Skip to content

Commit

Permalink
Report LCM details only if running as administrator
Browse files Browse the repository at this point in the history
  • Loading branch information
Fabien Tschanz committed Jan 16, 2025
1 parent e362c1a commit 14cc3a5
Show file tree
Hide file tree
Showing 2 changed files with 53 additions and 46 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
# Change log for Microsoft365DSC

# UNRELEASED

* M365DSCTelemetryEngine
* Report LCM details only if running as administrator.

# 1.25.115.1

* AADAuthenticationRequirement
Expand Down
94 changes: 48 additions & 46 deletions Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,14 +108,7 @@ function Add-M365DSCTelemetryEvent
{
if ($null -eq $Script:M365DSCCurrentRoles -or $Script:M365DSCCurrentRoles.Length -eq 0)
{
try
{
Connect-M365Tenant -Workload 'MicrosoftGraph' @Global:M365DSCTelemetryConnectionToGraphParams -ErrorAction SilentlyContinue
}
catch
{
Write-Verbose -Message $_
}
Connect-M365Tenant -Workload 'MicrosoftGraph' $Global:M365DSCTelemetryConnectionToGraphParams -ErrorAction SilentlyContinue
$Script:M365DSCCurrentRoles = @()

$uri = (Get-MSCloudLoginConnectionProfile -Workload MicrosoftGraph).ResourceUrl + 'v1.0/me?$select=id'
Expand Down Expand Up @@ -151,7 +144,7 @@ function Add-M365DSCTelemetryEvent
{
try
{
Connect-M365Tenant -Workload 'MicrosoftGraph' @Global:M365DSCTelemetryConnectionToGraphParams -ErrorAction Stop
Connect-M365Tenant -Workload 'MicrosoftGraph' $Global:M365DSCTelemetryConnectionToGraphParams -ErrorAction Stop
$Script:M365DSCCurrentRoles = @()

$sp = Get-MgServicePrincipal -Filter "AppId eq '$($Global:M365DSCTelemetryConnectionToGraphParams.ApplicationId)'" `
Expand Down Expand Up @@ -372,54 +365,63 @@ function Add-M365DSCTelemetryEvent
# LCM Metadata Information
try
{
if ($null -eq $Script:LCMInfo)
if ($null -eq $Script:M365DSCCurrentPrincipalIsAdmin)
{
$Script:LCMInfo = Get-DscLocalConfigurationManager -ErrorAction Stop
$currentPrincipal = New-Object System.Security.Principal.WindowsPrincipal([System.Security.Principal.WindowsIdentity]::GetCurrent())
$Script:M365DSCCurrentPrincipalIsAdmin = $currentPrincipal.IsInRole([System.Security.Principal.WindowsBuiltInRole]::Administrator)
}

$certificateConfigured = $false
if (-not [System.String]::IsNullOrEmpty($LCMInfo.CertificateID))
if ($Script:M365DSCCurrentPrincipalIsAdmin)
{
$certificateConfigured = $true
}

$partialConfiguration = $false
if (-not [System.String]::IsNullOrEmpty($Script:LCMInfo.PartialConfigurations))
{
$partialConfiguration = $true
}
$Data.Add('LCMUsesPartialConfigurations', $partialConfiguration)
$Data.Add('LCMCertificateConfigured', $certificateConfigured)
$Data.Add('LCMConfigurationMode', $Script:LCMInfo.ConfigurationMode)
$Data.Add('LCMConfigurationModeFrequencyMins', $Script:LCMInfo.ConfigurationModeFrequencyMins)
$Data.Add('LCMRefreshMode', $Script:LCMInfo.RefreshMode)
$Data.Add('LCMState', $Script:LCMInfo.LCMState)
$Data.Add('LCMStateDetail', $Script:LCMInfo.LCMStateDetail)

if ([System.String]::IsNullOrEmpty($Type))
{
if ($Global:M365DSCExportInProgress)
{
$Type = 'Export'
}
elseif ($Script:LCMInfo.LCMStateDetail -eq 'LCM is performing a consistency check.' -or `
$Script:LCMInfo.LCMStateDetail -eq 'LCM exécute une vérification de cohérence.' -or `
$Script:LCMInfo.LCMStateDetail -eq 'LCM führt gerade eine Konsistenzüberprüfung durch.')
if ($null -eq $Script:LCMInfo)
{
$Type = 'MonitoringScheduled'
$Script:LCMInfo = Get-DscLocalConfigurationManager -ErrorAction Stop
}
elseif ($Script:LCMInfo.LCMStateDetail -eq 'LCM is testing node against the configuration.')

$certificateConfigured = $false
if (-not [System.String]::IsNullOrEmpty($LCMInfo.CertificateID))
{
$Type = 'MonitoringManual'
$certificateConfigured = $true
}
elseif ($Script:LCMInfo.LCMStateDetail -eq 'LCM is applying a new configuration.' -or `
$Script:LCMInfo.LCMStateDetail -eq 'LCM applique une nouvelle configuration.')

$partialConfiguration = $false
if (-not [System.String]::IsNullOrEmpty($Script:LCMInfo.PartialConfigurations))
{
$Type = 'ApplyingConfiguration'
$partialConfiguration = $true
}
else
$Data.Add('LCMUsesPartialConfigurations', $partialConfiguration)
$Data.Add('LCMCertificateConfigured', $certificateConfigured)
$Data.Add('LCMConfigurationMode', $Script:LCMInfo.ConfigurationMode)
$Data.Add('LCMConfigurationModeFrequencyMins', $Script:LCMInfo.ConfigurationModeFrequencyMins)
$Data.Add('LCMRefreshMode', $Script:LCMInfo.RefreshMode)
$Data.Add('LCMState', $Script:LCMInfo.LCMState)
$Data.Add('LCMStateDetail', $Script:LCMInfo.LCMStateDetail)

if ([System.String]::IsNullOrEmpty($Type))
{
$Type = 'Undetermined'
if ($Global:M365DSCExportInProgress)
{
$Type = 'Export'
}
elseif ($Script:LCMInfo.LCMStateDetail -eq 'LCM is performing a consistency check.' -or `
$Script:LCMInfo.LCMStateDetail -eq 'LCM exécute une vérification de cohérence.' -or `
$Script:LCMInfo.LCMStateDetail -eq 'LCM führt gerade eine Konsistenzüberprüfung durch.')
{
$Type = 'MonitoringScheduled'
}
elseif ($Script:LCMInfo.LCMStateDetail -eq 'LCM is testing node against the configuration.')
{
$Type = 'MonitoringManual'
}
elseif ($Script:LCMInfo.LCMStateDetail -eq 'LCM is applying a new configuration.' -or `
$Script:LCMInfo.LCMStateDetail -eq 'LCM applique une nouvelle configuration.')
{
$Type = 'ApplyingConfiguration'
}
else
{
$Type = 'Undetermined'
}
}
}
}
Expand Down

0 comments on commit 14cc3a5

Please sign in to comment.