Public/generated/Get-KritTcmAADPIMGroupSetting.ps1
|
<# ·· × × × ··· SirJ's Deaddrop ··· × × × ··· — If you found this, you were meant to — ---------------- A Seriously Kritical™ Production ---------------- [] → (¯`·.¸¸.·´¯) .·´ `·. [] → `·.______________.·´ | +------------------+ | | | Kritical™ | | | | [] [] | | | | | | | | [] [] [] | | | +------------------+ | (._.·´¯`·.¸_) Your last call. And your first move. ★ ☆ ★ +61 1300 274 655 sales at kritical dot net ----------------------------------------------------------------- .COPYRIGHT (c) 2026 Kritical Pty Ltd. All rights reserved. .AUTHOR Joshua Finley <joshua.finley@kritical.net> .COMPANY Kritical Pty Ltd | ABN 39 687 048 086 Level 4 / 60 Moorabool St Geelong VIC 3220 1300 274 655 | sales@kritical.net | https://kritical.net/ .NOTES HARD RULE 13 canonical Kritical branding — do not overlay other agent banners. Auto-generated by Generate-KritTcmFromM365DscSchema.ps1 (.1507o30+). Upstream reference: Microsoft365DSC by Microsoft (MIT). This shim provides literal search-replace equivalence — see Krit.TCM/generated/index.md. #> function Get-KritTcmAADPIMGroupSetting { <# .SYNOPSIS Krit.TCM shim for M365DSC resource AADPIMGroupSetting. .DESCRIPTION Auto-generated from M365DSC .schema.mof by scripts/m365-setup/Generate-KritTcmFromM365DscSchema.ps1 (.1507o30). Search-replace safe: callers that today invoke Get-M365DSCAADPIMGroupSetting -Credential $cred -TenantId $tid can rename to Get-KritTcmAADPIMGroupSetting -Credential $cred -TenantId $tid with ZERO other edits. Parameter shape matches the M365DSC .schema.mof exactly. Per operator direction, -PreferM365DscBehavior defaults to true. Actual Graph dispatch is delegated to Invoke-KritTcmM365DscSchemaBridge. Bridge maps resource → Graph endpoint per per-resource wave; where mapping is not yet shipped, bridge returns an object with Verdict='UNMAPPED'. .NOTES Workload: Entra Original mof: C:\Users\joshl\OneDrive - Kritical Pty Ltd\Github\KRTPax8ToShopifyConnector\.kritm365-mine\Microsoft365DSC\Modules\Microsoft365DSC\DSCResources\MSFT_AADPIMGroupSetting\MSFT_AADPIMGroupSetting.schema.mof Param count: 44 Generator wave: .1507o30 #> [CmdletBinding()] param( # RuleDefinition DisplayName [Parameter(Mandatory)] [string]$DisplayName, # The identifier of the membership or ownership eligibility to the group that is governed by PIM. Required. The possible values are: owner, member. Supports $filter (eq). [Parameter(Mandatory)] [ValidateSet('owner','member')] [string]$RoleDefinitionId, # Specifies the Group Policy Id. [string]$Id, # Activation maximum duration (hours). [string]$ActivationMaxDuration, # Require justification on activation (True/False) [bool]$ActivationReqJustification, # Require ticket information on activation (True/False) [bool]$ActivationReqTicket, # Require MFA on activation (True/False) [bool]$ActivationReqMFA, # Require approval to activate (True/False) [bool]$ApprovaltoActivate, # Allow permanent eligible assignment (True/False) [bool]$PermanentEligibleAssignmentisExpirationRequired, # Expire eligible assignments after (Days) [string]$ExpireEligibleAssignment, # Allow permanent active assignment (True/False) [bool]$PermanentActiveAssignmentisExpirationRequired, # Expire active assignments after (Days) [string]$ExpireActiveAssignment, # Require Azure Multi-Factor Authentication on active assignment (True/False) [bool]$AssignmentReqMFA, # Require justification on active assignment (True/False) [bool]$AssignmentReqJustification, # Require Azure Multi-Factor Authentication on eligible assignment (True/False) [bool]$EligibilityAssignmentReqMFA, # Require justification on eligible assignment (True/False) [bool]$EligibilityAssignmentReqJustification, # Send notifications when members are assigned as eligible to this group: Group assignment alert, default recipient (True/False) [bool]$EligibleAlertNotificationDefaultRecipient, # Send notifications when members are assigned as eligible to this group: Group assignment alert, only critical Email (True/False) [bool]$EligibleAlertNotificationOnlyCritical, # Send notifications when members are assigned as eligible to this group: Notification to the assigned user (assignee), default recipient (True/False) [bool]$EligibleAssigneeNotificationDefaultRecipient, # Send notifications when members are assigned as eligible to this group: Notification to the assigned user (assignee), only critical Email (True/False) [bool]$EligibleAssigneeNotificationOnlyCritical, # Send notifications when members are assigned as eligible to this group: Request to approve a group assignment renewal/extension, default recipient (True/False) [bool]$EligibleApproveNotificationDefaultRecipient, # Send notifications when members are assigned as eligible to this group: Request to approve a group assignment renewal/extension, only critical Email (True/False) [bool]$EligibleApproveNotificationOnlyCritical, # Send notifications when members are assigned as active to this group: Group assignment alert, default recipient (True/False) [bool]$ActiveAlertNotificationDefaultRecipient, # Send notifications when members are assigned as active to this group: Group assignment alert, only critical Email (True/False) [bool]$ActiveAlertNotificationOnlyCritical, # Send notifications when members are assigned as active to this group: Notification to the assigned user (assignee), default recipient (True/False) [bool]$ActiveAssigneeNotificationDefaultRecipient, # Send notifications when members are assigned as active to this group: Notification to the assigned user (assignee), only critical Email (True/False) [bool]$ActiveAssigneeNotificationOnlyCritical, # Send notifications when members are assigned as active to this group: Request to approve a group assignment renewal/extension, default recipient (True/False) [bool]$ActiveApproveNotificationDefaultRecipient, # Send notifications when members are assigned as active to this group: Request to approve a group assignment renewal/extension, only critical Email (True/False) [bool]$ActiveApproveNotificationOnlyCritical, # Send notifications when eligible members activate this group: Group assignment alert, default recipient (True/False) [bool]$EligibleAssignmentAlertNotificationDefaultRecipient, # Send notifications when eligible members activate this group: Group assignment alert, only critical Email (True/False) [bool]$EligibleAssignmentAlertNotificationOnlyCritical, # Send notifications when eligible members activate this group: Notification to activated user (requestor), default recipient (True/False) [bool]$EligibleAssignmentAssigneeNotificationDefaultRecipient, # Send notifications when eligible members activate this group: Notification to activated user (requestor), only critical Email (True/False) [bool]$EligibleAssignmentAssigneeNotificationOnlyCritical, # Authorization context is required (True/False) [bool]$AuthenticationContextRequired, # Descriptive name of associated authorization context [string]$AuthenticationContextName, # Authorization context id [string]$AuthenticationContextId, # Specify if the Azure AD group setting should exist or not. [ValidateSet('Present')] [string]$Ensure, # Credentials for the Microsoft Graph delegated permissions. [string]$Credential, # Id of the Azure Active Directory application to authenticate with. [string]$ApplicationId, # Id of the Azure Active Directory tenant used for authentication. [string]$TenantId, # Secret of the Azure Active Directory application to authenticate with. [string]$ApplicationSecret, # Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. [string]$CertificateThumbprint, # Username can be made up to anything but password will be used for CertificatePassword [string]$CertificatePassword, # Path to certificate used in service principal usually a PFX file. [string]$CertificatePath, # Managed ID being used for authentication. [bool]$ManagedIdentity ) Invoke-KritTcmM365DscSchemaBridge -ResourceName 'AADPIMGroupSetting' -Workload 'Entra' -Verb 'Get' -CallerParams $PSBoundParameters } |