SHELL/1.2.1.ps1
|
$CheckId = "1.2.1" $Title = "Ensure that only organizationally managed/approved public groups exist" try { $PublicGroups = Get-MgGroup -All | Where-Object { $_.Visibility -eq "Public" } | Select-Object DisplayName,Id,Visibility $Pass = @($PublicGroups).Count -eq 0 [pscustomobject]@{ CheckId = $CheckId Title = $Title Status = if ($Pass) { "PASS" } else { "FAIL" } Pass = $Pass Evidence = [pscustomobject]@{ PublicGroupCount = @($PublicGroups).Count PublicGroups = @($PublicGroups) } Error = $null Timestamp = Get-Date } } catch { [pscustomobject]@{ CheckId = $CheckId Title = $Title Status = "ERROR" Pass = $null Evidence = $null Error = $_.Exception.Message Timestamp = Get-Date } } |