SHELL/1.3.1.ps1
|
$CheckId = "1.3.1" $Title = "Ensure the Password expiration policy is set to never expire" try { $Domains = Get-MgDomain -All | Select-Object Id,PasswordValidityPeriodInDays $NonCompliantDomains = $Domains | Where-Object { $_.PasswordValidityPeriodInDays -ne 2147483647 } $Pass = @($NonCompliantDomains).Count -eq 0 [pscustomobject]@{ CheckId = $CheckId Title = $Title Status = if ($Pass) { "PASS" } else { "FAIL" } Pass = $Pass Evidence = [pscustomobject]@{ Domains = @($Domains) NonCompliantDomain = @($NonCompliantDomains) } Error = $null Timestamp = Get-Date } } catch { [pscustomobject]@{ CheckId = $CheckId Title = $Title Status = "ERROR" Pass = $null Evidence = $null Error = $_.Exception.Message Timestamp = Get-Date } } |