From b798470c018e8badf27a41aa37afda6bb550d00d Mon Sep 17 00:00:00 2001 From: Colin Cogle Date: Thu, 18 Jan 2024 09:36:00 -0500 Subject: [PATCH] Rename AzureAD cmdlets to EntraID cmdlets. In line with Microsoft's renaming of Azure Active Directory to Entra ID, I've renamed all of my cmdlets, too. The old AzureAD names now exist as aliases. All documentation and help has been updated, too. This one is worthy of a major version bump, as cmdlet output has also changed to match the naming scheme. --- CHANGELOG.md | 9 +- Office365DnsChecker.psd1 | 20 ++- en-US/Office365DnsChecker-help.xml | 153 ++++++++++++------ en-US/about_Office365DnsChecker.Help.txt | 37 +++-- ... Test-EntraIDClientConfigurationRecord.md} | 16 +- ...Test-EntraIDEnterpriseEnrollmentRecord.md} | 17 +- ...st-EntraIDEnterpriseRegistrationRecord.md} | 18 +-- ...ureADRecords.md => Test-EntraIDRecords.md} | 26 +-- man/en-US/Test-Office365DNSRecords.md | 25 +-- src/Office365DnsChecker.psm1 | 38 +++-- 10 files changed, 210 insertions(+), 149 deletions(-) rename man/en-US/{Test-AzureADClientConfigurationRecord.md => Test-EntraIDClientConfigurationRecord.md} (79%) rename man/en-US/{Test-AzureADEnterpriseEnrollmentRecord.md => Test-EntraIDEnterpriseEnrollmentRecord.md} (68%) rename man/en-US/{Test-AzureADEnterpriseRegistrationRecord.md => Test-EntraIDEnterpriseRegistrationRecord.md} (65%) rename man/en-US/{Test-AzureADRecords.md => Test-EntraIDRecords.md} (64%) diff --git a/CHANGELOG.md b/CHANGELOG.md index ae4b090..4081c4d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,12 +1,11 @@ # Office365DnsChecker Change Log -## Recent changes -- NEW: Cmdlets now return true or false, depending on the results. Thanks to @o-l-a-v for suggesting this in issue #1. - -## Version 1.2.0 (January 18, 2024) +## Version 2.0.0 (January 18, 2024) +- NEW: Rename all instances of Azure AD to Entra ID, including cmdlet names. Aliases have been added for the old names." - NEW: Add support for Microsoft's [new MX records that support DANE and DNSSEC](https://techcommunity.microsoft.com/t5/exchange-team-blog/implementing-inbound-smtp-dane-with-dnssec-for-exchange-online/ba-p/3939694). Note that this does not go live until March 2024 (as a preview), so there may be bugs that we don't yet know about. - NEW: `Test-ExchangeOnlineMxRecords`, `Test-ExchangeOnlineRecords`, and `Test-Office365DnsRecords` now support a new `-DANERequired` parameter that prints a warning if the DANE-enabled MX endpoint is *not* in use. -- NEW: Cmdlets now return `$true` or `$false` in addition to human-readable output. +- NEW: Cmdlets now return true or false, depending on the results. Thanks to @o-l-a-v for suggesting this in issue #1. +- FIXED: Some Entra cmdlets were failing to load online help. - Update copyright year. ## Version 1.1.0 (June 1, 2023) diff --git a/Office365DnsChecker.psd1 b/Office365DnsChecker.psd1 index d44c94b..cbfb748 100755 --- a/Office365DnsChecker.psd1 +++ b/Office365DnsChecker.psd1 @@ -12,7 +12,7 @@ RootModule = 'src/Office365DnsChecker.psm1' # Version number of this module. -ModuleVersion = '1.2.0' +ModuleVersion = '2.0.0' # Supported PSEditions CompatiblePSEditions = @('Core', 'Desktop') @@ -71,12 +71,12 @@ PowerShellVersion = '5.1' # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. FunctionsToExport = @( 'Test-Office365DNSRecords', - 'Test-AzureADRecords', + 'Test-EntraIDRecords', 'Test-ExchangeOnlineRecords', 'Test-TeamsRecords', - 'Test-AzureADClientConfigurationRecord', - 'Test-AzureADEnterpriseEnrollmentRecord', - 'Test-AzureADEnterpriseRegistrationRecord', + 'Test-EntraIDClientConfigurationRecord', + 'Test-EntraIDEnterpriseEnrollmentRecord', + 