[""Jane Doe"",""John Public""]","Get-MgBetaSubscribedSku, Get-PrivilegedUser","Shall","MS.AAD.7.2v1","Requirement not met: Least Privilege Score = 2 (should be 1 or less)","False" @@ -27,19 +28,18 @@ """MS.AAD.2.1v1 Users detected as high risk SHALL be blocked""","Get-MgBetaIdentityConditionalAccessPolicy","Shall","MS.AAD.2.1v1","1 conditional access policy(s) found that meet(s) all requirements:
MS.AAD.2.1v1 Users detected as high risk SHALL be blocked. View all CA policies.","True" """MS.AAD.2.3v1 Sign-ins detected as high risk SHALL be blocked""","Get-MgBetaIdentityConditionalAccessPolicy","Shall","MS.AAD.2.3v1","1 conditional access policy(s) found that meet(s) all requirements:
MS.AAD.2.3v1 Sign-ins detected as high risk SHALL be blocked. View all CA policies.","True" """MS.AAD.3.2v1 If phishing-resistant MFA has not been enforced, an alternative MFA method SHALL be enforced for all users""","Get-MgBetaIdentityConditionalAccessPolicy","Shall","MS.AAD.3.2v1","1 conditional access policy(s) found that meet(s) all requirements:
MS.AAD.3.2v1 If phishing-resistant MFA has not been enforced, an alternative MFA method SHALL be enforced for all users. View all CA policies.","True" -"{""Name"":""EnableGroupSpecificConsent"",""SettingsGroup"":""Consent Policy Settings"",""Value"":""false""}","Get-MgBetaDirectorySetting","Shall","MS.AAD.5.4v1","Requirement met","True" "[{""value"":[],""Count"":0},{""value"":[""tqhjy.onmicrosoft.com""],""Count"":1}]","Get-MgBetaDomain","Shall","MS.AAD.6.1v1","Requirement met","True" -,"","Shall/Not-Implemented","MS.DEFENDER.6.2v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"","Shall/Not-Implemented","MS.DEFENDER.6.3v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"","Should/Not-Implemented","MS.DEFENDER.4.5v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"","Should/Not-Implemented","MS.DEFENDER.4.6v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"","Should/Not-Implemented","MS.DEFENDER.5.2v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -"[{""Accounts"":[],""Action"":"""",""Name"":""Strict Preset Security Policy""},{""Accounts"":[],""Action"":"""",""Name"":""Standard Preset Security Policy""}]","Get-AntiPhishPolicy","Should","MS.DEFENDER.2.1v1","Not all sensitive users are included for targeted protection in Strict or Standard policy.","False" +,"","Shall/Not-Implemented","MS.DEFENDER.6.2v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" +,"","Shall/Not-Implemented","MS.DEFENDER.6.3v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" +,"","Should/Not-Implemented","MS.DEFENDER.4.5v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" +,"","Should/Not-Implemented","MS.DEFENDER.4.6v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" +,"","Should/Not-Implemented","MS.DEFENDER.5.2v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" "[{""Accounts"":[],""Action"":"""",""Name"":""Strict Preset Security Policy""},{""Accounts"":[],""Action"":"""",""Name"":""Standard Preset Security Policy""}]","Get-AntiPhishPolicy","Should","MS.DEFENDER.2.2v1","Not all agency domains are included for targeted protection in Strict or Standard policy.","False" "[{""Accounts"":[],""Action"":"""",""Name"":""Strict Preset Security Policy""},{""Accounts"":[],""Action"":"""",""Name"":""Standard Preset Security Policy""}]","Get-AntiPhishPolicy","Should","MS.DEFENDER.2.3v1","Not all partner domains are included for targeted protection in Strict or Standard policy.","False" +"[{""Accounts"":[],""Action"":""Quarantine"",""Name"":""Strict Preset Security Policy1681329955447""},{""Accounts"":[],""Action"":""Quarantine"",""Name"":""Standard Preset Security Policy1659535429826""}]","Get-AntiPhishPolicy","Should","MS.DEFENDER.2.1v1","Requirement met","True" "{""ATPProtectionPolicies"":false}","Get-ATPProtectionPolicyRule","Shall","MS.DEFENDER.1.5v1","Requirement not met","False" -"{""Credit_Card"":[""CreditCardsOnly"",""Baseline Rule"",""Missing_ITIN_Has_UKPassports""],""ITIN"":[""Baseline Rule""],""SSN"":[""Baseline Rule"",""Missing_ITIN_Has_UKPassports""]}","Get-DlpComplianceRule","Shall","MS.DEFENDER.4.1v1","Requirement met","True" -"{""Devices"":[],""Exchange"":[{""Locations"":[""All""],""Name"":""Default Office 365 DLP policy"",""Workload"":""Exchange, SharePoint, OneDriveForBusiness, Teams, OnPremisesScanner""}],""OneDrive"":[{""Locations"":[""All""],""Name"":""Default Office 365 DLP policy"",""Workload"":""Exchange, SharePoint, OneDriveForBusiness, Teams, OnPremisesScanner""}],""SharePoint"":[{""Locations"":[""All""],""Name"":""Default Office 365 DLP policy"",""Workload"":""Exchange, SharePoint, OneDriveForBusiness, Teams, OnPremisesScanner""}],""Teams"":[{""Locations"":[""All""],""Name"":""Default Office 365 DLP policy"",""Workload"":""Exchange, SharePoint, OneDriveForBusiness, Teams, OnPremisesScanner""}]}","Get-DLPCompliancePolicy","Should","MS.DEFENDER.4.2v1","No enabled policy found that applies to: Devices","False" +"{""Credit_Card"":[""Baseline Rule""],""ITIN"":[""Baseline Rule""],""SSN"":[""Baseline Rule""]}","Get-DlpComplianceRule","Shall","MS.DEFENDER.4.1v1","Requirement met","True" +"{""Devices"":[],""Exchange"":[{""Locations"":[""All""],""Name"":""Default Office 365 DLP policy"",""Workload"":""Exchange, SharePoint, OneDriveForBusiness, Teams, OnPremisesScanner""}],""OneDrive"":[{""Locations"":[""All""],""Name"":""Default Office 365 DLP policy"",""Workload"":""Exchange, SharePoint, OneDriveForBusiness, Teams, OnPremisesScanner""}],""SharePoint"":[{""Locations"":[""All""],""Name"":""Default Office 365 DLP policy"",""Workload"":""Exchange, SharePoint, OneDriveForBusiness, Teams, OnPremisesScanner""}],""Teams"":[{""Locations"":[""All""],""Name"":""Default Office 365 DLP policy"",""Workload"":""Exchange, SharePoint, OneDriveForBusiness, Teams, OnPremisesScanner""}]}","Get-DLPCompliancePolicy","Should","MS.DEFENDER.4.2v1","DLP custom policy applied to the following locations: Exchange, OneDrive, SharePoint, Teams. Custom policy protecting sensitive info types NOT applied to: Devices. Devices location requires DLP for Endpoint licensing and at least one registered device. For full policy details, see the ActualValue field in the results file: ./TestResults.json","False" "{""EOPProtectionPolicies"":false}","Get-EOPProtectionPolicyRule","Shall","MS.DEFENDER.1.4v1","Requirement not met","False" "{""StandardPresetState"":true,""StrictPresetState"":true}","Get-EOPProtectionPolicyRule, Get-ATPProtectionPolicyRule","Shall","MS.DEFENDER.1.1v1","Requirement met","True" "{""StandardSetToAll"":true,""StrictSetToAll"":false}","Get-ATPProtectionPolicyRule","Shall","MS.DEFENDER.1.3v1","Requirement met","True" @@ -49,36 +49,36 @@ ,"Get-DlpComplianceRule","Should","MS.DEFENDER.4.4v1","Requirement met","True" ,"Get-ProtectionAlert","Shall","MS.DEFENDER.5.1v1","Requirement met","True" "{""EnableATPForSPOTeamsODB"":true,""Identity"":""Default""}","Get-AtpPolicyForO365","Should","MS.DEFENDER.3.1v1","Requirement met","True" -,"","Shall/3rd Party","MS.EXO.10.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.10.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.14.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.14.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.14.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.16.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.17.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.17.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.17.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.8.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.8.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.9.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.EXO.9.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/Not-Implemented","MS.EXO.2.1v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"","Should/3rd Party","MS.EXO.10.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.EXO.11.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.EXO.11.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.EXO.11.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.EXO.15.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.EXO.15.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.EXO.15.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.EXO.16.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.EXO.9.