SHELL/8.5.3.ps1
|
$CheckId = "8.5.3" $Title = "Ensure only people in my org can bypass the lobby" $Level = "L1" $BenchmarkType = "Automated" $AllowedValues = @( "InvitedUsers", "EveryoneInCompanyExcludingGuests", "OrganizerOnly" ) try { $Policy = Get-CsTeamsMeetingPolicy -Identity Global -ErrorAction Stop $AutoAdmittedUsers = [string]$Policy.AutoAdmittedUsers $Pass = $AllowedValues -contains $AutoAdmittedUsers $Status = if ($Pass) { "PASS" } else { "FAIL" } [pscustomobject]@{ CheckId = $CheckId Title = $Title Level = $Level BenchmarkType = $BenchmarkType Status = $Status Pass = $Pass Evidence = [pscustomobject]@{ AutoAdmittedUsers = $AutoAdmittedUsers AllowedValues = $AllowedValues SourceDocument = "CIS_Microsoft_365_Foundations_Benchmark_v6.0.1" } Error = if ($Pass) { $null } else { "AutoAdmittedUsers is '$AutoAdmittedUsers'. It must be InvitedUsers, EveryoneInCompanyExcludingGuests, or OrganizerOnly." } Timestamp = Get-Date } } catch { [pscustomobject]@{ CheckId = $CheckId Title = $Title Level = $Level BenchmarkType = $BenchmarkType Status = "ERROR" Pass = $null Evidence = [pscustomobject]@{ AllowedValues = $AllowedValues; SourceDocument = "CIS_Microsoft_365_Foundations_Benchmark_v6.0.1" } Error = $_.Exception.Message Timestamp = Get-Date } } |