'Test-EntraIDEnterpriseRegistrationRecord', 'Test-ExchangeOnlineAutodiscoverRecord', 'Test-ExchangeOnlineDkimRecords', 'Test-ExchangeOnlineMxRecord', @@ -96,6 +96,10 @@ VariablesToExport = '' # Aliases to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no aliases to export. AliasesToExport = @( + 'Test-AzureADRecords', + 'Test-AzureADClientConfigurationRecord', + 'Test-AzureADEnterpriseEnrollmentRecord', + 'Test-AzureADEnterpriseRegistrationRecord', 'Test-LyncRecords', 'Test-SkypeForBusinessRecords', 'Test-SkypeForBusinessOnlineRecords', @@ -144,7 +148,7 @@ PrivateData = @{ PSData = @{ # Tags applied to this module. These help with module discovery in online galleries. - Tags = @('Microsoft365', 'Office365', '365', 'ExchangeOnline', 'SkypeForBusinessOnline', 'MicrosoftTeams', 'DNS', 'AzureAD', 'AAD', 'SPF', 'DKIM', 'ExO', 'Exchange', 'Teams', 'ExchangeHybrid', '21Vianet', 'DNSSEC', 'DANE', 'MX') + Tags = @('Microsoft365', 'Office365', '365', 'ExchangeOnline', 'SkypeForBusinessOnline', 'MicrosoftTeams', 'DNS', 'AzureAD', 'EntraID', 'AAD', 'EID', 'Entra', 'SPF', 'DKIM', 'ExO', 'Exchange', 'Teams', 'ExchangeHybrid', '21Vianet', 'DNSSEC', 'DANE', 'MX') # A URL to the license for this module. LicenseUri = 'https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/LICENSE' @@ -158,7 +162,9 @@ PrivateData = @{ # ReleaseNotes of this module ReleaseNotes = "- NEW: Add support for Microsoft's new MX records that support DANE and DNSSEC. Note that this does not go live until March 2024 (as a preview), so there may be bugs that we don't yet know about. - NEW: `Test-ExchangeOnlineMxRecords`, `Test-ExchangeOnlineRecords`, and `Test-Office365DnsRecords` now support a new `-DANERequired` parameter that prints a warning if the DANE-enabled MX endpoint is *not* in use. -- NEW: Cmdlets now return `$true` or `$false` in addition to human-readable output." +- NEW: Cmdlets now return true or false, depending on the results. Thanks to @o-l-a-v for suggesting this in issue #1. +- NEW: Rename all instances of Azure AD to Entra ID, including cmdlet names. Aliases have been added for the old names. +- FIXED: Some Entra cmdlets were failing to load online help." # Prerelease string of this module #Prerelease = 'alpha' diff --git a/en-US/Office365DnsChecker-help.xml b/en-US/Office365DnsChecker-help.xml index 94ad5e8..b80544c 100644 --- a/en-US/Office365DnsChecker-help.xml +++ b/en-US/Office365DnsChecker-help.xml @@ -2,11 +2,11 @@ - Test-AzureADClientConfigurationRecord + Test-EntraIDClientConfigurationRecord Test - AzureADClientConfigurationRecord + EntraIDClientConfigurationRecord - Verifies that a domain's Azure AD client configuration DNS record is correct. + Verifies that a domain's Entra ID client configuration DNS record is correct. @@ -15,7 +15,7 @@ - Test-AzureADClientConfigurationRecord + Test-EntraIDClientConfigurationRecord DomainName @@ -90,19 +90,20 @@ Starting in early 2023, Microsoft's recommendations changed. Now, the msoid record should not be defined for any tenants not operated by 21Vianet. For more information, see: https://learn.microsoft.com/en-gb/microsoft-365/admin/services-in-china/purpose-of-cname?view=o365-21vianet + Microsoft Entra ID used to be called Microsoft Azure Active Directory, and previous versions of this cmdlet reflected that. -------------------------- Example 1 -------------------------- - PS C:\> Test-AzureADClientConfigurationRecord contoso.com + PS C:\> Test-EntraIDClientConfigurationRecord contoso.com Verifies that the DNS CNAME record msoid.contoso.com is correct or missing. -------------------------- Example 2 -------------------------- - PS C:\> "contoso.com","fabrikam.com","tailspintoys.com" | Test-AzureADClientConfigurationRecord + PS C:\> "contoso.com","fabrikam.com","tailspintoys.com" | Test-EntraIDClientConfigurationRecord Verifies that the DNS CNAME records msoid.contoso.com, msoid.fabrikam.com, and msoid.tailspintoys.com are correct. @@ -111,10 +112,10 @@ Online Version: - https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-AzureADClientConfigurationRecord.md + https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-EntraIDClientConfigurationRecord.md - Test-AzureADJoinRecords + Test-EntraIDJoinRecords @@ -129,19 +130,19 @@ - Test-AzureADEnterpriseEnrollmentRecord + Test-EntraIDEnterpriseEnrollmentRecord Test - AzureADEnterpriseEnrollmentRecord + EntraIDEnterpriseEnrollmentRecord - Verifies that a domain's Azure AD enterprise enrollment DNS record is correct. + Verifies that a domain's Entra ID enterprise enrollment DNS record is correct. - This cmdlet checks one or more domains for the presence and correctness of the Azure Active Directory enterprise enrollment DNS record, named enterpriseenrollment. It should be a CNAME pointing to enterpriseenrollment.manage.microsoft.com. + This cmdlet checks one or more domains for the presence and correctness of the Entra ID enterprise enrollment DNS record, named enterpriseenrollment. It should be a CNAME pointing to enterpriseenrollment.manage.microsoft.com. - Test-AzureADEnterpriseEnrollmentRecord + Test-EntraIDEnterpriseEnrollmentRecord DomainName @@ -192,20 +193,20 @@ - + Microsoft Entra ID used to be called Microsoft Azure Active Directory, and previous versions of this cmdlet reflected that. -------------------------- EXAMPLE 1 -------------------------- - C:\PS> Test-AzureADEnterpriseEnrollmentRecord contoso.com + C:\PS> Test-EntraIDEnterpriseEnrollmentRecord contoso.com Verifies that the DNS CNAME record enterpriseenrollment.contoso.com is correct. -------------------------- EXAMPLE 2 -------------------------- - C:\PS> "contoso.com","fabrikam.com","tailspintoys.com" | Test-AzureADEnterpriseEnrollmentRecord + C:\PS> "contoso.com","fabrikam.com","tailspintoys.com" | Test-EntraIDEnterpriseEnrollmentRecord Verifies that the DNS CNAME records enterpriseenrollment.contoso.com, enterpriseenrollment.fabrikam.com, and enterpriseenrollment.tailspintoys.com are correct. @@ -214,10 +215,10 @@ Online Version: - https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-AzureADEnteprriseEnrollmentRecord.md + https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-EntraIDEnterpriseEnrollmentRecord.md - Test-AzureADJoinRecords + Test-EntraIDJoinRecords @@ -232,19 +233,19 @@ - Test-AzureADEnterpriseRegistrationRecord + Test-EntraIDEnterpriseRegistrationRecord Test - AzureADEnterpriseRegistrationRecord + EntraIDEnterpriseRegistrationRecord - Verifies that a domain's Azure AD enterprise registration DNS record is correct. + Verifies that a domain's Entra ID enterprise registration DNS record is correct. - This cmdlet checks one or more domains for the presence and correctness of the Azure Active Directory enterprise registration DNS record, named enterpriseregistration. It should be a CNAME pointing to enterpriseregistration.windows.net. + This cmdlet checks one or more domains for the presence and correctness of the Entra ID enterprise registration DNS record, named enterpriseregistration. It should be a CNAME pointing to enterpriseregistration.windows.net. - Test-AzureADEnterpriseRegistrationRecord + Test-EntraIDEnterpriseRegistrationRecord DomainName @@ -295,20 +296,20 @@ - + Microsoft Entra ID used to be called Microsoft Azure Active Directory, and previous versions of this cmdlet reflected that. -------------------------- EXAMPLE 1 -------------------------- - C:\PS> Test-AzureADEnterpriseRegistrationRecord contoso.com + C:\PS> Test-EntraIDEnterpriseRegistrationRecord contoso.com Verifies that the DNS CNAME record enterpriseregistration.contoso.com is correct. -------------------------- EXAMPLE 2 -------------------------- - C:\PS> "contoso.com","fabrikam.com","tailspintoys.com" | Test-AzureADEnterpriseRegistrationRecord + C:\PS> "contoso.com","fabrikam.com","tailspintoys.com" | Test-EntraIDEnterpriseRegistrationRecord Verifies that the DNS CNAME records enterpriseregistration.contoso.com, enterpriseregistration.fabrikam.com, and enterpriseregistration.tailspintoys.com are correct. @@ -316,7 +317,11 @@ - Test-AzureADJoinRecords + Online Version: + https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-EntraIDEnterpriseRegistrationRecord.md + + + Test-EntraIDJoinRecords @@ -331,19 +336,19 @@ - Test-AzureADRecords + Test-EntraIDRecords Test - AzureADRecords + EntraIDRecords - Tests all Azure AD DNS records for correctness. + Tests all Entra ID DNS records for correctness. - This cmdlet will test the Azure Active Directory client configuration, enterprise enrollment, and enterprise registration DNS records for correctness. + This cmdlet will test the Entra ID client configuration, enterprise enrollment, and enterprise registration DNS records for correctness. - Test-AzureADRecords + Test-EntraIDRecords DomainName @@ -417,40 +422,41 @@ - This cmdlet is the same as running Test-AzureADClientConfigurationRecord, Test-AzureADEnterpriseEnrollmentRecord, and Test-AzureADEnterpriseRegistrationRecord. + This cmdlet is the same as running Test-EntraIDClientConfigurationRecord, Test-EntraIDEnterpriseEnrollmentRecord, and Test-EntraIDEnterpriseRegistrationRecord. + Microsoft Entra ID used to be called Microsoft Azure Active Directory, and previous versions of this cmdlet reflected that. -------------------------- Example 1 -------------------------- - PS C:\> Test-AzureADRecords contoso.com + PS C:\> Test-EntraIDRecords contoso.com Verifies that the DNS CNAME records enterprisenrollment.contoso.com, enterpriseregistration.contoso.com, and msoid.contoso.com are correct. -------------------------- Example 2 -------------------------- - PS C:\> "contoso.com","fabrikam.com","tailspintoys.com" | Test-AzureADRecords + PS C:\> "contoso.com","fabrikam.com","tailspintoys.com" | Test-EntraIDRecords - Verifies that the three Azure AD records for all three domains are correct. + Verifies that the three Entra ID records for all three domains are correct. Online Version: - https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-AzureADRecords.md + https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-EntraIDRecords.md - Test-AzureADClientConfigurationRecord + Test-EntraIDClientConfigurationRecord - Test-AzureADEnterpriseEnrollmentRecord + Test-EntraIDEnterpriseEnrollmentRecord - Test-AzureADEnterpriseRegistrationRecord + Test-EntraIDEnterpriseRegistrationRecord @@ -709,7 +715,7 @@ - This cmdlet checks one or more domains' DNS records for the presence and correctness of the Exchange Online MX record. The first and only MX record should look something like tenantdomain-com.mail.protection.outlook.com. + This cmdlet checks one or more domains' DNS records for the presence and correctness of the Exchange Online MX record. The first and only MX record should look something like tenantdomain-com.mail.protection.outlook.com or tenantdomain-com.1a2b3c.mx.microsoft. @@ -726,6 +732,18 @@ None + + DANERequired + + Specify this switch to print a warning if the DNSSEC/DANE-enabled MX endpoints are not in use. Without this switch, either the non-secure or secure