Skip to content

Releases: KelvinTegelaar/CIPP

v5.8.0 - Expect the Unexpected

07 Jun 13:43
@KelvinTegelaar KelvinTegelaar
v5.8.0
608f3c2
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.8.0 - Expect the Unexpected Latest
Latest

Wow! You know how everyone always says to expect the unexpected? we managed our own expectations and decided to implement some things people didn't see coming! ;)

The reason this released stewed a little longer than usual is because we decided to implement a way for you to create custom roles and groups, following the Graph-style of permissions. So, make a unexpected drink and lets dive into this release.

We also have some fun announcement; are you a CIPP sponsor and need to learn how M365 works? How CIPP works? need a training session or just someone to shoot off some questions to? We now have weekly training sessions given each Wednesday. Join our discord at https://discord.gg/cyberdrain to get all the CIPP or M365 training you need to be succesful.

Permissions? Permissions! Permissions?!

Taking the time to do things right, we've created a new method of applying custom permissions to roles and users. You can now specify super in-depth permissions deciding exactly how your custom roles look.

Of course we didn't just stop there, we also allow you to select which tenants a user sees, and which tenants they are absolutely not allowed to see. You can find these settings in our SuperAdmin menu. Need more information? check out the updated docs

image

JIT Administration, without JIT Administration pricing.

There's a lot of cases where you need a admin account, but you don't always want to have those laying around. You want to make sure you create temporary accounts and remove them when unused. CIPP is helping you do just that. We now have functionality to allow you to create an administrator account with the exact roles you need.

You set the start date, select an existing account or a current one, and an enddate and CIPP takes care of removing the permissions, disabling the account, or even deleting it when you're done. Cool thing; this doesn't have a required license level. No need for P2 licensing on all your tenants.

image

Plain text password, we hate them.

We hate showing plain-text passwords in the app, but you somehow need to get passwords over to your users right? Well, we might hate plain-text passwords but we absolutely love the open source community. We've implemented an extension for PWPush, this means that CIPP can now generate a PWPush link to send to your clients, instead of having to send them the password directly.

Special thanks to the PowerShell module created by @adamburley, and credits to our friends over at PwPush; @pglombardo for creating such an awesome OSS project.

Automatic Report Scheduling

We have so many options to report stuff, especially using the Graph Explorer - you can now create your own custom Graph Explorer reports and schedule them. Head over to the Graph explorer, customize your report to how you want it, and hit the "Schedule" button. This allows you to receive any report out of Graph as an email, webhook, or PSA ticket.

Custom BPA Reports

In the old days, to create a custom BPA report you had to upload the file manually, we've made sure that's no more. You can use the BPA report builder to easily edit and upload reports inside of CIPP now. Creating your own little sanctuary of reporting heaven.

Quality of life changes, those little things we all love.

@kris6673 added about 5 or 6 new standards, depending on when we start counting. @OfficialEsco helped us fix some bugs in the ATP/Defender states.

We've also added the autopilot failure reason per device, we've added support for Slack as a webhook endpoint, we've improved the HaloPSA mapping experience, and we've also added Auto-backup to the CIPP engine, allowing you to create backups of CIPP on a schedule.

Other notable changes

  • We've Fixed issue with tenant onboarding
  • Removed unused API endpoints
  • We've fixed an issue with the SecureScore overview page
  • We've added ability to set language in AP profile
  • Fixed issue with some defender policies not showing up in portal
  • Fixed issue with disabling and enabling spamfilters
  • Updated email templates to show correct clause statement.
  • So so much more. If you really want all the details, check the logs below.

Sponsors

We extend our gratitude to our supporters at https://renroros.no, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com, https://rewst.io and our newest sponsor, https://traceless.io.

It also seems like we didn't make a formal announcement for one of our other sponsors yet; Augmentt. Augmentt specializes in being a SaaS security platform. They have some very cool Shadow-IT reporting and do wonders with SaaS Discovery so go check them out at https://augmentt.com!

What's Changed

Full Changelog: v5.7.0...v5.8.0

Contributors

pglombardo, OfficialEsco, and 5 other contributors
Assets 2

v5.7.0 - The Floradora

15 May 19:05
@KelvinTegelaar KelvinTegelaar
v5.7.0
1c76dec
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.7.0 - The Floradora

Holy moly batman! have you noticed it's almost summer already?! That means MSPGeekCon is right around the corner. That's right. The best MSP Conference of the year is here. Most of our team is at the conference next week so feel free to drop in on us to say Hi!

