github KelvinTegelaar/CIPP v10.3.0
v10.3.0 - The Fishbowl
on GitHub

18 hours ago

I think we caught a big one!

For the past few weeks our team has been going at it. We've been building everything you've been asking for at an unbelievable rate. Our entire dev team had one focus; build a release that included everyone's wishes and feature requests, and fix any bugs we find and squash them!

This release is called the Fishbowl because we touched so many different things. So before we get started with telling you all the cool new stuff, grab a straw, stick it into this Fishbowl and lets get going.

Custom Reporting and database access

Under tools -> Report Builder or on the dashboard you'll now find our new report builder. Our report builder allows you access to everything inside of our database at any moment in time; this means you can create custom reports for one tenant, or all tenants. You have the option to generate it as a PDF, CSV, JSON, or just text. This includes the option to email these reports directly and schedule them monthly.

Want a custom report that shows someone how their license usage relates to their CA policies? boom done. All in a simple format where you can add any block you want; Maester tests, CIPP database access, or just custom HTML/Markdown blocks. Add whatever you want at whatever time.

But of course we're not letting you just go out and have to create everything yourself. We've made sure our catalog contains a bunch of reports such as an actually usable Copilot readiness report. or a CISA report or even a General Tenant report.

Want to check out how it looks? of course we prepared a demo for you here: https://app.storylane.io/share/vcrohqu0snfg

Custom Maester/PowerShell Tests and custom alerts

Yes. We're now allowing you to run custom PowerShell tests, meaning that you can check any setting against the CIPP database, this database is updated every 24 hours right before your tests launch so you can see exactly what the results are. You can use JSON or markdown output so you're immediately able to use this in your own custom reports too.

And that's not all. These scripts can also be used to directly alert on. Imagine you've created a PowerShell script that looks up any CA policies with the user "Bla" excluded. You can now report on that.

licenses expiring but assigned to a VIP user? That can be a custom alert. Anything in our database, can be alerted on going forward, and its all using PowerShell so no need to learn a new language!

Want to see that in action? go check it out: https://app.storylane.io/share/qevotii3ats1

Vacation mode pimped.

Vacation mode also got some extra love in this release; expansion for scheduling groups, forwarding, but also a new tutorial to explain you how to use vacation mode. Go check it out here: https://app.storylane.io/share/d7llhd4j78qv

Better webhooks

The webhooks have had some work too; you now have the option to change our schema - the new universal schema allows you to react better on automated requests or forward it to your system of choice. The webhooks now also have support for authentication or specialized headers.

Timezones and stuff

We've moved from our old schedule which uses NCron to Chronos, Chronos is cooler, better, newer, awesomer, and supports timezones. Please go into your superadmin settings to switch the timezone for your function app to get optimal performance; no more running standards in the middle of your workday!

If you've used the WEBSITE_TIME_ZONE setting, its now time to remove that, as this brings better support. :)

And so much more:

There's so much more to mention this time that I just cant. Look at the list below, I think this might just be our biggest release yet.

We've added:

  • Custom Scripts — full test system with manual runs, scheduler support, and enable/disable actions
  • Vacation Mode — mail forwarding support with scheduling
  • Intune Application Deployment Templates — create, manage, and upload to GitHub
  • Intune Policy Comparison — compare policies side by side
  • MDE Onboarding Status — new report under Security
  • Create Template from User
  • Group membership in user templates
  • Colleague Impersonation Alert standard
  • SMTP Auth Success alert
  • Global Quarantine Settings standard
  • Exchange Mailbox SOA Change standard
  • Exchange Cloud Management for on-premises mailboxes standard
  • Defender policy templates — Invoke-AddDefenderTemplate with template-only mode support
  • App & service principal expiry checks
  • Standardised Alert Schema — opt-in webhook schema toggle for webhooks
  • Webhook authentication methods — configurable auth for notification webhooks
  • GDAP Roles — updated with new MS role added April 2026
  • Command blocklist for scheduled tasks — additional blocked commands for security
  • Active Sync device blocking standard
  • Compliance state chips in table formatting
  • Pages search & keyboard navigation
  • Logbook tooltip for truncated messages
  • Exclude license from dashboard dropdown
  • HIBP API key clear action
  • SMTP sign-in date range filter
  • Add litigation/retention mailbox fields
  • Dashboard test UI improvements and report editor
  • Chrome Extension — domain squatting detection and additional settings

We've fixed:

  • Intune drift — deletion detection, cache clear, bundle remediation, "dud" remediation
  • Bulk Intune app assignment — assignment fields and data formatter refactored
  • Standards template import — wrong API endpoint in PolicyImportDrawer
  • Manual cache refresh — passing GUID instead of defaultDomainName
  • Scheduler scope — removed erroneous scope field, added tenant name
  • JIT Admin TAP warning — warns when TAP not enabled in tenant
  • Username clipboard — no longer copies display label with username
  • LAPS standard — redundant Graph API calls removed
  • Teams Phone DID removal — missing Content-Type header
  • App registration secret expiry — respects Microsoft's expiration restrictions
  • Reporting DB manual run
  • Custom application scripts — variable entry fix
  • Mailnickname sanitisation
  • API client resilience — better handling for Entra replication timin
  • MFA method removal — refactored to individual requests
  • Onboarding — GDAP onboarding rescheduling, legacy add-in removal fix
  • Group template resubmit on edit page
  • Alert overflow in narrow drawers
  • Audit log filtering — OData sanitization, multi-row entries, timer calculations
  • businessPhones handling in user defaults
  • Username fields — missing fields in template object creation
  • Hudu people/devices — forced to array

Sponsors

We extend our gratitude to our supporters at https://renroros.no/, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com/, https://rewst.io/ https://augmentt.com/ and newly added Domotz and Guardz!

New Contributors

Full Changelog API: KelvinTegelaar/CIPP-API@10.2.6...10.3.0

Full Changelog: v10.2.0...v10.3.0

Check out latest releases or
releases around KelvinTegelaar/CIPP v10.3.0

Don't miss a new CIPP release

NewReleases is sending notifications on new releases.

Get notifications