More configuration options

EvotecIT · Aug 23, 2024 · 57186b8 · 57186b8
1 parent 2a25f35
commit 57186b8
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 18 deletions.
diff --git a/Public/New-PasswordConfigurationOption.ps1 b/Public/New-PasswordConfigurationOption.ps1
@@ -39,6 +39,12 @@
     .PARAMETER NotifyOnUserDaysToExpireNull
     Provides a way to control output to screen for UserDaysToExpireNull.
 
+    .PARAMETER NotifyOnUserMatchingRuleForManager
+    Provides a way to control output to screen for UserMatchingRuleForManager.
+
+    .PARAMETER NotifyOnUserMatchingRuleForManagerButNotCompliant
+    Provides a way to control output to screen for UserMatchingRuleForManagerButNotCompliant.
+
     .PARAMETER SearchPath
     Path to XML file that will be used for storing search results.
 
@@ -96,6 +102,8 @@
         [switch] $NotifyOnUserSend             , #= $true
         [switch] $NotifyOnUserMatchingRule     , #= $true
         [switch] $NotifyOnUserDaysToExpireNull , #= $true
+        [switch] $NotifyOnUserMatchingRuleForManager,
+        [switch] $NotifyOnUserMatchingRuleForManagerButNotCompliant,
         [string] $SearchPath,
         [string] $EmailDateFormat,
         [switch] $EmailDateFormatUTCConversion,
@@ -107,26 +115,28 @@
     $Output = [ordered] @{
         Type     = "PasswordConfigurationOption"
         Settings = [ordered] @{
-            ShowTime                     = $ShowTime.IsPresent
-            LogFile                      = $LogFile
-            TimeFormat                   = $TimeFormat
-            LogMaximum                   = $LogMaximum
-            NotifyOnSkipUserManagerOnly  = $NotifyOnSkipUserManagerOnly.IsPresent
-            NotifyOnSecuritySend         = $NotifyOnSecuritySend.IsPresent
-            NotifyOnManagerSend          = $NotifyOnManagerSend.IsPresent
-            NotifyOnUserSend             = $NotifyOnUserSend.IsPresent
-            NotifyOnUserMatchingRule     = $NotifyOnUserMatchingRule.IsPresent
-            NotifyOnUserDaysToExpireNull = $NotifyOnUserDaysToExpireNull.IsPresent
-            SearchPath                   = $SearchPath
+            ShowTime                                          = $ShowTime.IsPresent
+            LogFile                                           = $LogFile
+            TimeFormat                                        = $TimeFormat
+            LogMaximum                                        = $LogMaximum
+            NotifyOnSkipUserManagerOnly                       = $NotifyOnSkipUserManagerOnly.IsPresent
+            NotifyOnSecuritySend                              = $NotifyOnSecuritySend.IsPresent
+            NotifyOnManagerSend                               = $NotifyOnManagerSend.IsPresent
+            NotifyOnUserSend                                  = $NotifyOnUserSend.IsPresent
+            NotifyOnUserMatchingRule                          = $NotifyOnUserMatchingRule.IsPresent
+            NotifyOnUserDaysToExpireNull                      = $NotifyOnUserDaysToExpireNull.IsPresent
+            NotifyOnUserMatchingRuleForManager                = $NotifyOnUserMatchingRuleForManager.IsPresent
+            NotifyOnUserMatchingRuleForManagerButNotCompliant = $NotifyOnUserMatchingRuleForManagerButNotCompliant.IsPresent
+            SearchPath                                        = $SearchPath
             # conversion for DateExpiry/PasswordLastSet only
-            EmailDateFormat              = $EmailDateFormat
-            EmailDateFormatUTCConversion = $EmailDateFormatUTCConversion.IsPresent
+            EmailDateFormat                                   = $EmailDateFormat
+            EmailDateFormatUTCConversion                      = $EmailDateFormatUTCConversion.IsPresent
             # email property conversion (global)
-            OverwriteEmailProperty       = $OverwriteEmailProperty
+            OverwriteEmailProperty                            = $OverwriteEmailProperty
             # manager property conversion (global)
-            OverwriteManagerProperty     = $OverwriteManagerProperty
+            OverwriteManagerProperty                          = $OverwriteManagerProperty
             # filtering
-            FilterOrganizationalUnit     = $FilterOrganizationalUnit
+            FilterOrganizationalUnit                          = $FilterOrganizationalUnit
         }
     }
     Remove-EmptyValue -Hashtable $Output.Settings

diff --git a/Public/New-PasswordConfigurationRule.ps1 b/Public/New-PasswordConfigurationRule.ps1
@@ -49,7 +49,7 @@
     Parameter description
 
     .PARAMETER ReminderDays
-    Parameter description
+    Days before expiration to send reminder. If not set and ProcessManagersOnly is not set, the rule will be throw an error.
 
     .PARAMETER ManagerReminder
     Parameter description
@@ -123,7 +123,7 @@
         [string[]] $IncludeGroup,
         [string[]] $ExcludeGroup,
 
-        [parameter(Mandatory)][alias('ExpirationDays', 'Days')][Array] $ReminderDays,
+        [alias('ExpirationDays', 'Days')][Array] $ReminderDays,
 
         [switch] $ManagerReminder,
 
@@ -149,6 +149,17 @@
 
     )
 
+    if (-not $ProcessManagersOnly) {
+        if ($null -eq $ReminderDays) {
+            $ErrorMessage = "'ReminderDays' is required for rule '$Name', unless 'ProcessManagersOnly' is set. This is to make sure the rule is not skipped completly."
+            Write-Color -Text "[e]", " Processing rule ", $Name, " failed because of error: ", $ErrorMessage -Color Yellow, White, Red
+            return [ordered] @{
+                Type  = 'PasswordConfigurationRule'
+                Error = $ErrorMessage
+            }
+        }
+    }
+
     $Output = [ordered] @{
         Name                            = $Name
         Enable                          = $Enable.IsPresent