Let's get into the new release shall we? named after this summery drink the Floradora is going to quench your thirst for a new CIPP release. We do have some required actions for this release, so don't just install willynilly!

A whole new way to manage CIPPs alerts. (Manual action required!)

We've had the alerting engine for a while now, but the most asked question was "how do we create the correct alerts?" - to tackle this our team has created more alert templates for you, but not just that. We also took a good long look at how we handled some of these alerts and looked at your feature requests, so;

  • Scripted CIPP alerts can now be scheduled, instead of always running every 15 minutes. That means you can choose to only receive license alerts once every 7 days, while receiving MFA alerts every day, and reset admin passwords every 30 minutes. You can set this up now, but to help you, we even have recommended alert times.
  • Audit log alerts can now be selected based on their properties. We've created an entire schema for you to select from dropdowns, making it super easy to create custom audit log alerts.

So what's the downside of this? you'll have to do a re-setup of your alerts so that we know which schedule you'd like for each alert. Remember to select the correct locations you'd like to sent the alerts to!

Durawhat? Durables!

This release we've also done some backend magic. In the Application Settings -> Maintenance tab you'll find a new way to see exactly what is eating away at your processing time for your instance. We've included buttons to stop specific processes or just clear what's been running too long. This helps prevent cost escalation when you've made a mistake in managing your CIPP instance.

GDAP with GA? Not anymore.

Microsoft has worked hard to no longer have Global Administrator permissions in GDAP environments, and @rvdwegen has been so kind to help us create a new option in CIPP to reflect that; you now have the ability to remove GA from a relationship. This means that even relationships that had Global Administrator by mistake, can now be auto-renewed after removing it.

Get a Rooms Management & Standards while onboarding

@JohnDuprey worked on a new feature to allow standards to not apply to newly onboarded tenants, a feature requested by our internal devs!

@OfficialEsco has added the ability to manager rooms via CIPP - You can now view their settings and change them which is super handy for those pesky exchange rooms that require a bit of configuration.

Quality of life changes, those little things we all love.

@kris6673, @gigacodedev and @PremierOneData have added filters, new standards, and fixed QoL stuff all around both the frontend and backend of our app. There's too many things to mention but some cool ones are making the cards clickable, fixing JSON formatting problems, adding filters, and updating log texts which was much needed at some places!

Other notable changes

  • We've fixed an issue with added e-mail addresses not updating when its a list
  • We've fixed an issue autopilot default profiles and assigning them to all devices
  • We've fixed an issue with the SecureScore overview page
  • We've added the ability to only see unmapped companies via the mapping interface.
  • We've fixed a bug with applying Conditional Access policies when the GUID was not yet translated.
  • So so much more. If you really want all the details, check the logs below.

Sponsors

We extend our gratitude to our supporters at https://renroros.no, https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://hudu.com/, our friends at https://www.meetgradient.com, and of course https://rewst.io/.

And we also want to welcome a new sponsor, one that also just released a awesome new feature of their own. You'll find their logo in the footer of the application now, but Traceless.io has joined the fold.

Traceless specializes in Identity Verification, and secure communications for your clients. Need to send a password securely? Need to check if a user is who they say they are? Sending over a confidential message? Traceless does this all, and the great thing is they do it straight from your ticketing system. Check them out, and say hi to them. Welcome Traceless.io!

What's Changed

New Contributors

Full Changelog: v5.6.0...v5.7.0

Contributors

OfficialEsco, JohnDuprey, and 6 other contributors
Assets 2

v5.6.0 - Born To Be Wild

26 Apr 12:37
@KelvinTegelaar KelvinTegelaar
v5.6.0
93fa455
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.6.0 - Born To Be Wild

Oh my, this release we went a little wild, but I guess we were born that way. ;) Lets mix ourselves up the "Born to be Wild" cocktail and jump into this new release. By the way, this cocktail is also great as a mocktail, replace the tequila with some more sprite, and the Pisang Ambon with shaved ice banana syrup.

