Public/Start-NLBaseline.ps1
|
<#
.SYNOPSIS Starts the NLBaseline interactive menu .DESCRIPTION Displays the status dashboard and main menu for NLBaseline management .EXAMPLE Start-NLBaseline #> function Start-NLBaseline { [CmdletBinding()] param() # Initialize module variable for workspace path if (-not $script:NLBaselineWorkspacePath) { $script:NLBaselineWorkspacePath = Get-WorkspacePath } try { # Detect non-interactive (e.g. redirected stdout); avoid RawUI/Clear-Host $script:NonInteractive = $false try { $Host.UI.RawUI.CursorPosition = $Host.UI.RawUI.CursorPosition Clear-Host } catch { $script:NonInteractive = $true } if ($script:NonInteractive) { Write-Host "NLBaseline loaded. Run in an interactive console for the menu (e.g. .\Start-NLBaseline.ps1)." -ForegroundColor Yellow return } # Show status dashboard Show-StatusDashboard -WorkspacePath $script:NLBaselineWorkspacePath # Main menu loop - SIMPLIFIED MENU with exactly 5 options # 1. Setup (Initialize Workspace, Sync Resources, View Configuration) # 2. Baseline Deployment (Deploy All Components, CIS Benchmark, etc.) # 3. Remove All from Intune (Delete ALL policies) # 4. Backup & Restore (Export and Restore) # 5. Help & Documentation $exit = $false while (-not $exit) { $mainMenuOptions = @( "Setup", "Baseline Deployment", "Remove All from Intune", "Backup & Restore", "Help & Documentation" ) $selection = Show-Menu -Title "NLBaseline - Main Menu" -Options $mainMenuOptions switch ($selection) { 0 { $exit = $true Write-Host "`nExiting NLBaseline. Goodbye!`n" -ForegroundColor Yellow } 1 { Show-SetupMenu } 2 { Show-BaselineDeploymentMenu } 3 { Write-Host "`nRemove ALL Policies from Intune`n" -ForegroundColor Cyan Write-Host "WARNING: This will delete ALL device configuration policies and compliance policies!" -ForegroundColor Red Write-Host "This includes all policies, not just NLBaseline policies." -ForegroundColor Yellow $confirm = Read-Host "Are you sure you want to delete ALL policies? Type 'YES' to confirm" if ($confirm -eq 'YES') { Remove-AllNLBaselinePoliciesFromIntune } else { Write-Host "Operation cancelled." -ForegroundColor Yellow } } 4 { Show-BackupRestoreMenu } 5 { Show-HelpMenu } } if (-not $exit) { Write-Host "`nPress any key to return to main menu..." -ForegroundColor Gray $null = $Host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown") } } } catch { Write-Error "Error in Start-NLBaseline: $_" } } function Show-SetupMenu { $options = @("Initialize Workspace", "Sync Workspace Resources", "View Configuration") $selection = Show-Menu -Title "Setup" -Options $options switch ($selection) { 1 { Write-Host "`nInitialize NLBaseline Workspace`n" -ForegroundColor Cyan $workspacePath = Read-Host "Enter workspace folder path (e.g., C:\NLBaseline\Workspace)" if ($workspacePath) { Initialize-NLBaseline -WorkspacePath $workspacePath } else { Write-Host "Operation cancelled." -ForegroundColor Yellow } } 2 { Write-Host "`nSync Workspace Resources`n" -ForegroundColor Cyan Write-Host "This will synchronize all module resources to your workspace, ensuring everything is up to date." -ForegroundColor Yellow $confirm = Read-Host "Continue? [Y/N]" if ($confirm -eq 'Y' -or $confirm -eq 'y') { $force = Read-Host "Force sync all files (overwrite existing)? [Y/N]" $isForce = ($force -eq 'Y' -or $force -eq 'y') Sync-NLBaselineWorkspace -Force:$isForce } else { Write-Host "Operation cancelled." -ForegroundColor Yellow } } 3 { Write-Host "`nCurrent Configuration`n" -ForegroundColor Cyan if ($script:NLBaselineWorkspacePath) { $config = Get-Config -WorkspacePath $script:NLBaselineWorkspacePath if ($config) { Write-Host "Workspace: $($config.Workspace.BasePath)" -ForegroundColor White Write-Host "Initialized: $($config.Workspace.Initialized)" -ForegroundColor White Write-Host "App Registration ID: $(if ($config.AppRegistration.ClientId) { 'Configured' } else { 'Not configured' })" -ForegroundColor $(if ($config.AppRegistration.ClientId) { 'Green' } else { 'Red' }) Write-Host "Tenant ID: $(if ($config.AppRegistration.TenantId) { 'Configured' } else { 'Not configured' })" -ForegroundColor $(if ($config.AppRegistration.TenantId) { 'Green' } else { 'Red' }) Write-Host "OpenAI Endpoint: $(if ($config.OpenAI.Endpoint) { 'Configured' } else { 'Not configured' })" -ForegroundColor $(if ($config.OpenAI.Endpoint) { 'Green' } else { 'Red' }) } } else { Write-Host "Workspace not configured. Run Initialize Workspace first." -ForegroundColor Red } } } } function Show-BaselineDeploymentMenu { $options = @( "Deploy All Components", "Deploy Baseline Components", "Deploy CIS Benchmark", "Deploy Endpoint Security", "Deploy Compliance Policies", "Deploy Other Policies (ASR, Exploit Protection, etc.)" ) $selection = Show-Menu -Title "Baseline Deployment" -Options $options switch ($selection) { 1 { Write-Host "`nDeploy All NLBaseline to Intune`n" -ForegroundColor Cyan Write-Host "This will deploy all baseline components, CIS Benchmark, and other policies." -ForegroundColor Yellow $confirm = Read-Host "Continue? [Y/N]" if ($confirm -eq 'Y' -or $confirm -eq 'y') { Deploy-AllNLBaselineToIntune } else { Write-Host "Operation cancelled." -ForegroundColor Yellow } } 2 { Write-Host "`nDeploy Baseline Components`n" -ForegroundColor Cyan $choice = Read-Host "Import (A)ll components or (S)single? [A/S]" $comp = $null if ($choice -eq 'S' -or $choice -eq 's') { $comp = Read-Host "Component name (e.g. MicrosoftDefender)" } if ($comp) { Import-NLBaselineToIntune -ComponentName $comp } else { Import-NLBaselineToIntune } } 3 { Write-Host "`nDeploy CIS Benchmark`n" -ForegroundColor Cyan Write-Host "CIS Benchmark Levels:" -ForegroundColor Yellow Write-Host " 1. Level 1 (Corporate/Enterprise)" -ForegroundColor White Write-Host " 2. Level 2 (High Security/Sensitive Data)" -ForegroundColor White Write-Host " 3. All Levels" -ForegroundColor White $levelChoice = Read-Host "Select level [1/2/3]" $level = switch ($levelChoice) { "1" { "Level1" } "2" { "Level2" } default { "All" } } Write-Host "`nCIS Categories:" -ForegroundColor Yellow Write-Host " 1. Account Policies" -ForegroundColor White Write-Host " 2. Local Policies" -ForegroundColor White Write-Host " 3. Windows Services" -ForegroundColor White Write-Host " 4. Windows Firewall" -ForegroundColor White Write-Host " 5. User Rights Assignment" -ForegroundColor White Write-Host " 6. Security Options" -ForegroundColor White Write-Host " 7. Additional Security" -ForegroundColor White Write-Host " 8. All Categories" -ForegroundColor White $categoryChoice = Read-Host "Select category [1-8]" $category = switch ($categoryChoice) { "1" { "Account Policies" } "2" { "Local Policies" } "3" { "Windows Services" } "4" { "Windows