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -"""NotInOrganization""","Get-TransportRule","Shall","MS.EXO.7.1v1","Requirement met","True" -"[{""value"":[{""domain"":""tqhjy.onmicrosoft.com"",""log"":[""@{query_method=traditional; query_name=selector1._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned NXDomain}"",""@{query_method=traditional; query_name=selector2._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned NXDomain}"",""@{query_method=traditional; query_name=selector1-example-mail-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned NXDomain}"",""@{query_method=traditional; query_name=selector2-example-mail-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned NXDomain}""],""rdata"":[]}],""Count"":1},{""value"":[{""AdminDisplayName"":"""",""Algorithm"":""RsaSHA256"",""BodyCanonicalization"":""Relaxed"",""DistinguishedName"":""CN=tqhjy.onmicrosoft.com,CN=Dkim Signing config,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""Domain"":""tqhjy.onmicrosoft.com"",""Enabled"":true,""ExchangeObjectId"":""ea1866b3-b7fa-4dbe-b9c9-48087391a536"",""ExchangeVersion"":""0.20 (15.0.0.0)"",""Guid"":""476371c0-bf15-4101-84a7-a3a03b4266f1"",""HeaderCanonicalization"":""Relaxed"",""Id"":""tqhjy.onmicrosoft.com"",""Identity"":""tqhjy.onmicrosoft.com"",""IncludeKeyExpiration"":false,""IncludeSignatureCreationTime"":true,""IsDefault"":true,""IsValid"":true,""KeyCreationTime"":""Date(1653603718610)"",""LastChecked"":""Date(1653603718610)"",""Name"":""tqhjy.onmicrosoft.com"",""NumberOfBytesToSign"":""All"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Hosted-Content-Filter-Config"",""ObjectClass"":[""top"",""msExchHostedContentFilterConfig""],""ObjectState"":""Unchanged"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM"",""RotateOnDate"":""Date(1653949318610)"",""Selector1CNAME"":""selector1-tqhjy-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com"",""Selector1KeySize"":2048,""Selector1PublicKey"":""v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/z5b0VYtWAnksnJLIo1HiKP5j0sTa93y6eIe7eRn3EfCMfnw4f0Ew6wmX/2NIsszvF0XG0mkdffCVsUa5WnzDvfhR5fkSMqGI/I4JaR+b8qHdNToVesTbk/kFv+j41TcxWgJw1j4Xeo6URJG6qx1ujh6zshr21/frskm/tq7Qlp7LpQn1uiHDO2g1If9tlvKRxOzxMV8ldzIjU4MKsLlUDLIj/LjezemQXiPsZqrMOe0Kqs3Tusv6IoWKaQpiiooIhsH+0fI2JXyjJu7623jOIAuDtl7YHdR6cC7umMq44tAgEL9Uf8IHv02FoM0B3nSIzs9ier9X4E0/exampleQIDAQAB;"",""Selector2CNAME"":""selector2-tqhjy-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com"",""Selector2KeySize"":2048,""Selector2PublicKey"":""v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVK8DFIgYjps1Ckt4UjOQiBMqpb9G1WiwIci61Amx0sQzZTD8xb8rRSboEm89e5WRChcpZe7FN7XveJtbWYHmp4+e4niN5wGHaDt7NoCdTQ6dgRdyPa0d4Yf8si1uYYu7iC4LkQMI/zSLAQAQWEEHKqqJPHoAAbyKEuj8vynlWGsCAaprqOjyPqciy4YfcYd5ZISmpY5yJ/FNIrc2FeZjSPb65XzYMtgTbP9xC7lK6kGnBJDKqHaccXhVyvkl39AX4VkMzuVTlZbr120T+zMFDLNCJeNMBabl8JcrL0OYRule+75C3bPO4u/cZ1TmAGknX7apzvavEK2ByexampleQIDAQAB;"",""SelectorAfterRotateOnDate"":""selector2"",""SelectorBeforeRotateOnDate"":""selector1"",""Status"":""Valid"",""WhenChanged"":""Date(1653603732000)"",""WhenChangedUTC"":""Date(1653603732000)"",""WhenCreated"":""Date(1619484596000)"",""WhenCreatedUTC"":""Date(1619484596000)""}],""Count"":1}]","Get-DkimSigningConfig, Get-ScubaDkimRecord, Get-AcceptedDomain","Should","MS.EXO.3.1v1","1 agency domain(s) found in violation: tqhjy.onmicrosoft.com","False" -"{""AddressBookPolicyRoutingEnabled"":false,""AdminDisplayName"":"""",""AgentGeneratedMessageLoopDetectionInSmtpEnabled"":true,""AgentGeneratedMessageLoopDetectionInSubmissionEnabled"":true,""AllowLegacyTLSClients"":null,""AnonymousSenderToRecipientRatePerHour"":1800,""AttributionRejectBeforeMServRequest"":false,""AttributionRejectConsumerMessages"":false,""ClearCategories"":true,""ConvertDisclaimerWrapperToEml"":false,""ConvertReportToMessage"":false,""DSNConversionMode"":""PreserveDSNBody"",""DiagnosticsAggregationServicePort"":9710,""DistinguishedName"":""CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""EnableExternalHTTPMailDelivery"":false,""ExchangeObjectId"":""7ef195bd-4f88-46bc-97e6-db6c7665321b"",""ExchangeVersion"":""0.1 (8.0.535.0)"",""ExternalDelayDsnEnabled"":true,""ExternalDsnDefaultLanguage"":null,""ExternalDsnLanguageDetectionEnabled"":true,""ExternalDsnMaxMessageAttachSize"":""10 MB (10,485,760 bytes)"",""ExternalDsnReportingAuthority"":null,""ExternalDsnSendHtml"":true,""ExternalPostmasterAddress"":null,""GenerateCopyOfDSNFor"":[],""Guid"":""01d25010-40a8-4d0a-9419-fb1d775b4d16"",""HeaderPromotionModeSetting"":""NoCreate"",""HygieneSuite"":""Premium"",""Id"":""Transport Settings"",""Identity"":""Transport Settings"",""InternalDelayDsnEnabled"":true,""InternalDsnDefaultLanguage"":null,""InternalDsnLanguageDetectionEnabled"":true,""InternalDsnMaxMessageAttachSize"":""10 MB (10,485,760 bytes)"",""InternalDsnReportingAuthority"":null,""InternalDsnSendHtml"":true,""InternalSMTPServers"":[],""IsValid"":true,""JournalArchivingEnabled"":false,""JournalMessageExpirationDays"":0,""JournalReportDLMemberSubstitutionEnabled"":false,""JournalingReportNdrTo"":""\u003c\u003e"",""LegacyArchiveJournalingEnabled"":false,""LegacyArchiveLiveJournalingEnabled"":false,""LegacyJournalingMigrationEnabled"":false,""MaxAllowedAgentGeneratedMessageDepth"":3,""MaxAllowedAgentGeneratedMessageDepthPerAgent"":2,""MaxDumpsterSizePerDatabase"":""18 MB (18,874,368 bytes)"",""MaxDumpsterTime"":""7.00:00:00"",""MaxReceiveSize"":""Unlimited"",""MaxRecipientEnvelopeLimit"":""Unlimited"",""MaxSendSize"":""Unlimited"",""MessageExpiration"":""1.00:00:00"",""MigrationEnabled"":true,""Name"":""Transport Settings"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Transport-Settings"",""ObjectClass"":[""top"",""container"",""msExchTransportSettings""],""ObjectState"":""Unchanged"",""OpenDomainRoutingEnabled"":false,""OrganizationFederatedMailbox"":""FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042@tqhjy.onmicrosoft.com"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM"",""OtherWellKnownObjects"":[],""PreserveReportBodypart"":true,""QueueDiagnosticsAggregationInterval"":""00:01:00"",""RedirectDLMessagesForLegacyArchiveJournaling"":false,""RedirectUnprovisionedUserMessagesForLegacyArchiveJournaling"":false,""ReplyAllStormBlockDurationHours"":6,""ReplyAllStormDetectionMinimumRecipients"":2500,""ReplyAllStormDetectionMinimumReplies"":10,""ReplyAllStormProtectionEnabled"":true,""Rfc2231EncodingEnabled"":false,""SafetyNetHoldTime"":""7.00:00:00"",""SmtpClientAuthenticationDisabled"":true,""SupervisionTags"":[""Reject"",""Allow""],""TLSReceiveDomainSecureList"":[],""TLSSendDomainSecureList"":[],""TransportRuleAttachmentTextScanLimit"":""1 MB (1,048,576 bytes)"",""TransportRuleCollectionAddedRecipientsLimit"":100,""TransportRuleCollectionRegexCharsLimit"":""20 KB (20,480 bytes)"",""TransportRuleConfig"":[""TransportRuleMinProductVersion:14.0.0.0"",""TransportRuleRegexValidationTimeout:00:00:00.3000000"",""TransportRuleAttachmentTextScanLimit:1 MB (1,048,576 bytes)"",""TransportRuleSizeLimit:8 KB (8,192 bytes)"",""TransportRuleCollectionRegexCharsLimit:20 KB (20,480 bytes)"",""TransportRuleLimit:300"",""TransportRuleCollectionAddedRecipientsLimit:100""],""TransportRuleLimit"":300,""TransportRuleMinProductVersion"":{""Build"":0,""Major"":14,""MajorRevision"":0,""Minor"":0,""MinorRevision"":0,""Revision"":0},""TransportRuleRegexValidationTimeout"":""00:00:00.3000000"",""TransportRuleSizeLimit"":""8 KB (8,192 bytes)"",""VerifySecureSubmitEnabled"":false,""VoicemailJournalingEnabled"":true,""WhenChanged"":""Date(1712118761000)"",""WhenChangedUTC"":""Date(1712118761000)"",""WhenCreated"":""Date(1619484398000)"",""WhenCreatedUTC"":""Date(1619484398000)"",""Xexch50Enabled"":true}","Get-TransportConfig","Shall","MS.EXO.5.1v1","Requirement met","True" -"{""AdminDisplayName"":"""",""Default"":true,""DistinguishedName"":""CN=Default Sharing Policy,CN=Federation,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""Domains"":[""Anonymous:0""],""Enabled"":false,""ExchangeObjectId"":""2d52a1ae-4c17-42e0-925e-919b2bf68a18"",""ExchangeVersion"":""0.10 (14.0.100.0)"",""Guid"":""137df5c0-4fe4-49bb-923c-e2bdfd89f448"",""Id"":""Default Sharing Policy"",""Identity"":""Default Sharing Policy"",""IsValid"":true,""Name"":""Default Sharing Policy"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Sharing-Policy"",""ObjectClass"":[""top"",""msExchSharingPolicy""],""ObjectState"":""Changed"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM"",""WhenChanged"":""Date(1691164284000)"",""WhenChangedUTC"":""Date(1691164284000)"",""WhenCreated"":""Date(1619484547000)"",""WhenCreatedUTC"":""Date(1619484547000)""}","Get-SharingPolicy","Shall","MS.EXO.6.1v1","Requirement met","True" -"{""AdminDisplayName"":"""",""Default"":true,""DistinguishedName"":""CN=Default Sharing Policy,CN=Federation,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""Domains"":[""Anonymous:0""],""Enabled"":false,""ExchangeObjectId"":""2d52a1ae-4c17-42e0-925e-919b2bf68a18"",""ExchangeVersion"":""0.10 (14.0.100.0)"",""Guid"":""137df5c0-4fe4-49bb-923c-e2bdfd89f448"",""Id"":""Default Sharing Policy"",""Identity"":""Default Sharing Policy"",""IsValid"":true,""Name"":""Default Sharing Policy"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Sharing-Policy"",""ObjectClass"":[""top"",""msExchSharingPolicy""],""ObjectState"":""Changed"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM"",""WhenChanged"":""Date(1691164284000)"",""WhenChangedUTC"":""Date(1691164284000)"",""WhenCreated"":""Date(1619484547000)"",""WhenCreatedUTC"":""Date(1619484547000)""}","Get-SharingPolicy","Shall","MS.EXO.6.2v1","Requirement