Our team saw the opportunity to build this release thinking of "how can we make everything just a little better for everyone", and it shows. I'll highlight my favourites but I'd recommend scrolling down to the list of changes because it's truly a lot of new features and tweaks. I'll try to focus on our Frontend work as that's what you'll see most of, but the backend has gotten a facelift too. We're now using a new engine for our Durable Functions which we've seen be a lot more performant for backend tasks.

Official support for Single Tenant mode, and Partner Tenant mode.

Previously unavailable as there was a lot of security to build around these two modes, but now officially and completely support; CIPP is introducing Single Tenant mode for when you want to run CIPP just for your own environment, or just for a single tenant. Imagine your co-managed client wanting CIPP for themselves, or managing a tenant out of scope of your M365 GDAP relationship. You're now able to setup CIPP to run for just that tenant.

But that's not all. With this change we've also introduced official support for adding your partner tenant to the CIPP environment. Of course this is something to be very careful of, and you don't want to over assign permissions, but you can now use CIPP to protect your own environment as much as your clients.

New dashboard, who dis?

Not much to say about this right? pretty charts and figures have been added to the dashboard, making it more functional than it was before:

image

Secure Score? You've got it.

We've implemented a secure score overview page, now some of you were wondering why it took a while or why we recommended to use the Graph Explorer instead while this was in development - A lot of products already give you a read-only secure score overview. We wanted to do more, and we did. CIPP now allows you to manage the Secure Score for your clients, but we've also added the capability to immediately remediate issues if CIPP has a standard for them, or instructions what to do if

Now the biggest problem most people have with Secure Score rating is that they solve some issues differently; using an external spamfilter, a different EDR, another IDP, etc. Don't worry boo, we've got you. We've added a button that allows you to change the Secure Score Remediation status and mark it as "Solved by a third party" - giving you the points to show your client how they're doing.

Of course now that we've done this, you can expect our competitors to suddenly have this feature too ;)

image

Queue tracking, or "What is CIPP doing in the background"?

We've decided to give you some more insight on what CIPP is working on, we already had our statistics page, but that's not live and didn't allow you to zoom in on exactly what's being processed. Sometimes you also just want to see your automation run, for fun.

Clicking on the queue button in the top bar now allows you exactly that insight.

Recording.2024-04-26.122748.mp4

New mapping Experience & Scheduler changes

The scheduler now has the ability to copy tasks, that means if you setup a complex task for one user and need to do it again, you don't have to fill in all the details once more. It just does it for you :)

Our extensions got a boost too, the mapping experience used to be pretty long lists of tenants to map correctly, instead we've opted for an easier way to manage these mappings and now allow you to Automap based on names for HaloPSA too;

image

Quality of life changes, those little things we all love.

We've also tackled a lot of quality of life changes; we've added a refresh button next to our tenant selector. This allows you to refresh that selector without needing an entire refresh of the page; super handy when you've just onboarded a new tenant. We've also redone the entire settings menu to be more organized and look quite a bit better.

Another little-big thing is the "Recent Items" menu option in our navigation. you can now easily find what page you visited last without needing to add it to your favourites.

The Template Management for Standards now has a table view - Allowing you to delete and load Standard Templates easier.

The notification menu now has the ability to generate a test-alert,

I'm still reading because I want to hear about those backend changes

Well, as I said we've moved to a new durable functions engine, which gives the durables higher performance and decreases the cost because they start using extremely cheap Azure Table Storage, but that's not all.

We've implemented bulk requests to the Exchange APIs, this means that if we need to perform multiple requests at the same time we can send Exchange packages of 10 users, instead of one at a time. That's brilliant for standards, winning minutes on long running queries.

Other notable changes

  • We've fixed an issue with Guest Users and unblocking their signin giving the incorrect feedback
  • We've fixed an issue with the logging for notifications to give more details
  • We've fixed an issue with the Tenant Selector getting cleared at random moments.
  • We've added the ability to see all partner relationships in a partner overview
  • We've fixed in issue with the Best Practice Analyser not showing the correct list when an item was a single object.
  • We've fixed an issue with stacked filters not working.
  • We've fixed an issue with lighthouse dependencies where we could use the default Graph API.
  • So so much more. If you really want all the details, check the logs below.

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, https://datto.com/, our friends at https://www.meetgradient.com, and of course https://rewst.io/.

