-
Notifications
You must be signed in to change notification settings - Fork 0
Add ExchangeOnline provider and Mailbox step pack #106
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Changes from all commits
Commits
Show all changes
13 commits
Select commit
Hold shift + click to select a range
a668261
Initial plan
Copilot 18885af
Add ExchangeOnline provider and Mailbox step pack modules
Copilot e410ab6
Add unit tests for ExchangeOnline provider and Mailbox steps
Copilot ee8e2d6
Add example workflows, fix ScriptAnalyzer warnings, verify all tests …
Copilot 84e923d
Address code review feedback: add constants and document code duplica…
Copilot ab1a70b
Address PR feedback: standardize manifest format, simplify READMEs, r…
Copilot b06ec94
Rename Mailbox.Report to Mailbox.GetInfo consistently across PR
Copilot 2f379d4
Add documentation for OOF message formatting and template substitution
Copilot 1187f59
Fix Export-ModuleMember to use explicit function names for determinis…
Copilot da84bce
Fix idempotency: include ExternalAudience in OOF change detection
Copilot 7061a94
Address code review feedback: fix module patterns, remove template su…
Copilot dfd679e
Remove duplicate Private helper functions, reuse IdLE.Steps.Common he…
Copilot 5f0621a
Address code review feedback: use local variables for regex patterns,…
Copilot File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,78 @@ | ||
| @{ | ||
| Name = 'Complete Leaver - EntraID + ExchangeOnline Offboarding' | ||
| LifecycleEvent = 'Leaver' | ||
| Description = 'Complete offboarding workflow: disables EntraID account, converts mailbox to shared, and enables Out of Office.' | ||
| Steps = @( | ||
| @{ | ||
| Name = 'GetMailboxInfo' | ||
| Type = 'IdLE.Step.Mailbox.GetInfo' | ||
| With = @{ | ||
| Provider = 'ExchangeOnline' | ||
| IdentityKey = @{ ValueFrom = 'Request.Input.UserPrincipalName' } | ||
| } | ||
| } | ||
| @{ | ||
| Name = 'ConvertToSharedMailbox' | ||
| Type = 'IdLE.Step.Mailbox.Type.Ensure' | ||
| With = @{ | ||
| Provider = 'ExchangeOnline' | ||
| IdentityKey = @{ ValueFrom = 'Request.Input.UserPrincipalName' } | ||
| MailboxType = 'Shared' | ||
| } | ||
| } | ||
| @{ | ||
| Name = 'EnableOutOfOffice' | ||
| Type = 'IdLE.Step.Mailbox.OutOfOffice.Ensure' | ||
| With = @{ | ||
| Provider = 'ExchangeOnline' | ||
| IdentityKey = @{ ValueFrom = 'Request.Input.UserPrincipalName' } | ||
| Config = @{ | ||
|
blindzero marked this conversation as resolved.
|
||
| Mode = 'Enabled' | ||
| InternalMessage = 'This person is no longer with the organization. For assistance, please contact their manager or the main office.' | ||
| ExternalMessage = 'This person is no longer with the organization. Please contact the main office for assistance.' | ||
| ExternalAudience = 'All' | ||
| } | ||
| } | ||
| } | ||
| @{ | ||
| Name = 'RevokeAllGroupMemberships' | ||
| Type = 'IdLE.Step.EnsureEntitlement' | ||
| With = @{ | ||
| Provider = 'Identity' | ||
| AuthSessionName = 'MicrosoftGraph' | ||
| AuthSessionOptions = @{ Role = 'Admin' } | ||
| IdentityKey = @{ ValueFrom = 'Request.Input.UserObjectId' } | ||
| Desired = @() | ||
| } | ||
| } | ||
| @{ | ||
| Name = 'ClearManager' | ||
| Type = 'IdLE.Step.EnsureAttribute' | ||
| With = @{ | ||
| Provider = 'Identity' | ||
| AuthSessionName = 'MicrosoftGraph' | ||
| AuthSessionOptions = @{ Role = 'Admin' } | ||
| IdentityKey = @{ ValueFrom = 'Request.Input.UserObjectId' } | ||
| Name = 'Manager' | ||
| Value = $null | ||
| } | ||
| } | ||
| @{ | ||
| Name = 'DisableEntraIDAccount' | ||
| Type = 'IdLE.Step.DisableIdentity' | ||
| With = @{ | ||
| Provider = 'Identity' | ||
| AuthSessionName = 'MicrosoftGraph' | ||
| AuthSessionOptions = @{ Role = 'Admin' } | ||
| IdentityKey = @{ ValueFrom = 'Request.Input.UserObjectId' } | ||
| } | ||
| } | ||
| @{ | ||
| Name = 'EmitCompletionEvent' | ||
| Type = 'IdLE.Step.EmitEvent' | ||
| With = @{ | ||
| Message = 'Complete offboarding finished: Mailbox converted to Shared, OOF enabled, EntraID account disabled.' | ||
| } | ||
| } | ||
| ) | ||
| } | ||
45 changes: 45 additions & 0 deletions
45
examples/workflows/live/exo-leaver-mailbox-offboarding.psd1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,45 @@ | ||
| @{ | ||
| Name = 'ExchangeOnline Leaver - Mailbox Offboarding' | ||
| LifecycleEvent = 'Leaver' | ||
| Description = 'Converts mailbox to shared, enables Out of Office, and optionally delegates access for offboarding users.' | ||
| Steps = @( | ||
| @{ | ||
| Name = 'GetMailboxInfo' | ||
| Type = 'IdLE.Step.Mailbox.GetInfo' | ||
| With = @{ | ||
| Provider = 'ExchangeOnline' | ||
| IdentityKey = @{ ValueFrom = 'Request.Input.UserPrincipalName' } | ||
| } | ||
|
blindzero marked this conversation as resolved.