MX names will be considered good. + The DNSSEC/DANE-enabled endpoints will not be available for use until March 2024, with general availability in July 2024. + + + SwitchParameter + + + False + @@ -741,6 +759,19 @@ None + + DANERequired + + Specify this switch to print a warning if the DNSSEC/DANE-enabled MX endpoints are not in use. Without this switch, either the non-secure or secure MX names will be considered good. + The DNSSEC/DANE-enabled endpoints will not be available for use until March 2024, with general availability in July 2024. + + SwitchParameter + + SwitchParameter + + + False + @@ -822,9 +853,10 @@ None - GroupByRecord + DANERequired - {{ Fill GroupByRecord Description }} + Specify this switch to print a warning if the DNSSEC/DANE-enabled MX endpoints are not in use. Without this switch, either the non-secure or secure MX names will be considered good. + The DNSSEC/DANE-enabled endpoints will not be available for use until March 2024, with general availability in July 2024. SwitchParameter @@ -832,6 +864,18 @@ False + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + @@ -848,9 +892,10 @@ None - GroupByRecord + DANERequired - {{ Fill GroupByRecord Description }} + Specify this switch to print a warning if the DNSSEC/DANE-enabled MX endpoints are not in use. Without this switch, either the non-secure or secure MX names will be considered good. + The DNSSEC/DANE-enabled endpoints will not be available for use until March 2024, with general availability in July 2024. SwitchParameter @@ -859,6 +904,18 @@ False + + ProgressAction + + {{ Fill ProgressAction Description }} + + ActionPreference + + ActionPreference + + + None + @@ -1184,7 +1241,7 @@ - This cmdlet will check for the presence and correctness of all of one or more domains' DNS records that support all of Office 365's services, including Azure AD, Exchange Online, Microsoft Teams, and Skype for Business. + This cmdlet will check for the presence and correctness of all of one or more domains' DNS records that support all of Office 365's services, including Entra ID, Exchange Online, Microsoft Teams, and Skype for Business. @@ -1262,7 +1319,7 @@ - + Microsoft Entra ID used to be called Microsoft Azure Active Directory, and previous versions of this cmdlet reflected that. @@ -1317,7 +1374,7 @@ Create a SRV record for _sipfederationtls._tcp.woodgrovebank.com (port 5061) poi - Test-AzureADJoinRecords + Test-EntraIDJoinRecords diff --git a/en-US/about_Office365DnsChecker.Help.txt b/en-US/about_Office365DnsChecker.Help.txt index 39abb7a..bcf995d 100755 --- a/en-US/about_Office365DnsChecker.Help.txt +++ b/en-US/about_Office365DnsChecker.Help.txt @@ -14,28 +14,28 @@ LONG DESCRIPTION The above cmdlet works by calling these three cmdlets, which can be used to test Office 365's three major services independently: - 1. Test-AzureADRecords + 1. Test-EntraIDRecords 2. Test-ExchangeOnlineRecords 3. Test-TeamsRecords Finally, the above three cmdlets themselves call the following cmdlets. To test a single DNS record on its own, use one of these: - 1. Azure Active Directory's client configuration record (optional for - all users, but required by 21Vianet customers): - Cmdlet = Test-AzureADClientConfigurationRecord + 1. Entra ID's client configuration record (optional for all users, but + required by 21Vianet customers): + Cmdlet = Test-EntraIDClientConfigurationRecord Name = msoid Type = CNAME Target = clientconfig.partner.microsoftonline-p.net.cn. (21Vianet) clientconfig.microsoftonline-p.net. (rest of world) - 2. Azure Active Directory's enterprise enrollment record: - Cmdlet = Test-AzureADEnterpriseEnrollmentRecord + 2. Entra ID's enterprise