We're also proud to announce some news; starting with our new release and readme sponsor: Ren Roros from Norway! @OfficialEsco, one of our latest contributors who's been adding cool features to CIPP also decided to join the fray for a readme sponsorship, following the example of RYC Business IT.

But that's not all! I already sneak-previewed this just a little bit but in the next release we're adding a new sponsor that is developing an extension for CIPP, a new-old sponsor to be more accurate. One of the best documentation systems I've personally ever seen has upgraded their sponsorship and we're proud to be working with them! Check them out at Hudu.com

What's Changed

New Contributors

Full Changelog: v5.5.0...v5.6.0

Contributors

MWGMorningwood, OfficialEsco, and 4 other contributors
Assets 2

v5.5.0 - Angelo Azzurro

12 Apr 13:52
@KelvinTegelaar KelvinTegelaar
v5.5.0
41dfc69
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.5.0 - Angelo Azzurro

Isn't it funny how all announcements always start with extreme hyperbole and then just fizzle out? I hate it when that happens. It's time for a better style of announcement, something a little more muted, but that pleasantly surprises you.

That's what todays release should do for you - It should be a pleasant surprise filled with the things you asked for, or didn't know you asked for but needed anyway. Todays release is named after the Italian (Angelo Azzurro)[https://www.sipandfeast.com/angelo-azzurro] which loosely translated means 'The Azure Angel' or just the blue angel if you're being finicky.

So, what is this Azure Angel delivering to you today? Well. There's a huge amount of bug fixes, there's some very very cool near features and of course we've listened to our clients and made sure we've built some pretty cool feature requests too. Let's dive into them.

Conditional Access: Improvements to deployment

We've added features to our Conditional Access Deployment wizard. This now allows you to easily replace groups and users with the ones in your template. If you are using the same group names and same excluded or included users, you can easily transfer those over.

That's not all we've improved. The overviews for complex objects has been tackled too. No more looking at JSON(Unless you like that sort of thing). Instead, you have a pretty object browser that even allows you to expand deeper. This isn't just for Conditional Access either. We are now using this overview in more places.

CA-Updates.mp4

Conditional Access: What-If support

Microsoft was kind enough to share some documentation with us about the new What-If endpoint in Graph, this endpoint isn't even in the Graph API docs yet! The cool thing about the what-if tool is that you can set up your entire Conditional Access environment in reporting mode, and then test the policies using a wild array of simulated scenarios.

CA-Tester.mp4

Standards: You want templates? you get them!

Our standards overview has a new nice little button - Save as Template, or the option to Load that template. This is just the start - we'll be including a lot of standard template files for you to use, but feel free to start creating and deploying your own!

standardsTemplates

Favourites, favourites everywhere

So our menu is quite long - I mean, CIPP has thousands of features and not everyone uses them all the time right? Well. We've changed a couple of things about our navigation. You can now add favourites. Adding them is as easy as going to the User Settings menu, and adding the pages you use most.

Of course we also made sure people no longer see menu items they don't need - The menu is now build dynamically based on your role.

favourites

Automatic Tenant Onboarding, and Partner Webhooks

We didn't just play around with stuff that's always visible - but also the back of the mind stuff got a good polish and upgrade. You can now go into the Application Settings and enable Partner Webhooks. Partner Webhooks allow us to do fully automated tenant onboarding - You setup the webhook, and as soon as a new relationship is detected that tenant will be onboarded inside of CIPP.

That's not all you can do with this though; you can now also generate alerts based on the received partner webhooks. Something changes in your partner center? you're the first to know.

Other notable changes

  • We've fixed an issue with Edit User/Add user requiring custom fields
  • We've fixed PDF exports and increased their sizing.
  • We've fixed a bug where loading the extension page gave an error if your tenant cache was empty.
  • We've fixed the Azure Lighthouse Search on the Dashboard
  • We've improved the overview for MEM policies when deploying them
  • We've added all supported policies to be templatable
  • So so much more!

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/.

We've added Augmentt as our logo sponsor at https://augmentt.com.

We're adding new logo sponsors AND extension sponsors in the coming weeks, so keep an eye out for those! Our latest extension sponsor has been requested quite a bit and we're happy to create a custom CIPP extension for them!

What's Changed

Full Changelog: v5.4.0...v5.5.0

Contributors

OfficialEsco, JohnDuprey, and 2 other contributors
Assets 2

v5.4.0 - Cherry Springer

29 Mar 13:05
@KelvinTegelaar KelvinTegelaar
v5.4.0
1c3eb56
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.4.0 - Cherry Springer

Spring is in the air!