Firewall" } "5" { "User Rights Assignment" } "6" { "Security Options" } "7" { "Additional Security" } default { "All" } } Import-CISBenchmarkToIntune -Level $level -Category $category } 4 { Write-Host "`nDeploy Endpoint Security`n" -ForegroundColor Cyan Import-EndpointSecurityToIntune } 5 { Write-Host "`nDeploy Compliance Policies`n" -ForegroundColor Cyan Import-CompliancePolicyToIntune Import-MultiPlatformComplianceToIntune } 6 { Write-Host "`nDeploy Other Policies`n" -ForegroundColor Cyan Write-Host "This includes: ASR, Exploit Protection, Event Viewer Views, Country IP Blocking, Update Rings, Tamper Protection, Windows LAPS" -ForegroundColor Yellow $confirm = Read-Host "Continue? [Y/N]" if ($confirm -eq 'Y' -or $confirm -eq 'y') { Import-ASRPolicyToIntune Import-ExploitProtectionToIntune Import-EventViewerCustomViews Import-CountryIPBlockingToIntune Import-UpdateRingsToIntune Import-TamperProtectionToIntune Import-WindowsLAPSToIntune } } } } function Show-BackupRestoreMenu { $options = @("Export from Intune (Backup)", "Restore from Backup") $selection = Show-Menu -Title "Backup & Restore" -Options $options switch ($selection) { 1 { Write-Host "`nExport NLBaseline from Intune (Backup)`n" -ForegroundColor Cyan Write-Host "This will export all NLBaseline policies from Intune as backup." -ForegroundColor Yellow $confirm = Read-Host "Continue? [Y/N]" if ($confirm -eq 'Y' -or $confirm -eq 'y') { Export-NLBaselineFromIntune } else { Write-Host "Operation cancelled." -ForegroundColor Yellow } } 2 { Write-Host "`nRestore NLBaseline from Backup`n" -ForegroundColor Cyan Write-Host "This will restore previously exported policies back to Intune." -ForegroundColor Yellow $confirm = Read-Host "Continue? [Y/N]" if ($confirm -eq 'Y' -or $confirm -eq 'y') { Restore-NLBaselineFromIntune } else { Write-Host "Operation cancelled." -ForegroundColor Yellow } } } } function Show-HelpMenu { $options = @("Quick Help", "Module Documentation", "Keyboard Shortcuts") $selection = Show-Menu -Title "Help & Documentation" -Options $options switch ($selection) { 1 { Write-Host "`nQuick Help`n" -ForegroundColor Cyan Write-Host "Use the menu numbers to navigate. Press 0 to go back or exit.`n" -ForegroundColor White Write-Host "Main Menu Options:" -ForegroundColor Yellow Write-Host " 1. Setup - Initialize workspace, sync resources, and view configuration" -ForegroundColor White Write-Host " 2. Baseline Deployment - Deploy all baseline components to Intune" -ForegroundColor White Write-Host " 3. Remove All from Intune - Delete ALL policies (Device Configurations + Compliance)" -ForegroundColor White Write-Host " 4. Backup & Restore - Export and restore Intune policies" -ForegroundColor White Write-Host " 5. Help & Documentation - This menu" -ForegroundColor White } 2 { Write-Host "`nModule Documentation`n" -ForegroundColor Cyan Write-Host "See README.md and WORKSPACE-SETUP-GUIDE.md for full documentation.`n" -ForegroundColor White $modRoot = Split-Path -Parent $PSScriptRoot Write-Host "Module Location: $modRoot" -ForegroundColor Gray } 3 { Write-Host "`nKeyboard Shortcuts`n" -ForegroundColor Cyan Write-Host " 0 - Back/Exit" -ForegroundColor White Write-Host " 1-9 - Select menu option" -ForegroundColor White Write-Host " ESC - Back" -ForegroundColor White Write-Host "`n" -ForegroundColor White } } } |