Utilities/IRMValidationUtility.ps1
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 |
using module "..\MCCA.psm1" <# This function returns list of parent labels and sublabels #> Function Get-IRMConfigurationPolicy { Param( $Config, $Templates, $LogFile ) $ConfigObjectList = @() try { $AnyPolicyEnabled = $false $IRMPolicy = @() foreach($Template in $templates) { $IRMPolicy += $Config["GetInsiderRiskPolicy"] | Where-Object { $_.InsiderRiskScenario -eq $Template } } foreach ($Policy in $IRMPolicy) { if ($($Policy.Mode) -eq "Enable") { if ($AnyPolicyEnabled -eq $false) { $AnyPolicyEnabled = $true } $ConfigObject = [MCCACheckConfig]::new() $ConfigObject.Object = "Policy" $ConfigObject.ConfigItem = "$($Policy.Name)" $UsergroupsEnabled = "" $ExchangeLocation = $Policy.ExchangeLocation foreach ($Location in $ExchangeLocation) { if ($UsergroupsEnabled -eq "") { $UsergroupsEnabled += "$Location" } else { $UsergroupsEnabled += ", $Location" } } if ($($Policy.InsiderRiskScenario) -eq "HighValueEmployeeDataLeak") { $PolicyGroups = $Policy.CustomTags foreach ($PolicyGroup in $PolicyGroups) { $Group = $PolicyGroup.Split("""")#The policy group details come as string hence parsing to get group name if ($UsergroupsEnabled -eq "") { $UsergroupsEnabled += "$($Group[3])" } else { $UsergroupsEnabled += ", $($Group[3])" } } } $ConfigObject.ConfigData = "$UsergroupsEnabled" $ConfigObject.SetResult([MCCAConfigLevel]::Ok, "Pass") $ConfigObjectList += $ConfigObject } } if ($AnyPolicyEnabled -eq $false) { $ConfigObject = [MCCACheckConfig]::new() $ConfigObject.Object = "Policy" $ConfigObject.ConfigItem = "<B>No active policy defined<B>" $ConfigObject.ConfigData = "" $ConfigObject.SetResult([MCCAConfigLevel]::OK, "Fail") $ConfigObjectList += $ConfigObject } } catch { Write-Host "Error:$(Get-Date) There was an issue while running MCCA. Please try running the tool again after some time." -ForegroundColor:Red $ErrorMessage = $_.ToString() $StackTraceInfo = $_.ScriptStackTrace Write-Log -IsError -ErrorMessage $ErrorMessage -StackTraceInfo $StackTraceInfo -LogFile $LogFile -ErrorAction:SilentlyContinue } return $ConfigObjectList } |