I love the springtime, which is why we chose a nice spring cocktail for this release. If you want to make the Cherry Springer yourself, check out https://www.diffordsguide.com/cocktails/recipe/4622/cherry-springer

This release we had a couple of objectives. Objective number 1 was that we wanted to give you even more speed than last release, and that worked. We modified the way we connect to Exchange and it makes everything so much faster. Loading times of everything related to exchange should be quite a bit lower.

But that's not all, backend changes are good fun but we're here for the meat, so let's dive into the new features we've made in the past two weeks.

Bulk User Add & Offboarding

We've added a tool to ease the creation of a bulk of users, including any field you want to add. you can upload a CSV, add users to the list by using the fields and create them all in one go. Super easy for migration situations and just generally when you onboard many new employees. We've also listened to our feature requests and added the ability to multi-select during the offboarding wizard.
image

Compliance Policies, App Protection Policies, and more

We've updated our templating engine to support Compliance Policies, App Protection Policies, and so much more. You'll find the new overviews under the same place as your other Intune Policies - Because our policy engine allows you to create templates, you can also deploy any of these policies using the Apply Policy screen, or the Standards.

image

Standards

We have a new contributor in our mids, @OfficialEsco has added quite a list of Defender and anti-phishing/Anti-spam standards. These standards allow you to set the best practice recommended defaults for your spamfiltering. It's a great contribution to the CIPP standards! Check them out now to see the power of these standards.

We've also added a standard to manage Cross-Tenant Access Settings, thanks for that @kris6673.

Mail Testing

Ever had delivery issues and weren't sure where they came from? Had problems finding out if your SPF is correct? we now have a built in mail testing solution, check it out under the Exchange Tools.

Other notable changes

  • We've fixed an issue with Edit User/Add user requiring custom fields
  • We've made sure Export Visible columns and all columns now translate license files correctly.
  • We've resolved an issue with Microsoft confusing the mailnickName for the UPN(Thanks Raf!)
  • We've added an alert for above when we see things aren't as they should be regarding UPNs and PrimarySMTPAddress
  • We've added the ability to create Dynamic Distribution Groups
  • We've improved the backend handling of Webhooks
  • We've fixed a bug with the frontend requiring multiple clicks on checkboxes.
  • We've added a warning to the edit user screen when Alternate Login ID should be used.
  • We removed the Lighthouse requirement for access checks
  • Fixed an interface bug with blank arrays.
  • So so much more!

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/.

We're also announcing some new sponsors today. Helpt at https://gethelpt.com, Augmentt at https://augmentt.com, be on the lookout for their logo in the application soon, and more big announcements around sponsors coming in the next weeks.

What's Changed

New Contributors

Full Changelog: v5.3.0...v5.4.0

Contributors

OfficialEsco, JohnDuprey, and 2 other contributors
Assets 2

v5.3.0 - The Verbena

15 Mar 13:26
@KelvinTegelaar KelvinTegelaar
v5.3.0
5b71920
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.3.0 - The Verbena

Hey everyone,

This release might just change your perception of time as it is a doozy. our entire team met up in Vegas recently for Right of Boom and had a blast doing brainstorming sessions on making CIPP better for you. Don't worry, we didn't do anything silly like getting a stand and spending money on ROI that'll never come, but we did make sure you all got hydrated at our CIPP open bars spread through the conference.

In this release we've focused on getting you new features, QoL, but especially backend stuff. This release has a cost reduction built into it, depending on your instance this could be a 30% reduction, but we've seen up to 200% cost reduction too! We've moved our most expensive queries to a new method by using Durable Functions and this should really press the cost down.

Let's zoom in on the new features, and changes we've made to check out the cool stuff

Speed and Powerrrrr

As we said, lots of backend changes but you'll notice your frontend also feels faster. This is because we've made improvements to the way we process larger tasks in the background too. These changes also meant we could implement a method to view pending webhooks, easying the creation of your custom rules for our Alerts Engine.

License overview improvements

The license overview has had a bit of an overhaul, now calculating NCE terms more accurately, but also showing more information while hiding subscription information by default. We've made sure the exports still contain the same info if you're forwarding these to a administration department.