met","True" -"{""AdminDisplayName"":"""",""DirectoryBasedEdgeBlockMode"":""Default"",""DistinguishedName"":""CN=Default,CN=Hosted Connection Filter,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""EnableSafeList"":false,""ExchangeObjectId"":""7021b7cf-b9fa-4280-94ff-fba468dbb0ab"",""ExchangeVersion"":""0.20 (15.0.0.0)"",""Guid"":""ddb99cb3-211b-47ee-bc9c-86e6c8d0e692"",""IPAllowList"":[],""IPBlockList"":[],""Id"":""Default"",""Identity"":""Default"",""IsDefault"":true,""IsValid"":true,""Name"":""Default"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Hosted-Connection-Filter-Policy"",""ObjectClass"":[""top"",""msExchHostedConnectionFilterPolicy""],""ObjectState"":""Unchanged"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM"",""WhenChanged"":""Date(1712119159000)"",""WhenChangedUTC"":""Date(1712119159000)"",""WhenCreated"":""Date(1619484586000)"",""WhenCreatedUTC"":""Date(1619484586000)""}","Get-HostedConnectionFilterPolicy","Should","MS.EXO.12.1v1","Requirement met","True" -"{""AdminDisplayName"":"""",""DirectoryBasedEdgeBlockMode"":""Default"",""DistinguishedName"":""CN=Default,CN=Hosted Connection Filter,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""EnableSafeList"":false,""ExchangeObjectId"":""7021b7cf-b9fa-4280-94ff-fba468dbb0ab"",""ExchangeVersion"":""0.20 (15.0.0.0)"",""Guid"":""ddb99cb3-211b-47ee-bc9c-86e6c8d0e692"",""IPAllowList"":[],""IPBlockList"":[],""Id"":""Default"",""Identity"":""Default"",""IsDefault"":true,""IsValid"":true,""Name"":""Default"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Hosted-Connection-Filter-Policy"",""ObjectClass"":[""top"",""msExchHostedConnectionFilterPolicy""],""ObjectState"":""Unchanged"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM"",""WhenChanged"":""Date(1712119159000)"",""WhenChangedUTC"":""Date(1712119159000)"",""WhenCreated"":""Date(1619484586000)"",""WhenCreatedUTC"":""Date(1619484586000)""}","Get-HostedConnectionFilterPolicy","Should","MS.EXO.12.2v1","Requirement met","True" +,"","Shall/3rd Party","MS.EXO.10.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.10.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.14.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.14.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.14.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.16.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.17.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.17.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.17.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.8.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.8.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.9.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.EXO.9.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/Not-Implemented","MS.EXO.2.1v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" +,"","Should/3rd Party","MS.EXO.10.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.EXO.11.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.EXO.11.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.EXO.11.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.EXO.15.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.EXO.15.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.EXO.15.3v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.EXO.16.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.EXO.9.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +"[""NotInOrganization"",""NotInOrganization""]","Get-TransportRule","Shall","MS.EXO.7.1v1","Requirement met","True" +"[{""value"":[{""domain"":""tqhjy.onmicrosoft.com"",""log"":[""@{query_method=traditional; query_name=selector1._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned NXDomain}"",""@{query_method=traditional; query_name=selector2._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned NXDomain}"",""@{query_method=traditional; query_name=selector1-tqhjy-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned 2 txt records}""],""rdata"":[]}],""Count"":1},{""value"":[{""AdminDisplayName"":"""",""Algorithm"":""RsaSHA256"",""BodyCanonicalization"":""Relaxed"",""DistinguishedName"":""CN=tqhjy.onmicrosoft.com,CN=Dkim Signing config,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""Domain"":""tqhjy.onmicrosoft.com"",""Enabled"":true,""ExchangeObjectId"":""ea1866b3-b7fa-4dbe-b9c9-48087391a536"",""ExchangeVersion"":""0.20 (15.0.0.0)"",""Guid"":""476371c0-bf15-4101-84a7-a3a03b4266f1"",""HeaderCanonicalization"":""Relaxed"",""Id"":""tqhjy.onmicrosoft.com"",""Identity"":""tqhjy.onmicrosoft.com"",""IncludeKeyExpiration"":false,""IncludeSignatureCreationTime"":true,""IsDefault"":true,""IsValid"":true,""KeyCreationTime"":""Date(1653603718610)"",""LastChecked"":""Date(1653603718610)"",""Name"":""tqhjy.onmicrosoft.com"",""NumberOfBytesToSign"":""All"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Hosted-Content-Filter-Config"",""ObjectClass"":[""top"",""msExchHostedContentFilterConfig""],""ObjectState"":""Unchanged"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM"",""RotateOnDate"":""Date(1653949318610)"",""Selector1CNAME"":""selector1-tqhjy-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com"",""Selector1KeySize"":2048,""Selector1PublicKey"":""v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohoPDhGToRO8y7acaWL2w15wsCmwabxgTwODro2c1BeRYXfnUMStICo3w4ZrYDtGZDSA7hm0x7OHujF1CoQnXiBmrQ154wtomPyx3Op/VC6+b9di4z15XBvhXh/fLBUdEJ6wsybMLmQ+WPQA6vsM3UN5Cv5rl2SylFoM//eLmw5R6NmMIj3GQg9b+vQl2cKNXqII2gZrB07P6xt2wW1VA/LPjdRFUEys9YzBgOqM53VaODWDXDIvUH/nPRVAtOEsV19u66jyzZnzcz9a7ATxizix7DnySzI3koVlOGi/+dLx8FYIAZ/75wkH1O/gH8/n4C66uwRm/example+QIDAQAB;"",""Selector2CNAME"":""selector2-tqhjy-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com"",""Selector2KeySize"":2048,""Selector2PublicKey"":""v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0N9/MWtBA7REPZSGKz9hfYIgF5jm5uri7RVSkaptlnvK0AI6jmJ4TvZ4beFzrfJDh6cIt5gX0UqnTzF9/0UZeyfRuUQAUew/sXU8FZXEnt+Bxr9k8PkAaqr2ksYhY/n46DxrWu1X/Cz7tye5FBnsTbyI6PnaBCfcgzwFnULaojUtdqSQGF7dt4HcyZGnUX1YLNwhp4Lyi9g1bZF6EdNMYHuKXFIsRo5qmEMagIsi557jGlGNTqTKJ9aZWGiCgjFJ14mTUN/itKXb5RqBAfG9KeZQXk6hWGTe7H9lVOshMZgV4t0FyaisrGg5GselbKZukxcA8xsOndexampleAQIDAQAB;"",""SelectorAfterRotateOnDate"":""selector2"",""SelectorBeforeRotateOnDate"":""selector1"",""Status"":""Valid"",""WhenChanged"":""Date(1653603732000)"",""WhenChangedUTC"":""Date(1653603732000)"",""WhenCreated"":""Date(1619484596000)"",""WhenCreatedUTC"":""Date(1619484596000)""}],""Count"":1}]","Get-DkimSigningConfig, Get-ScubaDkimRecord, Get-AcceptedDomain","Should","MS.EXO.3.1v1","1 agency domain(s) found in violation: tqhjy.onmicrosoft.com","False" +"{""AddressBookPolicyRoutingEnabled"":false,""AdminDisplayName"":"""",""AgentGeneratedMessageLoopDetectionInSmtpEnabled"":true,""AgentGeneratedMessageLoopDetectionInSubmissionEnabled"":true,""AllowLegacyTLSClients"":null,""AnonymousSenderToRecipientRatePerHour"":1800,""AttributionRejectBeforeMServRequest"":false,""AttributionRejectConsumerMessages"":false,""ClearCategories"":true,""ConvertDisclaimerWrapperToEml"":false,""ConvertReportToMessage"":false,""DSNConversionMode"":""PreserveDSNBody"",""DiagnosticsAggregationServicePort"":9710,""DistinguishedName"":""CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""EnableExternalHTTPMailDelivery"":false,""ExchangeObjectId"":""7ef195bd-4f88-46bc-97e6-db6c7665321b"",""ExchangeVersion"":""0.1 (8.0.535.0)"",""ExternalDelayDsnEnabled"":true,""ExternalDsnDefaultLanguage"":null,""ExternalDsnLanguageDetectionEnabled"":true,""ExternalDsnMaxMessageAttachSize"":""10 MB (10,485,760 bytes)"",""ExternalDsnReportingAuthority"":null,""ExternalDsnSendHtml"":true,""ExternalPostmasterAddress"":null,""GenerateCopyOfDSNFor"":[],""Guid"":""01d25010-40a8-4d0a-9419-fb1d775b4d16"",""HeaderPromotionModeSetting"":""NoCreate"",""HygieneSuite"":""Premium"",""Id"":""Transport Settings"",""Identity"":""Transport Settings"",""InternalDelayDsnEnabled"":true,""InternalDsnDefaultLanguage"":null,""InternalDsnLanguageDetectionEnabled"":true,""InternalDsnMaxMessageAttachSize"":""10 MB (10,485,760 bytes)"",""InternalDsnReportingAuthority"":null,""InternalDsnSendHtml"":true,""InternalSMTPServers"":[],""IsValid"":true,""JournalArchivingEnabled"":false,""JournalMessageExpirationDays"":0,""JournalReportDLMemberSubstitutionEnabled"":false,""JournalingReportNdrTo"":""\u003c\u003e"",""LegacyArchiveJournalingEnabled"":false,""LegacyArchiveLiveJournalingEnabled"":false,""LegacyJournalingMigrationEnabled"":false,""MaxAllowedAgentGeneratedMessageDepth"":3,""MaxAllowedAgentGeneratedMessageDepthPerAgent"":2,""MaxDumpsterSizePerDatabase"":""18 MB (18,874,368 bytes)"",""MaxDumpsterTime"":""7.00:00:00"",""MaxReceiveSize"":""Unlimited"",""MaxRecipientEnvelopeLimit"":""Unlimited"",""MaxSendSize"":""Unlimited"",""MessageExpiration"":""1.00:00:00"",""MigrationEnabled"":true,""Name"":""Transport