Device - 51001 - Windows Endpoint Privilege Management is configured and assigned#1178
Device - 51001 - Windows Endpoint Privilege Management is configured and assigned#1178Manoj-Kesana wants to merge 6 commits into
Conversation
There was a problem hiding this comment.
Pull request overview
Adds a new device assessment (51001) to evaluate whether Windows Endpoint Privilege Management (EPM) is configured and assigned in Intune, along with accompanying remediation guidance content.
Changes:
- Introduces
Test-Assessment-51001PowerShell test to query EPM configuration policies and evaluate assignment coverage for required policy types. - Generates a markdown results table summarizing detected EPM policies and their assignment targets.
- Adds remediation/explanation markdown content for assessment 51001.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
| File | Description |
|---|---|
| src/powershell/tests/Test-Assessment.51001.ps1 | New assessment logic + report generation for Intune EPM policy presence/assignment. |
| src/powershell/tests/Test-Assessment.51001.md | New end-user remediation/background guidance for the assessment. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
…tassessment into Feature-51001
alexandair
left a comment
alexandair
left a comment
There was a problem hiding this comment.
@Manoj-Kesana Please, address my feedback.
|
|
||
| # Define variables to insert into the format string | ||
| $reportTitle = 'Windows Endpoint Privilege Management policies' | ||
| $epmPortalLink = 'https://intune.microsoft.com/#view/Microsoft_Intune_Workflows/SecurityManagementMenu/~/epm' |
There was a problem hiding this comment.
Portal Link Mismatch
- Code:
https://intune.microsoft.com/#view/Microsoft_Intune_Workflows/SecurityManagementMenu/~/epm - Spec:
https://intune.microsoft.com/#view/Microsoft_Intune_Workflows/SecurityManagementMenu/~/intuneepm
The fragment is ~/epm in code vs ~/intuneepm in the spec.
I think this should be corrected in the spec.
There was a problem hiding this comment.
Spec correction needed
There was a problem hiding this comment.
@KalwaniRavi - can you please help with the spec correction for the URL?
| MinimumLicense = ('Intune'), | ||
| Pillar = 'Devices', | ||
| RiskLevel = 'High', | ||
| SfiPillar = 'Protect engineering systems', |
There was a problem hiding this comment.
SFI Pillar: spec contains invalid value
The spec declares SFI Pillar: Protect devices, which is not in the canonical SFI Pillar value list. Valid values are: Protect engineering systems, Protect identities and secrets, Protect tenants and isolate production systems, Protect networks, Monitor and detect cyberthreats, Accelerate response and remediation.
The code chooses Protect engineering systems, which is valid but a guess. The spec needs to be corrected to a valid SFI Pillar value before the code can match it. Flag the spec for correction; the right value for a Devices/EPM test is likely Protect tenants and isolate production systems or Protect engineering systems.
There was a problem hiding this comment.
Spec correction needed
There was a problem hiding this comment.
@KalwaniRavi - can you please help here for updating the Spec
No description provided.