Default fields

Under the user settings screen you can now find default fields for all users, easily adding them as a requirement to be filled out whenever creating a user. This is useful for non-default fields like State, officeLocation, or custom extension properties.

Frontend tweaks

you might notice some new logos, some frontend changes, and a new feature when you change a tables layout; the table layout is now saved by default. You can reset the table layout separately for each table, so it simply stores the columns you've selected last. We've also reintroduced a feature that's been missing for a while. Can you spot it? ;)

Other notable changes

  • We've added the ability to use tokens in Graph Explorer
  • We've solved a bug that add user failed to create a user and didn't stop the rest of the tasks.
  • We've fixed an issue with sharepoint quota calculations and alerts.
  • We now detect is anonymized data is enabled, and report on it directly in the table so users can enable the standard to disable this(that's a weird sentence!)
  • We've added a new method of processing webhooks, cutting the processing time down by a lot.
  • You can now view expired subscriptions under the license tab.
  • We've added a warning to the edit user screen when Alternate Login ID should be used.
  • So so much more!

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/. and the MSP Net Friends(netfriends.com)

What's Changed

Full Changelog: v5.2.0...v5.3.0

Contributors

JohnDuprey, k-grube, and 3 other contributors
Assets 2

v5.2.0 - The Apothecary

23 Feb 14:21
@KelvinTegelaar KelvinTegelaar
v5.2.0
30a5344
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.2.0 - The Apothecary

Hey everyone,

Are you ready for the latest release of CIPP?! We've been building and building. Making your wishes come true as this was a release that focused on your needs and wishes. Feature request after feature request getting tackled.

This release is named the Apothecary because some of our dev team has been a little under the weather; get the cocktail recipe here: https://www.cocktailbuilder.com/recipe/apothecary

I'd also like to repeat a little part of our previous release notes;

We've created some new videos in our documentation at https://docs.cipp.app. These videos are supposed to help you get ahead of the curve on how to use CIPP, what some of the core features are and how we're envisioning them to be used. If you want to know what's coming remember to check out our public roadmap, and join our Discord Sip & CIPP sessions where thousands of your peers give input and help each other. Haven't joined our Discord yet? check out https://discord.gg/cyberdrain.

On Discord we also have added a secondary method of getting support - If you're a sponsor you can get some quick chat support with our staff after verifying yourself.

Now, let's get busy with our new release.

All Devices overview

Before you could only manage Intune Devices using CIPP, which missed some unmanaged devices or BYOD devices, now under Identity Management -> Devices we've added the ability to manage devices that aren't completely managed, allowing you to apply some more maintenance to those devices, such as deleting stale devices or disabling them when they should not be used.

User Bulk Actions improvements

The bulk actions for users have gotten a little face list, one of the feature requests that was open was "how can we manage user groups in bulk?" we've now added the ability to add and remove user groups easily using the bulk actions. do you want more bulk actions? let us know and we'll see what magic we can do.

Setting of new user fields

We've allowed the use of custom fields for users sometime, but we also added the ability to add a manager for a user easily from the edit user and add user screen.

Other notable changes

  • We've fixed an issue with Display names and descriptions not working for some Intune Templates created by hand
  • We've solved a bug that edituser failed to report failures when using it via the API
  • We've fixed the removal of templates that have been copy and pasted and then manually added and could no longer be deleted.
  • We've improved the mailbox statistics report for all tenants, making it load faster and prettier.
  • We've added better deduplication detection for alerts, allowing alerts to run faster and better than before.
  • We've resolved some issues with the Standards not reporting correctly(Thanks @kris6673!)
  • We've added new standards, under which one to set the Exchange Transport Message Expiration
  • We've added a new statistics overview to allow you to view what process is taking most time in your CIPP instance.
  • We've solved two issues with the NinjaOne Integration - Overwriting entities and errors with converting specific information.
  • So so much more!

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/. and the MSP Net Friends(netfriends.com)

What's Changed

Full Changelog: v5.1.0...v5.2.0

Contributors

JohnDuprey, kris6673, and KelvinTegelaar
Assets 2

v5.1.0 - The Infinity

05 Feb 13:56
@KelvinTegelaar KelvinTegelaar
v5.1.0
3a47892
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.1.0 - The Infinity

Hey everyone,

We're already at our third release this year, it feels like we're flying through them, so why not choose a cocktail that allows us to celeberate this; The Avengers Infinity Stone cocktail. This release we've focused on QoL enhancement and some pretty fun new features, but before we get into that let's talk about documentation.