Settings"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Transport-Settings"",""ObjectClass"":[""top"",""container"",""msExchTransportSettings""],""ObjectState"":""Unchanged"",""OpenDomainRoutingEnabled"":false,""OrganizationFederatedMailbox"":""FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042@tqhjy.onmicrosoft.com"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM"",""OtherWellKnownObjects"":[],""PreserveReportBodypart"":true,""QueueDiagnosticsAggregationInterval"":""00:01:00"",""RedirectDLMessagesForLegacyArchiveJournaling"":false,""RedirectUnprovisionedUserMessagesForLegacyArchiveJournaling"":false,""ReplyAllStormBlockDurationHours"":6,""ReplyAllStormDetectionMinimumRecipients"":2500,""ReplyAllStormDetectionMinimumReplies"":10,""ReplyAllStormProtectionEnabled"":true,""Rfc2231EncodingEnabled"":false,""SafetyNetHoldTime"":""7.00:00:00"",""SmtpClientAuthenticationDisabled"":true,""SupervisionTags"":[""Reject"",""Allow""],""TLSReceiveDomainSecureList"":[],""TLSSendDomainSecureList"":[],""TransportRuleAttachmentTextScanLimit"":""1 MB (1,048,576 bytes)"",""TransportRuleCollectionAddedRecipientsLimit"":100,""TransportRuleCollectionRegexCharsLimit"":""20 KB (20,480 bytes)"",""TransportRuleConfig"":[""TransportRuleMinProductVersion:14.0.0.0"",""TransportRuleRegexValidationTimeout:00:00:00.3000000"",""TransportRuleAttachmentTextScanLimit:1 MB (1,048,576 bytes)"",""TransportRuleSizeLimit:8 KB (8,192 bytes)"",""TransportRuleCollectionRegexCharsLimit:20 KB (20,480 bytes)"",""TransportRuleLimit:300"",""TransportRuleCollectionAddedRecipientsLimit:100""],""TransportRuleLimit"":300,""TransportRuleMinProductVersion"":{""Build"":0,""Major"":14,""MajorRevision"":0,""Minor"":0,""MinorRevision"":0,""Revision"":0},""TransportRuleRegexValidationTimeout"":""00:00:00.3000000"",""TransportRuleSizeLimit"":""8 KB (8,192 bytes)"",""VerifySecureSubmitEnabled"":false,""VoicemailJournalingEnabled"":true,""WhenChanged"":""Date(1717562155000)"",""WhenChangedUTC"":""Date(1717562155000)"",""WhenCreated"":""Date(1619484398000)"",""WhenCreatedUTC"":""Date(1619484398000)"",""Xexch50Enabled"":true}","Get-TransportConfig","Shall","MS.EXO.5.1v1","Requirement met","True" +"{""AdminDisplayName"":"""",""Default"":true,""DistinguishedName"":""CN=Default Sharing Policy,CN=Federation,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""Domains"":[""Anonymous:0""],""Enabled"":false,""ExchangeObjectId"":""2d52a1ae-4c17-42e0-925e-919b2bf68a18"",""ExchangeVersion"":""0.10 (14.0.100.0)"",""Guid"":""137df5c0-4fe4-49bb-923c-e2bdfd89f448"",""Id"":""Default Sharing Policy"",""Identity"":""Default Sharing Policy"",""IsValid"":true,""Name"":""Default Sharing Policy"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Sharing-Policy"",""ObjectClass"":[""top"",""msExchSharingPolicy""],""ObjectState"":""Changed"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM"",""WhenChanged"":""Date(1691164284000)"",""WhenChangedUTC"":""Date(1691164284000)"",""WhenCreated"":""Date(1619484547000)"",""WhenCreatedUTC"":""Date(1619484547000)""}","Get-SharingPolicy","Shall","MS.EXO.6.1v1","Requirement met","True" +"{""AdminDisplayName"":"""",""Default"":true,""DistinguishedName"":""CN=Default Sharing Policy,CN=Federation,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""Domains"":[""Anonymous:0""],""Enabled"":false,""ExchangeObjectId"":""2d52a1ae-4c17-42e0-925e-919b2bf68a18"",""ExchangeVersion"":""0.10 (14.0.100.0)"",""Guid"":""137df5c0-4fe4-49bb-923c-e2bdfd89f448"",""Id"":""Default Sharing Policy"",""Identity"":""Default Sharing Policy"",""IsValid"":true,""Name"":""Default Sharing Policy"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Sharing-Policy"",""ObjectClass"":[""top"",""msExchSharingPolicy""],""ObjectState"":""Changed"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM"",""WhenChanged"":""Date(1691164284000)"",""WhenChangedUTC"":""Date(1691164284000)"",""WhenCreated"":""Date(1619484547000)"",""WhenCreatedUTC"":""Date(1619484547000)""}","Get-SharingPolicy","Shall","MS.EXO.6.2v1","Requirement met","True" +"{""AdminDisplayName"":"""",""DirectoryBasedEdgeBlockMode"":""Default"",""DistinguishedName"":""CN=Default,CN=Hosted Connection Filter,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""EnableSafeList"":false,""ExchangeObjectId"":""7021b7cf-b9fa-4280-94ff-fba468dbb0ab"",""ExchangeVersion"":""0.20 (15.0.0.0)"",""Guid"":""ddb99cb3-211b-47ee-bc9c-86e6c8d0e692"",""IPAllowList"":[],""IPBlockList"":[],""Id"":""Default"",""Identity"":""Default"",""IsDefault"":true,""IsValid"":true,""Name"":""Default"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Hosted-Connection-Filter-Policy"",""ObjectClass"":[""top"",""msExchHostedConnectionFilterPolicy""],""ObjectState"":""Unchanged"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM"",""WhenChanged"":""Date(1717562554000)"",""WhenChangedUTC"":""Date(1717562554000)"",""WhenCreated"":""Date(1619484586000)"",""WhenCreatedUTC"":""Date(1619484586000)""}","Get-HostedConnectionFilterPolicy","Should","MS.EXO.12.1v1","Requirement met","True" +"{""AdminDisplayName"":"""",""DirectoryBasedEdgeBlockMode"":""Default"",""DistinguishedName"":""CN=Default,CN=Hosted Connection Filter,CN=Transport Settings,CN=Configuration,CN=tqhjy.onmicrosoft.com,CN=ConfigurationUnits,DC=NAMPR09A006,DC=PROD,DC=OUTLOOK,DC=COM"",""EnableSafeList"":false,""ExchangeObjectId"":""7021b7cf-b9fa-4280-94ff-fba468dbb0ab"",""ExchangeVersion"":""0.20 (15.0.0.0)"",""Guid"":""ddb99cb3-211b-47ee-bc9c-86e6c8d0e692"",""IPAllowList"":[],""IPBlockList"":[],""Id"":""Default"",""Identity"":""Default"",""IsDefault"":true,""IsValid"":true,""Name"":""Default"",""ObjectCategory"":""NAMPR09A006.PROD.OUTLOOK.COM/Configuration/Schema/ms-Exch-Hosted-Connection-Filter-Policy"",""ObjectClass"":[""top"",""msExchHostedConnectionFilterPolicy""],""ObjectState"":""Unchanged"",""OrganizationId"":""NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration"",""OrganizationalUnitRoot"":""tqhjy.onmicrosoft.com"",""OriginatingServer"":""MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM"",""WhenChanged"":""Date(1717562554000)"",""WhenChangedUTC"":""Date(1717562554000)"",""WhenCreated"":""Date(1619484586000)"",""WhenCreatedUTC"":""Date(1619484586000)""}","Get-HostedConnectionFilterPolicy","Should","MS.EXO.12.2v1","Requirement met","True" "{""AuditDisabled"":false,""DisplayName"":""tqhjy"",""Name"":""tqhjy.onmicrosoft.com""}","Get-OrganizationConfig","Shall","MS.EXO.13.1v1","Requirement met","True" "{""domain"":""tqhjy.onmicrosoft.com"",""log"":[{""query_method"":""traditional"",""query_name"":""_dmarc.tqhjy.onmicrosoft.com"",""query_result"":""Query returned NXDomain""},{""query_method"":""traditional"",""query_name"":""_dmarc.onmicrosoft.com"",""query_result"":""Query returned NXDomain""}],""rdata"":[]}","Get-ScubaDmarcRecord, Get-AcceptedDomain","Shall","MS.EXO.4.1v1","1 agency domain(s) found in violation: tqhjy.onmicrosoft.com","False" "{""domain"":""tqhjy.onmicrosoft.com"",""log"":[{""query_method"":""traditional"",""query_name"":""_dmarc.tqhjy.onmicrosoft.com"",""query_result"":""Query returned NXDomain""},{""query_method"":""traditional"",""query_name"":""_dmarc.onmicrosoft.com"",""query_result"":""Query returned NXDomain""}],""rdata"":[]}","Get-ScubaDmarcRecord, Get-AcceptedDomain","Shall","MS.EXO.4.2v1","1 agency domain(s) found in violation: tqhjy.onmicrosoft.com","False" @@ -90,31 +90,31 @@ "true","Get-TenantSettings","Shall","MS.POWERPLATFORM.1.1v1","Requirement met","True" "true","Get-TenantSettings","Shall","MS.POWERPLATFORM.1.2v1","Requirement met","True" "true","Get-TenantSettings","Should","MS.POWERPLATFORM.5.1v1","Requirement met","True" -,"","Shall/Not-Implemented","MS.POWERPLATFORM.4.1v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"","Should/Not-Implemented","MS.POWERPLATFORM.3.2v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"Get-DlpPolicy","Should","MS.POWERPLATFORM.2.2v1","Requirement met","True" +,"","Shall/Not-Implemented","MS.POWERPLATFORM.4.1v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" +,"","Should/Not-Implemented","MS.POWERPLATFORM.3.2v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" ,"Get-DlpPolicy","Should","MS.POWERPLATFORM.2.3v1","Requirement met","True" +"""407cbeff-b477-e3b4-9ca7-097888a9ec4e""","Get-DlpPolicy","Should","MS.POWERPLATFORM.2.2v1","1 Subsequent environments without DLP policies: 407cbeff-b477-e3b4-9ca7-097888a9ec4e","False" "{""PolicyName"":""DLP functional test""}","Get-DlpPolicy","Shall","MS.POWERPLATFORM.2.1v1","Requirement met","True" -,"","Shall/Not-Implemented","MS.SHAREPOINT.1.2v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"","Shall/Not-Implemented","MS.SHAREPOINT.3.2v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -,"","Shall/Not-Implemented","MS.SHAREPOINT.4.1v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" -"[true,0]","Get-SPOTenant, Get-PnPTenant","Shall","MS.SHAREPOINT.1.4v1","Requirement