Public/generated/Get-KriticalUtcmAADGroupsSettings.ps1

# Kritical.PS.UTCM | Microsoft Graph UTCM REST API toolkit
# (c) 2026 Kritical Pty Ltd | https://kritical.net
# Kritical brand banner is rendered at module load via Write-KriticalUtcmBanner.

function Get-KriticalUtcmAADGroupsSettings {
<#
.SYNOPSIS
    Kritical.UTCM shim for M365DSC resource AADGroupsSettings.

.DESCRIPTION

    Search-replace safe: callers that today invoke
        Get-M365DSCAADGroupsSettings -Credential $cred -TenantId $tid
    can rename to
        Get-KriticalUtcmAADGroupsSettings -Credential $cred -TenantId $tid
    with ZERO other edits. Parameter shape matches the M365DSC .schema.mof
    exactly. By default -PreferM365DscBehavior is true.

    Actual Graph dispatch is delegated to Invoke-KriticalUtcmM365DscSchemaBridge.
    Bridge maps resource → Graph endpoint per per-resource wave; where mapping
    is not yet shipped, bridge returns an object with Verdict='UNMAPPED'.

.NOTES
    Workload: Entra
    Param count: 19
#>

[CmdletBinding()]
param(
        # Only valid value is 'Yes'.
[Parameter(Mandatory)] [ValidateSet('Yes')] [string]$IsSingleInstance,
        # The flag indicating whether Office 365 group creation is allowed in the directory by non-admin users. This setting does not require an Azure Active Directory Premium P1 license.
[bool]$EnableGroupCreation,
        # Boolean indicating whether or not sensitivity labels can be assigned to M365-groups.
[bool]$EnableMIPLabels,
        # Boolean indicating whether or not a guest user can be an owner of groups.
[bool]$AllowGuestsToBeGroupOwner,
        # Boolean indicating whether or not a guest user can have access to Office 365 groups content. This setting does not require an Azure Active Directory Premium P1 license.
[bool]$AllowGuestsToAccessGroups,
        # The url of a link to the guest usage guidelines.
[string]$GuestUsageGuidelinesUrl,
        # Name of the security group for which the members are allowed to create Office 365 groups even when EnableGroupCreation == false.
[string]$GroupCreationAllowedGroupName,
        # A boolean indicating whether or not is allowed to add guests to this directory.
[bool]$AllowToAddGuests,
        # A link to the Group Usage Guidelines.
[string]$UsageGuidelinesUrl,
        # Boolean, a tenant-wide setting that assigns the default value to the writebackConfiguration/isEnabled property of new groups, if the property isn't specified during group creation. This setting is applicable when group writeback is configured in Microsoft Entra Connect.
[bool]$NewUnifiedGroupWritebackDefault,
        # Specify if the Azure AD Groups Naming Policy should exist or not.
[ValidateSet('Present','Absent')] [string]$Ensure,
        # Credentials for the Microsoft Graph delegated permissions.
[string]$Credential,
        # Id of the Azure Active Directory application to authenticate with.
[string]$ApplicationId,
        # Id of the Azure Active Directory tenant used for authentication.
[string]$TenantId,
        # Secret of the Azure Active Directory application to authenticate with.
[string]$ApplicationSecret,
        # Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.
[string]$CertificateThumbprint,
        # Username can be made up to anything but password will be used for CertificatePassword
[string]$CertificatePassword,
        # Path to certificate used in service principal usually a PFX file.
[string]$CertificatePath,
        # Managed ID being used for authentication.
[bool]$ManagedIdentity
)
    Invoke-KriticalUtcmM365DscSchemaBridge -ResourceName 'AADGroupsSettings' -Workload 'Entra' -Verb 'Get' -CallerParams $PSBoundParameters
}