Skip to content

Add more samples for Identity Protection Module #1399

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Jul 21, 2022
Merged

Add more samples for Identity Protection Module #1399

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
f7af2dc
Update Get-MgRiskyUser.md
cuixi1222 Jul 15, 2022
3586844
Update Get-MgRiskyUserHistory.md
cuixi1222 Jul 16, 2022
6242eba
Update Get-MgRiskyUserHistory.md
cuixi1222 Jul 16, 2022
627a0b1
Update Confirm-MgRiskyUserCompromised.md
cuixi1222 Jul 17, 2022
3ed6709
Merge branch 'dev' into AADIP-Sample
cuixi1222 Jul 17, 2022
9720a6e
Merge branch 'dev' into AADIP-Sample
peombwa Jul 21, 2022
4b41213
Update src/Identity.SignIns/Identity.SignIns/examples/v1.0-beta/Confi…
peombwa Jul 21, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 5 additions & 13 deletions ...y.SignIns/Identity.SignIns/examples/v1.0-beta/Confirm-MgRiskyUserCompromised.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,10 @@
### Example 1: {{ Add title here }}
### Example 1: Confirm User sign in compormised
```powershell
PS C:\> {{ Add code here }}
Connect-MgGraph -Scopes "IdentityRiskyUser.ReadWrite.All"
Select-MgProfile beta
Confirm-MgRiskyUserCompromised -UserIds "254562e7-a745-496d-b98a-f6770b23152a","8f2ef8bf-53be-45f3-822d-366f51067458"

{{ Add output here }}
```
The command confirms the two users as compormised users.

{{ Add description here }}

### Example 2: {{ Add title here }}
```powershell
PS C:\> {{ Add code here }}

{{ Add output here }}
```

{{ Add description here }}

27 changes: 19 additions & 8 deletions src/Identity.SignIns/Identity.SignIns/examples/v1.0-beta/Get-MgRiskyUser.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,29 @@
### Example 1: {{ Add title here }}
### Example 1: List all risky users
```powershell
PS C:\> {{ Add code here }}
Connect-MgGraph -Scopes "IdentityRiskyUser.Read.All"
Select-MgProfile beta
Get-MgRiskyUser | Format-Table UserDisplayName, RiskDetail, RiskLevel, RiskLastUpdatedDateTime

{{ Add output here }}
UserDisplayName RiskDetail RiskLevel RiskLastUpdatedDateTime
--------------- ---------- --------- -----------------------
Alex Su adminConfirmedUserCompromised high 5/30/2022 12:54:16 AM
tracys adminConfirmedUserCompromised high 5/30/2022 12:44:25 AM
Jason Mayer userPerformedSecuredPasswordReset none 7/4/2022 4:36:44 AM
```

{{ Add description here }}
This command returns all risky users

### Example 2: {{ Add title here }}
### Example 2: List all risky users by RiskLevel
```powershell
PS C:\> {{ Add code here }}
Connect-MgGraph -Scopes "IdentityRiskyUser.Read.All"
Select-MgProfile beta
Get-MgRiskyUser -Filter "RiskLevel ne 'none'" | Format-Table UserDisplayName, RiskDetail, RiskLevel, RiskLastUpdatedDateTime

{{ Add output here }}
UserDisplayName RiskDetail RiskLevel RiskLastUpdatedDateTime
--------------- ---------- --------- -----------------------
Alex Su adminConfirmedUserCompromised high 5/30/2022 12:54:16 AM
tracys adminConfirmedUserCompromised high 5/30/2022 12:44:25 AM
```

{{ Add description here }}
This command retruns all risky users whose risk level is not none

33 changes: 24 additions & 9 deletions src/Identity.SignIns/Identity.SignIns/examples/v1.0-beta/Get-MgRiskyUserHistory.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,18 +1,33 @@
### Example 1: {{ Add title here }}
### Example 1: List history of a specific user
```powershell
PS C:\> {{ Add code here }}
Connect-MgGraph -Scopes "IdentityRiskyUser.Read.All"
Select-MgProfile beta
Get-MgRiskyUserHistory -RiskyUserId 375844b0-2026-4265-b9f1-ee1708491e05 | Format-Table RiskDetail, RiskLastUpdatedDateTime, RiskState, UserDisplayName

{{ Add output here }}
RiskDetail RiskLastUpdatedDateTime RiskState UserDisplayName
---------- ----------------------- --------- ---------------
userPerformedSecuredPasswordReset 5/4/2022 10:54:35 PM remediated Jason Mayer
adminConfirmedUserCompromised 5/27/2022 11:26:40 PM confirmedCompromised Jason Mayer
adminDismissedAllRiskForUser 5/27/2022 11:28:07 PM dismissed Jason Mayer
none 4/20/2022 3:33:58 PM atRisk Jason Mayer
none 4/21/2022 9:58:21 PM atRisk Jason Mayer
```

{{ Add description here }}
The command return all the user risk history

### Example 2: {{ Add title here }}
### Example 2: List history of a specific user with detailed risk detection
```powershell
PS C:\> {{ Add code here }}
Connect-MgGraph -Scopes "IdentityRiskyUser.Read.All"
Select-MgProfile beta
Get-MgRiskyUserHistory -RiskyUserId 375844b0-2026-4265-b9f1-ee1708491e05| Format-Table RiskDetail, RiskLastUpdatedDateTime, @{N="RiskDetection";E={($_). Activity.RiskEventTypes}}, RiskState, UserDisplayName

{{ Add output here }}
RiskDetail RiskLastUpdatedDateTime RiskDetection RiskState UserDisplayName
---------- ----------------------- ------------- --------- ---------------
userPerformedSecuredPasswordReset 5/4/2022 10:54:35 PM remediated Jason Mayer
adminConfirmedUserCompromised 5/27/2022 11:26:40 PM confirmedCompromised Jason Mayer
adminDismissedAllRiskForUser 5/27/2022 11:28:07 PM dismissed Jason Mayer
none 4/20/2022 3:33:58 PM anomalousToken atRisk Jason Mayer
none 4/21/2022 9:58:21 PM anonymizedIPAddress atRisk Jason Mayer
```

{{ Add description here }}

The command return all the user risk history and expand the property of Activity