We've created some new videos in our documentation at https://docs.cipp.app. These videos are supposed to help you get ahead of the curve on how to use CIPP, what some of the core features are and how we're envisioning them to be used. If you want to know what's coming remember to check out our public roadmap, and join our Discord Sip & CIPP sessions where thousands of your peers give input and help each other. Haven't joined our Discord yet? check out https://discord.gg/cyberdrain.

On Discord we also have added a secondary method of getting support - If you're a sponsor you can get some quick chat support with our staff after verifying yourself.

Now, let's get busy with our new release.

IP Whitelisting Improvements

Under the Tools menu at Tenant Administration you'll find a new list of all the whitelisted IPs you have. We also added the ability to easily remove/add them from the whitelist as a QoL improvement. We also whitelisted some events that might happen when using the tenant jumper so you won't get a lot of generated alerts from that any longer.

SharePoint and OneDrive settings

We've added the ability to set OneDrive and SharePoint permissions directly from CIPP, adding a user to someone else's onedrive, adding a site member or site admin is all a piece of cake with these new flyouts.

Adding users to groups directly from Edit User/Add User.

Instead of jumping around and adding a user to a group after creating it, you can now instantly do so at the moment of creation, just select the users, select the groups, and off you go. We didn't just stop there; we also made sure that at the Edit User Window you can now edit any attribute you'd like.

Other notable changes

  • We've added a copy button to each callout, allowing you to copy passwords, messages, etc easily.
  • We've solved a bug with exchange properties not always coming through when editing a group
  • We've fixed some of the flyout bugs on the access check, and prettified that.
  • We've added more obvious links to the documentation, especially for the SAM wizard.
  • We've added Custom Authentication Policies to CA policies.
  • We've added new standards for mailbox logging, mailtips, lockbox, default calendar permissions and more.
  • So so much more!

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/. and the MSP Net Friends(netfriends.com)

What's Changed

New Contributors

Full Changelog: v5.0.0...v5.1.0

Contributors

JohnDuprey, rvdwegen, and 3 other contributors
Assets 2

v5.0.0 - The Castaway

19 Jan 15:26
@KelvinTegelaar KelvinTegelaar
v5.0.0
ebe99ca
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.
Compare
Choose a tag to compare
v5.0.0 - The Castaway

Hey everyone,

For our second release this year, we have one that is action packed and ready to rumble. This was a feature-request and expansion extravaganza, Let's dive into the good stuff so you can see what we improved.

Automated Phishing Protection System

@HuskyHacks at @Huntress and I were discussing his Clarion repo on slack a couple of days ago, to see if we could make it even cooler. This is based on Zolder's research so go check out the Clarion link and the details if you like the nerdy side of the shop

This new standard when applied, modifies the existing branding or creates a custom branding for the client. When the login page is not hosted on login.microsoftonline.com where it should be, the branding immediately changes to an image that tells the user not the login. It's a pretty jarring image so users will notice. Wanna see an example? check the clip down here.

Example.mp4

CA Vacation Mode

It happens so many times, a user goes on a business trip or forgets to notify you they are going on holidays. you have a geo-block applied so as soon as they land you get a call "Please unblock me".

CA vacation mode policies allow you to add/remove a user based on a schedule. This makes those pesky vacation calls a piece of cake and you are not at risk of forgetting to remove an exclusion.

image

Whitelisting

When a device or user generates an alert, sometimes you want to whitelist the location - You know who they are, where they are coming from and you don't need another alert. No worries boo, we've got you covered. Using the Geo-IP lookup you now have the option to add IPs to Tenant Whitelists or public whitelists. To make life even easier we got you covered with the alerts too. The emails and alerts also contain the whitelist button

Add groups/Remove groups via flyout

You wanted some more bulk actions, and we gave them. You can now bulk add/remove users from groups by using the flyout.

