We did a Microsoft.

The first release of the new year and it's a big one. During the last 4 weeks our developers and our contributors came together to make a magical new version of CIPP.

Before we get started with the cool new features, this is one of those releases where we really pushed on making things happen for our entire industry. We've integrated more OSS projects into our OSS product, that allows us all to be lifted up but also contribute back to these projects. That's why I want to thank the team at Maester and @merill for making sure we all keep the OSS spirit alive.

Now, let's make ourselves a Xanadu cocktail and look at the changes.

_{Oh yeah, we also did a Microsoft; skipped 9 and went straight to 10. Just because we're so proud of this release.}

New Dashboard, who dis?

We've looked at our dashboard good and long and figured we need more actionable data on there. Getting our community feedback was amazing during this process and we've built a pretty cool new overview.

The new dashboard shows you exactly the tenant state you'd expect to see; Secure Score, MFA status, which MFA devices are used, licenses, but also counts of your users, policies, and more. You'll also notice a new card called "Assessment" and the ability to select a report. This is data that is collected every night and we perform all tests in each test suite fully automatically.

That means you can test against any Maester test included in CIPP, currently we have the full Microsoft ZTNA test thanks to the help of Microsoft directly, we have ORCA, Scuba, and there is more coming; Full CIS testing using the Maester framework inside of CIPP, for all your tenants.

We're also allowing you to create your own tests in the next version - Allowing you to query against any object our M365 database to see what's going on with your tenant. Custom reporting? Coming too!

Interested how this looks? check out the demo here.

Drifting with better UX

We had some really good suggestions around UX so we figured lets drift around the corner and help you understand things better. First of we've added filters to the drift page, allowing you to easily compare to the settings you want, the drift page now also shows things that are aligned correctly.

When things aren't aligned however, we've added the ability for you to see exactly what object isn't in sync. So if a CA policy is missing its excluded users group, you'll be able to zoom in on that much easier. Want to see how that looks? check out this screenshot.

Reports reports reports

We've had users ask for a couple of pretty complex reporting for a long time now; the MFA report for every single tenant at the same time, and a report of all users mailbox permissions. With the new testing database we've created for Maester it's actually much easier to execute these kind of complex reports. So what does this mean? You can now find a mailbox permissions report under our Exchange header. This report is updated nightly, but of course we've created a button to get an instant report too.

JIT improvements

Thanks to @Zacgoose we've updated our JIT settings; you're now able to set the maximum time for a JIT admin inside of the settings menu, and you're able to create JIT templates so it's always setup exactly the way you like it. Thanks Zac!

Timezones

Under super admin you can now find a timezone settings. Here you can setup the timezone the function app runs in, this is useful if your jobs sometimes run during working hours and you don't want that. Just a quick QoL improvement we've implemented.

And so much more:

• We've implemented a new alert for when Secure Defaults and CA isn't present.
• We've fixed a bug when you deleted a standard and it didn't remove it
• We've fixed the issue with links for enterprise apps not being right
• We fixed an issue with MX record reporting not showing all results
• We've fixed another problem with BEC and usernames with the same format.
• Updated the drift management page to always show the names of policies
• Updated the standards report to be slightly prettier. :)
• And so much more.

Sponsors

We extend our gratitude to our supporters at https://renroros.no/, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com/, https://rewst.io/ https://augmentt.com/ and newly added Domotz and Guardz!

What's Changed in the API

• Added overwrite toggle for transport rule standard by @kakaiwa in KelvinTegelaar/CIPP-API#1755
• Enterprise Apps link in new service principal alerts are not in the correct format by @Zacgoose in KelvinTegelaar/CIPP-API#1757
• Fix: Fix app protection policies not being listed by @kris6673 in KelvinTegelaar/CIPP-API#1756
• Add Get-CIPPAlertIntunePolicyConflicts function by @MWG-Logan in KelvinTegelaar/CIPP-API#1759
• Fix: hashtable alert errors for CIPPAlertOneDriveQuota by @kris6673 in KelvinTegelaar/CIPP-API#1760
• Bug: Handle array type for conditions.users in Conditional Access Template processing by @sfaxluke in KelvinTegelaar/CIPP-API#1754
• Check accountEnabled property for shared mailbox user by @Zacgoose in KelvinTegelaar/CIPP-API#1758
• Feat: Add functions to list and manage trusted and blocked senders by @kris6673 in KelvinTegelaar/CIPP-API#1744
• Fix: Sort group members and owners by displayName by @kris6673 in KelvinTegelaar/CIPP-API#1765
• Fix: Remove measure command from Get-CIPPAlertNewAppApproval by @kris6673 in KelvinTegelaar/CIPP-API#1762
• Add secret name / ID to table by @chase-vgo in KelvinTegelaar/CIPP-API#1761
• Optimize MFA state retrieval and policy mapping by @Zacgoose in KelvinTegelaar/CIPP-API#1764
• Add JIT Admin template management and settings by @Zacgoose in KelvinTegelaar/CIPP-API#1767
• Fix: Update return message for license assignment by @kris6673 in KelvinTegelaar/CIPP-API#1770
• Fix: Enhance error handling for user creation tasks by @kris6673 in KelvinTegelaar/CIPP-API#1768
• Dev to release - CIPP X(10.0.0) by @KelvinTegelaar in KelvinTegelaar/CIPP-API#1772

Full Changelog: KelvinTegelaar/CIPP-API@8.8.2...10.0.0

What's Changed

• Dev to hotfix by @JohnDuprey in #5112
• Dev to hotfix by @JohnDuprey in #5124
• Added overwrite toggle for transport rule standard by @kakaiwa in #5141
• Add Intune policy conflict alert configuration by @MWG-Logan in #5150
• Feat: Add requestDate column with formatted DateTime by @kris6673 in #5161
• Tenant selector bug fix by @ZenTopBrandon in #5167
• Update GDAP invite URLs to new Microsoft admin domain by @sfaxluke in #5175
• Stop Dependabot bullying by @LukeSteward in #5172
• Feat: Add trusted and blocked senders exchange user card and action by @kris6673 in #5092
• Add JIT Admin Templates and settings integration by @Zacgoose in #5192
• Dev to release - CIPP X(10.0.0) by @KelvinTegelaar in #5202

New Contributors

• @LukeSteward made their first contribution in #5172

Full Changelog: v8.8.0...v10.0.0