met","True" +,"","Shall/Not-Implemented","MS.SHAREPOINT.4.1v1","This product does not currently have the capability to check compliance for this policy. See Secure Configuration Baseline policy for instructions on manual check","False" +,"Get-SPOTenant","Shall/Not-Implemented","MS.SHAREPOINT.3.1v1","This policy is only applicable if External Sharing is set to any value other than Anyone. See Secure Configuration Baseline policy for more info","False" +,"Get-SPOTenant, Get-PnPTenant","Shall/Not-Implemented","MS.SHAREPOINT.1.3v1","This policy is only applicable if External Sharing is set to any value other than Only People In Your Organization. See Secure Configuration Baseline policy for more info","False" +,"Get-SPOTenant, Get-PnPTenant","Shall/Not-Implemented","MS.SHAREPOINT.1.4v1","This policy is only applicable if External Sharing is set to any value other than Only People In Your Organization. See Secure Configuration Baseline policy for more info","False" +,"Get-SPOTenant, Get-PnPTenant","Shall/Not-Implemented","MS.SHAREPOINT.3.2v1","This policy is only applicable if External Sharing is set to any value other than Anyone. See Secure Configuration Baseline policy for more info","False" +,"Get-SPOTenant, Get-PnPTenant","Shall/Not-Implemented","MS.SHAREPOINT.3.3v1","External Sharing is set to Only People In Your Organization. This policy is only applicable if External Sharing is set to any value other than Only People In Your Organization or Existing Guests. See Secure Configuration Baseline policy for more info","False" "0","Get-SPOTenant, Get-PnPTenant","Shall","MS.SHAREPOINT.1.1v1","Requirement met","True" -"[0,true,30]","Get-SPOTenant, Get-PnPTenant","Shall","MS.SHAREPOINT.3.3v1","Requirement met","True" -"[0,0]","Get-SPOTenant, Get-PnPTenant","Shall","MS.SHAREPOINT.1.3v1","Requirement met: external sharing is set to Only People In Organization","True" -"[0,30]","Get-SPOTenant, Get-PnPTenant","Shall","MS.SHAREPOINT.3.1v1","Requirement met","True" +"0","Get-SPOTenant, Get-PnPTenant","Shall","MS.SHAREPOINT.1.2v1","Requirement met","True" +"1","Get-SPOTenant, Get-PnPTenant","Shall","MS.SHAREPOINT.2.1v1","Requirement met","True" "1","Get-SPOTenant, Get-PnPTenant","Shall","MS.SHAREPOINT.2.2v1","Requirement met","True" "2","Get-SPOSite, Get-PnPTenantSite","Shall","MS.SHAREPOINT.4.2v1","Requirement met","True" -"3","Get-SPOTenant, Get-PnPTenant","Shall","MS.SHAREPOINT.2.1v1","Requirement not met","False" "false","Get-CsTeamsMeetingPolicy","Should","MS.TEAMS.1.6v1","Requirement met","True" """EveryoneInCompanyExcludingGuests""","Get-CsTeamsMeetingPolicy","Should","MS.TEAMS.1.4v1","Requirement met","True" """UserOverride""","Get-CsTeamsMeetingBroadcastPolicy","Should","MS.TEAMS.1.7v1","Requirement met","True" -,"","Shall/3rd Party","MS.TEAMS.6.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Shall/3rd Party","MS.TEAMS.6.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.TEAMS.7.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.TEAMS.7.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.TEAMS.8.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" -,"","Should/3rd Party","MS.TEAMS.8.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.TEAMS.6.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Shall/3rd Party","MS.TEAMS.6.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.TEAMS.7.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.TEAMS.7.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.TEAMS.8.1v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" +,"","Should/3rd Party","MS.TEAMS.8.2v1","A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See Secure Configuration Baseline policy for instructions on manual check.","False" "[""EveryoneInCompanyExcludingGuests"",false]","Get-CsTeamsMeetingPolicy","Should","MS.TEAMS.1.3v1","Requirement met","True" "{""AssignedPlans"":""MCOEV, Teams_GCC, MCOProfessional, MCOMEETADD"",""ClientConfig"":[{""AllowBox"":true,""AllowDropBox"":true,""AllowEgnyte"":true,""AllowEmailIntoChannel"":false,""AllowGoogleDrive"":true,""AllowGuestUser"":true,""AllowOrganizationTab"":true,""AllowResourceAccountSendMessage"":true,""AllowRoleBasedChatPermissions"":false,""AllowScopedPeopleSearchandAccess"":false,""AllowShareFile"":true,""AllowSkypeBusinessInterop"":true,""ConfigMetadata"":{""Authority"":""Tenant""},""ContentPin"":""RequiredOutsideScheduleMeeting"",""DataSource"":null,""Identity"":""Global"",""Key"":{""AuthorityId"":""Class=Tenant;InstanceId=ca08493a-c9c8-4db0-a9e8-d3b4bafac269;XmlRoot="",""DefaultXml"":""SchemaId=;Data=;ConfigObject=;Signature=00000000-0000-0000-0000-000000000000;IsModified=True"",""SchemaId"":""XName="",""ScopeClass"":""Global"",""XmlRoot"":""name={urn:schema:Microsoft.Rtc.Management.ScopeFramework.2008}AnchoredXmlKey""},""ResourceAccountContentAccess"":""NoAccess"",""RestrictedSenderList"":null}]}","Get-CsTeamsClientConfiguration, Get-CsTenant","Shall","MS.TEAMS.4.1v1","N/A: Feature is unavailable in GCC environments","True" ,"Get-CsTeamsAppPermissionPolicy","Should","MS.TEAMS.5.1v1","Requirement met","True" diff --git a/PowerShell/ScubaGear/Sample-Reports/TestResults.json b/PowerShell/ScubaGear/Sample-Reports/TestResults.json index e7ce2fdbc..914074fe4 100644 --- a/PowerShell/ScubaGear/Sample-Reports/TestResults.json +++ b/PowerShell/ScubaGear/Sample-Reports/TestResults.json @@ -10,18 +10,6 @@ "ReportDetails": "0 admin(s) that are not cloud-only found", "RequirementMet": true }, - { - "ActualValue": [ - - ], - "Commandlet": [ - - ], - "Criticality": "Shall/Not-Implemented", - "PolicyId": "MS.AAD.3.3v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/aad.md#msaad33v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", - "RequirementMet": false - }, { "ActualValue": [ @@ -31,7 +19,7 @@ ], "Criticality": "Shall/Not-Implemented", "PolicyId": "MS.AAD.4.1v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/aad.md#msaad41v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/aad.md#msaad41v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -43,7 +31,7 @@ ], "Criticality": "Should/Not-Implemented", "PolicyId": "MS.AAD.2.2v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/aad.md#msaad22v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/aad.md#msaad22v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -55,7 +43,7 @@ ], "Criticality": "Should/Not-Implemented", "PolicyId": "MS.AAD.8.3v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/aad.md#msaad83v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/aad.md#msaad83v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -65,9 +53,9 @@ "Commandlet": [ "Get-MgBetaPolicyAuthenticationMethodPolicy" ], - "Criticality": "Shall", + "Criticality": "Shall/Not-Implemented", "PolicyId": "MS.AAD.3.5v1", - "ReportDetails": "This policy is only applicable if the tenant has their Manage Migration feature set to Migration Complete. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/aad.md#msaad34v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for more info", + "ReportDetails": "This policy is only applicable if the tenant has their Manage Migration feature set to Migration Complete. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/aad.md#msaad34v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for more info", "RequirementMet": false }, { @@ -82,6 +70,57 @@ "ReportDetails": "Requirement not met", "RequirementMet": false }, + { + "ActualValue": { + "AdditionalProperties": { + "@odata.type": "#microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration", + "featureSettings": { + "companionAppAllowedState": { + "excludeTarget": "@{id=00000000-0000-0000-0000-000000000000; targetType=group}", + "includeTarget": "@{id=all_users; targetType=group}", + "state": "default" + }, + "displayAppInformationRequiredState": { + "excludeTarget": "@{id=00000000-0000-0000-0000-000000000000; targetType=group}", + "includeTarget": "@{id=all_users; targetType=group}", + "state": "enabled" + }, + "displayLocationInformationRequiredState": { + "excludeTarget": "@{id=00000000-0000-0000-0000-000000000000; targetType=group}", + "includeTarget": "@{id=all_users; targetType=group}", + "state": "enabled" + }, + "numberMatchingRequiredState": { + "excludeTarget": "@{id=00000000-0000-0000-0000-000000000000; targetType=group}", + "includeTarget": "@{id=all_users; targetType=group}", + "state": "enabled" + } + }, + "includeTargets": [ + { + "authenticationMode": "any", + "id": "all_users", + "isRegistrationRequired": false, + "targetType": "group" + } + ], + "includeTargets@odata.context": "https://graph.microsoft.com/beta/$metadata#policies/authenticationMethodsPolicy/authenticationMethodConfigurations(\u0027MicrosoftAuthenticator\u0027)/microsoft.graph.microsoftAuthenticatorAuthenticationMethodConfiguration/includeTargets", + "isSoftwareOathEnabled": false + }, + "ExcludeTargets": [ + + ], + "Id": "MicrosoftAuthenticator", + "State": "enabled" + }, + "Commandlet": [ + "Get-MgBetaPolicyAuthenticationMethodPolicy" + ], + "Criticality": "Shall", + "PolicyId": "MS.AAD.3.3v1", + "ReportDetails": "Requirement met", + "RequirementMet": true + }, { "ActualValue": { "all_admin_consent_policies": [ @@ -173,6 +212,18 @@ "ReportDetails": "Permission level set to \"Limited access\" (authorizationPolicy)", "RequirementMet": true }, + { + "ActualValue": [ + + ], + "Commandlet": [ + "Get-MgBetaDirectorySetting" + ], + "Criticality": "Shall", + "PolicyId": "MS.AAD.5.4v1", + "ReportDetails": "Requirement not met", + "RequirementMet": false + }, { "ActualValue": [ @@ -274,7 +325,6 @@ "Exchange Administrator(Directory Role)", "Global Administrator(Directory Role)", "Hybrid Identity Administrator(Directory Role)", - "PIM Test Group(PIM Group)", "Privileged Role Administrator(Directory Role)", "SharePoint Administrator(Directory Role)" ], @@ -284,7 +334,7 @@ ], "Criticality": "Shall", "PolicyId": "MS.AAD.7.7v1", - "ReportDetails": "7 role(s) or group(s) without notification e-mail configured for role assignments found:\u003cbr/\u003eCloud Application Administrator(Directory Role), Exchange Administrator(Directory Role), Global Administrator(Directory Role), Hybrid Identity Administrator(Directory Role), PIM Test Group(PIM Group), Privileged Role Administrator(Directory Role), SharePoint Administrator(Directory Role)", + "ReportDetails": "6 role(s) or group(s) without notification e-mail configured for role assignments found:\u003cbr/\u003eCloud Application Administrator(Directory Role), Exchange Administrator(Directory Role), Global Administrator(Directory Role), Hybrid Identity Administrator(Directory Role), Privileged Role Administrator(Directory Role), SharePoint Administrator(Directory Role)", "RequirementMet": false }, { @@ -292,7 +342,6 @@ "Cloud Application Administrator(Directory Role)", "Exchange Administrator(Directory Role)", "Hybrid Identity Administrator(Directory Role)", - "PIM Test Group(PIM Group)", "Privileged Role Administrator(Directory Role)", "SharePoint Administrator(Directory Role)" ], @@ -302,7 +351,7 @@ ], "Criticality": "Should", "PolicyId": "MS.AAD.7.9v1", - "ReportDetails": "6 role(s) or group(s) without notification e-mail configured for role activations found:\u003cbr/\u003eCloud Application Administrator(Directory Role), Exchange Administrator(Directory Role), Hybrid Identity Administrator(Directory Role), PIM Test Group(PIM Group), Privileged Role Administrator(Directory Role), SharePoint Administrator(Directory Role)", + "ReportDetails": "5 role(s) or group(s) without notification e-mail configured for role activations found:\u003cbr/\u003eCloud Application Administrator(Directory Role), Exchange Administrator(Directory Role), Hybrid Identity Administrator(Directory Role), Privileged Role Administrator(Directory Role), SharePoint Administrator(Directory Role)", "RequirementMet": false }, { @@ -394,22 +443,6 @@ "ReportDetails": "1 conditional access policy(s) found that meet(s) all requirements:\u003cbr/\u003eMS.AAD.3.2v1 If phishing-resistant MFA has not been enforced, an alternative MFA method SHALL be enforced for all users. \u003ca href=\u0027#caps\u0027\u003eView all CA policies\u003c/a\u003e.", "RequirementMet": true }, - { - "ActualValue": [ - { - "Name": "EnableGroupSpecificConsent", - "SettingsGroup": "Consent Policy Settings", - "Value": "false" - } - ], - "Commandlet": [ - "Get-MgBetaDirectorySetting" - ], - "Criticality": "Shall", - "PolicyId": "MS.AAD.5.4v1", - "ReportDetails": "Requirement met", - "RequirementMet": true - }, { "ActualValue": [ [ @@ -436,7 +469,7 @@ ], "Criticality": "Shall/Not-Implemented", "PolicyId": "MS.DEFENDER.6.2v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/defender.md#msdefender62v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/defender.md#msdefender62v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -448,7 +481,7 @@ ], "Criticality": "Shall/Not-Implemented", "PolicyId": "MS.DEFENDER.6.3v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/defender.md#msdefender63v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/defender.md#msdefender63v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -460,7 +493,7 @@ ], "Criticality": "Should/Not-Implemented", "PolicyId": "MS.DEFENDER.4.5v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/defender.md#msdefender45v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/defender.md#msdefender45v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -472,7 +505,7 @@ ], "Criticality": "Should/Not-Implemented", "PolicyId": "MS.DEFENDER.4.6v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/defender.md#msdefender46v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/defender.md#msdefender46v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -484,7 +517,7 @@ ], "Criticality": "Should/Not-Implemented", "PolicyId": "MS.DEFENDER.5.2v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/defender.md#msdefender52v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/defender.md#msdefender52v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -508,8 +541,8 @@ "Get-AntiPhishPolicy" ], "Criticality": "Should", - "PolicyId": "MS.DEFENDER.2.1v1", - "ReportDetails": "Not all sensitive users are included for targeted protection in Strict or Standard policy.", + "PolicyId": "MS.DEFENDER.2.2v1", + "ReportDetails": "Not all agency domains are included for targeted protection in Strict or Standard policy.", "RequirementMet": false }, { @@ -533,8 +566,8 @@ "Get-AntiPhishPolicy" ], "Criticality": "Should", - "PolicyId": "MS.DEFENDER.2.2v1", - "ReportDetails": "Not all agency domains are included for targeted protection in Strict or Standard policy.", + "PolicyId": "MS.DEFENDER.2.3v1", + "ReportDetails": "Not all partner domains are included for targeted protection in Strict or Standard policy.", "RequirementMet": false }, { @@ -543,24 +576,24 @@ "Accounts": [ ], - "Action": "", - "Name": "Strict Preset Security Policy" + "Action": "Quarantine", + "Name": "Strict Preset Security Policy1681329955447" }, { "Accounts": [ ], - "Action": "", - "Name": "Standard Preset Security Policy" + "Action": "Quarantine", + "Name": "Standard Preset Security Policy1659535429826" } ], "Commandlet": [ "Get-AntiPhishPolicy" ], "Criticality": "Should", - "PolicyId": "MS.DEFENDER.2.3v1", - "ReportDetails": "Not all partner domains are included for targeted protection in Strict or Standard policy.", - "RequirementMet": false + "PolicyId": "MS.DEFENDER.2.1v1", + "ReportDetails": "Requirement met", + "RequirementMet": true }, { "ActualValue": { @@ -577,16 +610,13 @@ { "ActualValue": { "Credit_Card": [ - "CreditCardsOnly", - "Baseline Rule", - "Missing_ITIN_Has_UKPassports" + "Baseline Rule" ], "ITIN": [ "Baseline Rule" ], "SSN": [ - "Baseline Rule", - "Missing_ITIN_Has_UKPassports" + "Baseline Rule" ] }, "Commandlet": [ @@ -644,7 +674,7 @@ ], "Criticality": "Should", "PolicyId": "MS.DEFENDER.4.2v1", - "ReportDetails": "No enabled policy found that applies to: Devices", + "ReportDetails": "DLP custom policy applied to the following locations: Exchange, OneDrive, SharePoint, Teams. Custom policy protecting sensitive info types NOT applied to: Devices. Devices location requires DLP for Endpoint licensing and at least one registered device. For full policy details, see the ActualValue field in the results file: ./TestResults.json", "RequirementMet": false }, { @@ -771,7 +801,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.10.1v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo101v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo101v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -783,7 +813,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.10.2v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo102v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo102v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -795,7 +825,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.14.1v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo141v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo141v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -807,7 +837,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.14.2v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo142v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo142v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -819,7 +849,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.14.3v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo143v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo143v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -831,7 +861,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.16.1v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo161v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo161v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -843,7 +873,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.17.1v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo171v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo171v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -855,7 +885,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.17.2v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo172v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo172v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -867,7 +897,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.17.3v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo173v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo173v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -879,7 +909,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.8.1v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo81v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo81v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -891,7 +921,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.8.2v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo82v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo82v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -903,7 +933,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.9.1v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo91v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo91v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -915,7 +945,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.EXO.9.3v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo93v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo93v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -927,7 +957,7 @@ ], "Criticality": "Shall/Not-Implemented", "PolicyId": "MS.EXO.2.1v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo21v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo21v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -939,7 +969,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.EXO.10.3v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo103v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo103v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -951,7 +981,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.EXO.11.1v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo111v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo111v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -963,7 +993,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.EXO.11.2v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo112v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo112v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -975,7 +1005,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.EXO.11.3v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo113v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo113v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -987,7 +1017,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.EXO.15.1v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo151v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo151v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -999,7 +1029,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.EXO.15.2v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo152v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo152v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -1011,7 +1041,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.EXO.15.3v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo153v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo153v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -1023,7 +1053,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.EXO.16.2v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo162v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo162v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -1035,11 +1065,12 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.EXO.9.2v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/exo.md#msexo92v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/exo.md#msexo92v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { "ActualValue": [ + "NotInOrganization", "NotInOrganization" ], "Commandlet": [ @@ -1058,8 +1089,7 @@ "log": [ "@{query_method=traditional; query_name=selector1._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned NXDomain}", "@{query_method=traditional; query_name=selector2._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned NXDomain}", - "@{query_method=traditional; query_name=selector1-example-mail-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned NXDomain}", - "@{query_method=traditional; query_name=selector2-example-mail-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned NXDomain}" + "@{query_method=traditional; query_name=selector1-tqhjy-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com; query_result=Query returned 2 txt records}" ], "rdata": [ @@ -1096,14 +1126,14 @@ "ObjectState": "Unchanged", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "RotateOnDate": "Date(1653949318610)", "Selector1CNAME": "selector1-tqhjy-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com", "Selector1KeySize": 2048, - "Selector1PublicKey": "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/z5b0VYtWAnksnJLIo1HiKP5j0sTa93y6eIe7eRn3EfCMfnw4f0Ew6wmX/2NIsszvF0XG0mkdffCVsUa5WnzDvfhR5fkSMqGI/I4JaR+b8qHdNToVesTbk/kFv+j41TcxWgJw1j4Xeo6URJG6qx1ujh6zshr21/frskm/tq7Qlp7LpQn1uiHDO2g1If9tlvKRxOzxMV8ldzIjU4MKsLlUDLIj/LjezemQXiPsZqrMOe0Kqs3Tusv6IoWKaQpiiooIhsH+0fI2JXyjJu7623jOIAuDtl7YHdR6cC7umMq44tAgEL9Uf8IHv02FoM0B3nSIzs9ier9X4E0/exampleQIDAQAB;", + "Selector1PublicKey": "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohoPDhGToRO8y7acaWL2w15wsCmwabxgTwODro2c1BeRYXfnUMStICo3w4ZrYDtGZDSA7hm0x7OHujF1CoQnXiBmrQ154wtomPyx3Op/VC6+b9di4z15XBvhXh/fLBUdEJ6wsybMLmQ+WPQA6vsM3UN5Cv5rl2SylFoM//eLmw5R6NmMIj3GQg9b+vQl2cKNXqII2gZrB07P6xt2wW1VA/LPjdRFUEys9YzBgOqM53VaODWDXDIvUH/nPRVAtOEsV19u66jyzZnzcz9a7ATxizix7DnySzI3koVlOGi/+dLx8FYIAZ/75wkH1O/gH8/n4C66uwRm/example+QIDAQAB;", "Selector2CNAME": "selector2-tqhjy-onmicrosoft-com._domainkey.tqhjy.onmicrosoft.com", "Selector2KeySize": 2048, - "Selector2PublicKey": "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVK8DFIgYjps1Ckt4UjOQiBMqpb9G1WiwIci61Amx0sQzZTD8xb8rRSboEm89e5WRChcpZe7FN7XveJtbWYHmp4+e4niN5wGHaDt7NoCdTQ6dgRdyPa0d4Yf8si1uYYu7iC4LkQMI/zSLAQAQWEEHKqqJPHoAAbyKEuj8vynlWGsCAaprqOjyPqciy4YfcYd5ZISmpY5yJ/FNIrc2FeZjSPb65XzYMtgTbP9xC7lK6kGnBJDKqHaccXhVyvkl39AX4VkMzuVTlZbr120T+zMFDLNCJeNMBabl8JcrL0OYRule+75C3bPO4u/cZ1TmAGknX7apzvavEK2ByexampleQIDAQAB;", + "Selector2PublicKey": "v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0N9/MWtBA7REPZSGKz9hfYIgF5jm5uri7RVSkaptlnvK0AI6jmJ4TvZ4beFzrfJDh6cIt5gX0UqnTzF9/0UZeyfRuUQAUew/sXU8FZXEnt+Bxr9k8PkAaqr2ksYhY/n46DxrWu1X/Cz7tye5FBnsTbyI6PnaBCfcgzwFnULaojUtdqSQGF7dt4HcyZGnUX1YLNwhp4Lyi9g1bZF6EdNMYHuKXFIsRo5qmEMagIsi557jGlGNTqTKJ9aZWGiCgjFJ14mTUN/itKXb5RqBAfG9KeZQXk6hWGTe7H9lVOshMZgV4t0FyaisrGg5GselbKZukxcA8xsOndexampleAQIDAQAB;", "SelectorAfterRotateOnDate": "selector2", "SelectorBeforeRotateOnDate": "selector1", "Status": "Valid", @@ -1197,7 +1227,7 @@ "OrganizationFederatedMailbox": "FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042@tqhjy.onmicrosoft.com", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "OtherWellKnownObjects": [ ], @@ -1247,8 +1277,8 @@ "TransportRuleSizeLimit": "8 KB (8,192 bytes)", "VerifySecureSubmitEnabled": false, "VoicemailJournalingEnabled": true, - "WhenChanged": "Date(1712118761000)", - "WhenChangedUTC": "Date(1712118761000)", + "WhenChanged": "Date(1717562155000)", + "WhenChangedUTC": "Date(1717562155000)", "WhenCreated": "Date(1619484398000)", "WhenCreatedUTC": "Date(1619484398000)", "Xexch50Enabled": true @@ -1287,7 +1317,7 @@ "ObjectState": "Changed", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "WhenChanged": "Date(1691164284000)", "WhenChangedUTC": "Date(1691164284000)", "WhenCreated": "Date(1619484547000)", @@ -1327,7 +1357,7 @@ "ObjectState": "Changed", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", "WhenChanged": "Date(1691164284000)", "WhenChangedUTC": "Date(1691164284000)", "WhenCreated": "Date(1619484547000)", @@ -1371,9 +1401,9 @@ "ObjectState": "Unchanged", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", - "WhenChanged": "Date(1712119159000)", - "WhenChangedUTC": "Date(1712119159000)", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", + "WhenChanged": "Date(1717562554000)", + "WhenChangedUTC": "Date(1717562554000)", "WhenCreated": "Date(1619484586000)", "WhenCreatedUTC": "Date(1619484586000)" } @@ -1415,9 +1445,9 @@ "ObjectState": "Unchanged", "OrganizationId": "NAMPR09A006.PROD.OUTLOOK.COM/Microsoft Exchange Hosted Organizations/tqhjy.onmicrosoft.com - NAMPR09A006.PROD.OUTLOOK.COM/ConfigurationUnits/tqhjy.onmicrosoft.com/Configuration", "OrganizationalUnitRoot": "tqhjy.onmicrosoft.com", - "OriginatingServer": "DM5PR09A006DC10.NAMPR09A006.PROD.OUTLOOK.COM", - "WhenChanged": "Date(1712119159000)", - "WhenChangedUTC": "Date(1712119159000)", + "OriginatingServer": "MWHPR09A006DC08.NAMPR09A006.PROD.OUTLOOK.COM", + "WhenChanged": "Date(1717562554000)", + "WhenChangedUTC": "Date(1717562554000)", "WhenCreated": "Date(1619484586000)", "WhenCreatedUTC": "Date(1619484586000)" } @@ -1640,7 +1670,7 @@ ], "Criticality": "Shall/Not-Implemented", "PolicyId": "MS.POWERPLATFORM.4.1v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/powerplatform.md#mspowerplatform41v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/powerplatform.md#mspowerplatform41v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -1652,7 +1682,7 @@ ], "Criticality": "Should/Not-Implemented", "PolicyId": "MS.POWERPLATFORM.3.2v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/powerplatform.md#mspowerplatform32v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/powerplatform.md#mspowerplatform32v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -1663,21 +1693,21 @@ "Get-DlpPolicy" ], "Criticality": "Should", - "PolicyId": "MS.POWERPLATFORM.2.2v1", + "PolicyId": "MS.POWERPLATFORM.2.3v1", "ReportDetails": "Requirement met", "RequirementMet": true }, { "ActualValue": [ - + "407cbeff-b477-e3b4-9ca7-097888a9ec4e" ], "Commandlet": [ "Get-DlpPolicy" ], "Criticality": "Should", - "PolicyId": "MS.POWERPLATFORM.2.3v1", - "ReportDetails": "Requirement met", - "RequirementMet": true + "PolicyId": "MS.POWERPLATFORM.2.2v1", + "ReportDetails": "1 Subsequent environments without DLP policies: 407cbeff-b477-e3b4-9ca7-097888a9ec4e", + "RequirementMet": false }, { "ActualValue": [ @@ -1701,8 +1731,8 @@ ], "Criticality": "Shall/Not-Implemented", - "PolicyId": "MS.SHAREPOINT.1.2v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/sharepoint.md#mssharepoint12v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "PolicyId": "MS.SHAREPOINT.4.1v1", + "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/sharepoint.md#mssharepoint41v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", "RequirementMet": false }, { @@ -1710,11 +1740,11 @@ ], "Commandlet": [ - + "Get-SPOTenant" ], "Criticality": "Shall/Not-Implemented", - "PolicyId": "MS.SHAREPOINT.3.2v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/sharepoint.md#mssharepoint32v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "PolicyId": "MS.SHAREPOINT.3.1v1", + "ReportDetails": "This policy is only applicable if External Sharing is set to any value other than Anyone. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/sharepoint.md#mssharepoint31v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for more info", "RequirementMet": false }, { @@ -1722,58 +1752,55 @@ ], "Commandlet": [ - + "Get-SPOTenant", + "Get-PnPTenant" ], "Criticality": "Shall/Not-Implemented", - "PolicyId": "MS.SHAREPOINT.4.1v1", - "ReportDetails": "This product does not currently have the capability to check compliance for this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/sharepoint.md#mssharepoint41v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check", + "PolicyId": "MS.SHAREPOINT.1.3v1", + "ReportDetails": "This policy is only applicable if External Sharing is set to any value other than Only People In Your Organization. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/sharepoint.md#mssharepoint13v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for more info", "RequirementMet": false }, { "ActualValue": [ - true, - 0 + ], "Commandlet": [ "Get-SPOTenant", "Get-PnPTenant" ], - "Criticality": "Shall", + "Criticality": "Shall/Not-Implemented", "PolicyId": "MS.SHAREPOINT.1.4v1", - "ReportDetails": "Requirement met", - "RequirementMet": true + "ReportDetails": "This policy is only applicable if External Sharing is set to any value other than Only People In Your Organization. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/sharepoint.md#mssharepoint14v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for more info", + "RequirementMet": false }, { "ActualValue": [ - 0 + ], "Commandlet": [ "Get-SPOTenant", "Get-PnPTenant" ], - "Criticality": "Shall", - "PolicyId": "MS.SHAREPOINT.1.1v1", - "ReportDetails": "Requirement met", - "RequirementMet": true + "Criticality": "Shall/Not-Implemented", + "PolicyId": "MS.SHAREPOINT.3.2v1", + "ReportDetails": "This policy is only applicable if External Sharing is set to any value other than Anyone. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/sharepoint.md#mssharepoint32v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for more info", + "RequirementMet": false }, { "ActualValue": [ - 0, - true, - 30 + ], "Commandlet": [ "Get-SPOTenant", "Get-PnPTenant" ], - "Criticality": "Shall", + "Criticality": "Shall/Not-Implemented", "PolicyId": "MS.SHAREPOINT.3.3v1", - "ReportDetails": "Requirement met", - "RequirementMet": true + "ReportDetails": "External Sharing is set to Only People In Your Organization. This policy is only applicable if External Sharing is set to any value other than Only People In Your Organization or Existing Guests. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/sharepoint.md#mssharepoint33v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for more info", + "RequirementMet": false }, { "ActualValue": [ - 0, 0 ], "Commandlet": [ @@ -1781,21 +1808,20 @@ "Get-PnPTenant" ], "Criticality": "Shall", - "PolicyId": "MS.SHAREPOINT.1.3v1", - "ReportDetails": "Requirement met: external sharing is set to Only People In Organization", + "PolicyId": "MS.SHAREPOINT.1.1v1", + "ReportDetails": "Requirement met", "RequirementMet": true }, { "ActualValue": [ - 0, - 30 + 0 ], "Commandlet": [ "Get-SPOTenant", "Get-PnPTenant" ], "Criticality": "Shall", - "PolicyId": "MS.SHAREPOINT.3.1v1", + "PolicyId": "MS.SHAREPOINT.1.2v1", "ReportDetails": "Requirement met", "RequirementMet": true }, @@ -1808,35 +1834,35 @@ "Get-PnPTenant" ], "Criticality": "Shall", - "PolicyId": "MS.SHAREPOINT.2.2v1", + "PolicyId": "MS.SHAREPOINT.2.1v1", "ReportDetails": "Requirement met", "RequirementMet": true }, { "ActualValue": [ - 2 + 1 ], "Commandlet": [ - "Get-SPOSite", - "Get-PnPTenantSite" + "Get-SPOTenant", + "Get-PnPTenant" ], "Criticality": "Shall", - "PolicyId": "MS.SHAREPOINT.4.2v1", + "PolicyId": "MS.SHAREPOINT.2.2v1", "ReportDetails": "Requirement met", "RequirementMet": true }, { "ActualValue": [ - 3 + 2 ], "Commandlet": [ - "Get-SPOTenant", - "Get-PnPTenant" + "Get-SPOSite", + "Get-PnPTenantSite" ], "Criticality": "Shall", - "PolicyId": "MS.SHAREPOINT.2.1v1", - "ReportDetails": "Requirement not met", - "RequirementMet": false + "PolicyId": "MS.SHAREPOINT.4.2v1", + "ReportDetails": "Requirement met", + "RequirementMet": true }, { "ActualValue": false, @@ -1877,7 +1903,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.TEAMS.6.1v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/teams.md#msteams61v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/teams.md#msteams61v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -1889,7 +1915,7 @@ ], "Criticality": "Shall/3rd Party", "PolicyId": "MS.TEAMS.6.2v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/teams.md#msteams62v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/teams.md#msteams62v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -1901,7 +1927,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.TEAMS.7.1v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/teams.md#msteams71v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/teams.md#msteams71v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -1913,7 +1939,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.TEAMS.7.2v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/teams.md#msteams72v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/teams.md#msteams72v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -1925,7 +1951,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.TEAMS.8.1v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/teams.md#msteams81v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/teams.md#msteams81v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, { @@ -1937,7 +1963,7 @@ ], "Criticality": "Should/3rd Party", "PolicyId": "MS.TEAMS.8.2v1", - "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.2.0/PowerShell/ScubaGear/baselines/teams.md#msteams82v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", + "ReportDetails": "A custom product can be used to fulfill this policy requirement. If a custom product is used, a 3rd party assessment tool or manually review is needed to ensure compliance. If you are using Defender for Office 365 to implement this policy, ensure that when running ScubaGear defender is in the ProductNames parameter. Then, manually review the corresponding Defender for Office 365 policy that fulfills the requirements of this policy. See \u003ca href=\"https://github.com/cisagov/ScubaGear/blob/v1.3.0/PowerShell/ScubaGear/baselines/teams.md#msteams82v1\" target=\"_blank\"\u003eSecure Configuration Baseline policy\u003c/a\u003e for instructions on manual check.", "RequirementMet": false }, {