@@ -6,45 +6,59 @@ function Invoke-CippTestORCA107 {
66 param ($Tenant )
77
88 try {
9- $Policies = Get-CIPPTestData - TenantFilter $Tenant - Type ' ExoQuarantinePolicy '
9+ $Policies = Get-CIPPTestData - TenantFilter $Tenant - Type ' ExoGlobalQuarantinePolicy '
1010
1111 if (-not $Policies ) {
1212 Add-CippTestResult - TenantFilter $Tenant - TestId ' ORCA107' - TestType ' Identity' - Status ' Skipped' - ResultMarkdown ' No data found in database. This may be due to missing required licenses or data collection not yet completed.' - Risk ' Low' - Name ' End-user spam notification is enabled' - UserImpact ' Low' - ImplementationEffort ' Low' - Category ' Quarantine'
1313 return
1414 }
1515
16+ # Exo returns EndUserSpamNotificationFrequency as an ISO 8601 duration string ('PT4H', 'P1D', 'P7D').
17+ # 'PT0S' or null means notifications are disabled. The placeholder policy name 'DefaultGlobalPolicy'
18+ # indicates the global policy has never been configured.
1619 $FailedPolicies = [System.Collections.Generic.List [object ]]::new()
1720 $PassedPolicies = [System.Collections.Generic.List [object ]]::new()
1821
1922 foreach ($Policy in $Policies ) {
20- if ($Policy.EndUserSpamNotificationFrequency -gt 0 ) {
21- $PassedPolicies.Add ($Policy ) | Out-Null
23+ $Frequency = $Policy.EndUserSpamNotificationFrequency
24+ $IsConfigured = $Policy.Name -ne ' DefaultGlobalPolicy'
25+ $IsEnabled = $false
26+ if ($IsConfigured -and $Frequency ) {
27+ try {
28+ $TimeSpan = [System.Xml.XmlConvert ]::ToTimeSpan([string ]$Frequency )
29+ $IsEnabled = $TimeSpan.TotalSeconds -gt 0
30+ } catch {
31+ $IsEnabled = $false
32+ }
33+ }
34+
35+ $DisplayFrequency = if ($Frequency ) { [string ]$Frequency } else { ' Not set' }
36+ $Annotated = $Policy | Select-Object * , @ { Name = ' DisplayFrequency' ; Expression = { $DisplayFrequency } }
37+
38+ if ($IsEnabled ) {
39+ $PassedPolicies.Add ($Annotated ) | Out-Null
2240 } else {
23- $FailedPolicies.Add ($Policy ) | Out-Null
41+ $FailedPolicies.Add ($Annotated ) | Out-Null
2442 }
2543 }
2644
2745 if ($FailedPolicies.Count -eq 0 -and $PassedPolicies.Count -gt 0 ) {
2846 $Status = ' Passed'
29- $Result = [System.Text.StringBuilder ]::new(" All quarantine policies have end-user spam notifications enabled.`n`n " )
30- $null = $Result.Append (" **Compliant Policies:** $ ( $PassedPolicies.Count ) `n`n " )
31- $null = $Result.Append (" | Policy Name | Notification Frequency (days) |`n " )
32- $null = $Result.Append (" |------------|-------------------------------|`n " )
47+ $Result = [System.Text.StringBuilder ]::new(" The Global Quarantine policy has end-user spam notifications enabled.`n`n " )
48+ $null = $Result.Append (" | Policy Name | Notification Frequency |`n " )
49+ $null = $Result.Append (" |------------|------------------------|`n " )
3350 foreach ($Policy in $PassedPolicies ) {
34- $null = $Result.Append (" | $ ( $Policy.Identity ) | $ ( $Policy.EndUserSpamNotificationFrequency ) |`n " )
51+ $null = $Result.Append (" | $ ( $Policy.Identity ) | $ ( $Policy.DisplayFrequency ) |`n " )
3552 }
36- } elseif ($PassedPolicies.Count -eq 0 ) {
37- $Status = ' Failed'
38- $Result = [System.Text.StringBuilder ]::new(" No quarantine policies have end-user spam notifications enabled.`n`n " )
3953 } else {
4054 $Status = ' Failed'
41- $Result = [System.Text.StringBuilder ]::new(" $ ( $FailedPolicies.Count ) quarantine policies do not have end-user spam notifications enabled.`n`n " )
42- $null = $Result.Append (" **Non-Compliant Policies:** $ ( $FailedPolicies.Count ) `n`n " )
55+ $Result = [System.Text.StringBuilder ]::new(" The Global Quarantine policy does not have end-user spam notifications enabled.`n`n " )
4356 $null = $Result.Append (" | Policy Name | Notification Frequency |`n " )
44- $null = $Result.Append (" |------------|----------------------|`n " )
57+ $null = $Result.Append (" |------------|------------------------ |`n " )
4558 foreach ($Policy in $FailedPolicies ) {
46- $null = $Result.Append (" | $ ( $Policy.Identity ) | Disabled |`n " )
59+ $null = $Result.Append (" | $ ( $Policy.Identity ) | $ ( $Policy .DisplayFrequency ) |`n " )
4760 }
61+ $null = $Result.Append (" `n **Remediation:** Configure the Global Quarantine policy with a notification frequency (e.g. PT4H, P1D, or P7D) via `Set-QuarantinePolicy -EndUserSpamNotificationFrequency`." )
4862 }
4963
5064 Add-CippTestResult - TenantFilter $Tenant - TestId ' ORCA107' - TestType ' Identity' - Status $Status - ResultMarkdown $Result - Risk ' Low' - Name ' End-user spam notification is enabled' - UserImpact ' Low' - ImplementationEffort ' Low' - Category ' Quarantine'
0 commit comments