|
||
| } | ||
| @{ | ||
| Name = 'ConvertToSharedMailbox' | ||
| Type = 'IdLE.Step.Mailbox.Type.Ensure' | ||
| With = @{ | ||
| Provider = 'ExchangeOnline' | ||
| IdentityKey = @{ ValueFrom = 'Request.Input.UserPrincipalName' } | ||
| MailboxType = 'Shared' | ||
| } | ||
| } | ||
| @{ | ||
| Name = 'EnableOutOfOffice' | ||
| Type = 'IdLE.Step.Mailbox.OutOfOffice.Ensure' | ||
| With = @{ | ||
| Provider = 'ExchangeOnline' | ||
| IdentityKey = @{ ValueFrom = 'Request.Input.UserPrincipalName' } | ||
| Config = @{ | ||
| Mode = 'Enabled' | ||
| InternalMessage = 'This person is no longer with the organization. For assistance, please contact their manager or the main office.' | ||
| ExternalMessage = 'This person is no longer with the organization. Please contact the main office for assistance.' | ||
| ExternalAudience = 'All' | ||
| } | ||
| } | ||
| } | ||
| @{ | ||
| Name = 'EmitCompletionEvent' | ||
| Type = 'IdLE.Step.EmitEvent' | ||
| With = @{ | ||
| Message = 'Mailbox offboarding completed.' | ||
| } | ||
| } | ||
| ) | ||
| } | ||
22 changes: 22 additions & 0 deletions
22
src/IdLE.Provider.ExchangeOnline/IdLE.Provider.ExchangeOnline.psd1
|
blindzero marked this conversation as resolved.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,22 @@ | ||
| @{ | ||
| RootModule = 'IdLE.Provider.ExchangeOnline.psm1' | ||
| ModuleVersion = '0.9.0' | ||
| GUID = 'e8f9a3b1-4c2d-4a5b-9f7e-3d2c1a9b8e7f' | ||
| Author = 'Matthias Fleschuetz' | ||
| Copyright = '(c) Matthias Fleschuetz. All rights reserved.' | ||
| Description = 'Exchange Online mailbox provider implementation for IdLE (requires ExchangeOnlineManagement module).' | ||
| PowerShellVersion = '7.0' | ||
|
|
||
| FunctionsToExport = @( | ||
| 'New-IdleExchangeOnlineProvider' | ||
| ) | ||
|
|
||
| PrivateData = @{ | ||
| PSData = @{ | ||
| Tags = @('IdentityLifecycleEngine', 'IdLE', 'Provider', 'ExchangeOnline', 'Mailbox') | ||
| LicenseUri = 'https://www.apache.org/licenses/LICENSE-2.0' | ||
| ProjectUri = 'https://github.com/blindzero/IdentityLifecycleEngine' | ||
| ContactEmail = '13959569+blindzero@users.noreply.github.com' | ||
| } | ||
| } | ||
| } |
29 changes: 29 additions & 0 deletions
29
src/IdLE.Provider.ExchangeOnline/IdLE.Provider.ExchangeOnline.psm1
|
blindzero marked this conversation as resolved.
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
| #requires -Version 7.0 | ||
| Set-StrictMode -Version Latest | ||
|
|
||
| $PrivatePath = Join-Path -Path $PSScriptRoot -ChildPath 'Private' | ||
| if (Test-Path -Path $PrivatePath) { | ||
|
|
||
| # Materialize first to avoid enumeration issues during import. | ||
| $privateScripts = @(Get-ChildItem -Path $PrivatePath -Filter '*.ps1' -File | Sort-Object -Property FullName) | ||
|
|
||
| foreach ($script in $privateScripts) { | ||
| . $script.FullName | ||
| } | ||
| } | ||
|
|
||
| $PublicPath = Join-Path -Path $PSScriptRoot -ChildPath 'Public' | ||
| if (Test-Path -Path $PublicPath) { | ||
|
|
||
| # Materialize first to avoid enumeration issues during import. | ||
| $publicScripts = @(Get-ChildItem -Path $PublicPath -Filter '*.ps1' -File | Sort-Object -Property FullName) | ||
|
|
||
| foreach ($script in $publicScripts) { | ||
| . $script.FullName | ||
| } | ||
| } | ||
|
|
||
| # Export Public functions - explicit list for deterministic behavior | ||
| Export-ModuleMember -Function @( | ||
| 'New-IdleExchangeOnlineProvider' | ||
| ) |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.