Other notable changes

  • We've added the tenant domain name to the subject of all emails
  • We've added a CE+ Report in the BPA, helping you find the data needed for your certification
  • We've solved an issue with mailbox overview not opening if opened in a specific way
  • We've rewritten a bunch of the CSS and cleaned up some of the code.
  • We've added an autopilot sync button, and a method to assign users to devices
  • We've added Custom Authentication Policies to CA policies.
  • We've added new standards for mailbox logging, mailtips, lockbox, default calender permissions and more.
  • So so much more. This release is too packed for just some notes!

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/. and the MSP Net Friends(netfriends.com)

What's Changed

Full Changelog: v4.9.0...v5.0.0

Contributors

Huntress, JohnDuprey, and 4 other contributors
Assets 2

v4.9.0 - A glass of champagne

02 Jan 18:31
@KelvinTegelaar KelvinTegelaar
v4.9.0
025dd34
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v4.9.0 - A glass of champagne

Happy new year! This is the first release of the new year and so I figured "a glass of champagne" is cocktail enough right now.

This release has a lot of cool announcements, but also a little bit of a branding touch. CyberDrain and CIPP never had separate logos. Our designer (The great Joe Martz, check him out at https://www.joemartz.com/) created a new logo for CIPP. That also come with some redesign of our dark mode and some interface facelifting, so everything looks better than ever.
CIPP-logo-main-border_00

Now that's not all the exciting news. Thanks to the Microsoft Graph team we also now have a very very cool announcement to make with this release; are you currently using a hosted version of CIPP? Then you can get access to features in the Graph API not available to anyone else yet. These are bleeding edge APIs. The Graph team is gracious enough to allow CIPP users access to these APIs. Want to be enabled for this? Contact our helpdesk.

Now lets jump into the new features shall we?

Alerts Alerts Alerts

Our Alerts engine has been revised, but not just a interface touch up here and a small change there. you now have the ability to create any alert you want. You can use our preset alerts to get alerted whenever something happens, such as logons from countries you don't want, or mailboxes rules created where you don't want them. Cool thing about this alert engine? it's available on all subscriptions.

Now that's not all we've changed. Because our new engine allows you to select a specific action, generating a ticket is an action, a webhook, but also disabling the user involved in the log entry, or immediately running a BEC remediate based on your input. Zero click remediations, based on your own set of rules.

For example, if I want to block a user, disable their rules, reset their password when a new inbox rule is created, and the path contains RSS? All I do is create this:
image

And that'll take care of everything for me. The email, webhook, or PSA ticket will even include a log of actions taken.

Onboarding wizard-y

Onboarding tenants can be a challenge sometimes, especially when you haven't really taken care of your GDAP environments yet. We've made sure to ease this for you; Tenant onboarding now automatically adds missing groups, missing users, and it finishes everything for you. Use the onboarding wizard whenever you're adding a tenant to have a really good time. It removes all of the manual GDAP labour for you except accepting the invite.

image

Graph Explorer exploded

We've lit some fireworks under our Graph Explorer and that allows us to do so much cool stuff - The Graph Explorer now has more options and the ability to save any custom report you want. Found the perfect query to perform? no more typing it or copy and pasting links. Just save it as your personal preset:

image

IP Database

We've majorly revamped our IP database, We now report if an IP is a proxy or VPN IP, we can now report the exact location, we can report if it's a hosting provider or not, and all of that in a much faster manner than ever before. Had issues with our previous IPDB? check out the new one.

Other notable changes

  • We've fixed a bug with the GDAP check not always returning the correct groups
  • We've created more readable errors for CPV checks and refreshes so you know what to do next
  • We've resolved an interface bug with the menu automatically folding in on high DPI screens
  • We've rewritten a bunch of the CSS, cleaning up places and making everything look a little nicer
  • We've tackled a bug with Autopilot profiles duplicating
  • We've added the ability to select your authentication methods via new standards
  • Drastically increased the speed of standards and alerts such as CalDefaults and MFA alerts
  • and many many more...

Sponsors

We extend our gratitude to our supporters at https://immy.bot/, https://oit.co/, https://ninjaone.com/, Huntress at https://huntress.com/, https://halopsa.com/, https://www.deskdirector.com/, Hudu at https://www.hudu.com/, Datto at https://datto.com/ https://www.meetgradient.com, https://rewst.io/. and the MSP Net Friends(netfriends.com)

What's Changed

Full Changelog: v4.8.0...v4.9.0

Contributors

JohnDuprey, rvdwegen, and 2 other contributors
Assets 2