enrollment record: + Cmdlet = Test-EntraIDEnterpriseEnrollmentRecord Name = enterpriseenrollment Type = CNAME Target = enterpriseenrollment.manage.microsoft.com. - 3. Azure Active Directory's enterprise registration record: - Cmdlet = Test-AzureADEnterpriseRegistrationRecord + 3. Entra ID's enterprise registration record: + Cmdlet = Test-EntraIDEnterpriseRegistrationRecord Name = enterpriseregistration Type = CNAME Target = enterpriseregistration.windows.net. @@ -83,11 +83,16 @@ LONG DESCRIPTION exact value, consult the Microsoft 365 Admin Center's Domains page. For illustrative purposes, the MX record for the domain contoso.com - would probably be "contoso-com.mail.protection.outlook.com." + would probably be "contoso-com.1a2b3c.mx.microsoft", or it'd be the + older unsigned "contoso-com.mail.protection.outlook.com." As this value can be somewhat unpredictable, this check will only - verify that there is exactly one MX record, and that is ends with - ".mail.protection.outlook.com." + verify that there is exactly one MX record, and that it ends with + ".mail.protection.outlook.com" or ".mx.microsoft". + + DANE-enabled records (the ones in the mx.microsoft zone) are not the + default options at this time. However, use the -DaneRequired switch + to print warnings when the DANE-enabled MX records are not in use. If there are no MX records present, or if there are additional ones in addition to the correct MX record, then that will cause an error @@ -221,13 +226,15 @@ KEYWORDS Some keywords that you might use to search for this module include: Office 365, DNS, CNAME, SRV, service, TXT, text, RR; - Azure AD, AAD, join, hybrid join, registered, client configuration, - msoid, enterprise enrollment, enterprise registration, 21Vianet; + Azure AD, AAD, Entra, Entra ID, join, hybrid join, registered, msoid, + client configuration, enterprise enrollment, enterprise registration, + 21Vianet; Exchange Online, SPF, Sender ID, DKIM, DomainKeys, Autodiscover, - Outlook, Anywhere, ActiveSync, EAS, EWS, MX record, mail exchanger; + Outlook, Anywhere, ActiveSync, EAS, EWS, MX record, mail exchanger, + DANE, DNSSEC; Microsoft Teams, Teams, Skype for Business, Skype for Business Online, Lync, Lync Online, SIP, federation, SIPFederationTLS, TCP, TLS, LyncDiscover. SEE ALSO - Test-Office365DnsRecords \ No newline at end of file + Test-Office365DnsRecords diff --git a/man/en-US/Test-AzureADClientConfigurationRecord.md b/man/en-US/Test-EntraIDClientConfigurationRecord.md similarity index 79% rename from man/en-US/Test-AzureADClientConfigurationRecord.md rename to man/en-US/Test-EntraIDClientConfigurationRecord.md index 31c7deb..559de72 100644 --- a/man/en-US/Test-AzureADClientConfigurationRecord.md +++ b/man/en-US/Test-EntraIDClientConfigurationRecord.md @@ -1,19 +1,19 @@ --- external help file: Office365DnsChecker-help.xml Module Name: Office365DnsChecker -online version: https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-AzureADClientConfigurationRecord.md +online version: https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-EntraIDClientConfigurationRecord.md schema: 2.0.0 --- -# Test-AzureADClientConfigurationRecord +# Test-EntraIDClientConfigurationRecord ## SYNOPSIS -Verifies that a domain's Azure AD client configuration DNS record is correct. +Verifies that a domain's Entra ID client configuration DNS record is correct. ## SYNTAX ``` -Test-AzureADClientConfigurationRecord [-DomainName] [-Use21Vianet] [] +Test-EntraIDClientConfigurationRecord [-DomainName] [-Use21Vianet] [] ``` ## DESCRIPTION @@ -25,14 +25,14 @@ For Office 365 tenants in China operated by 21Vianet, the msoid record must be p ### Example 1 ```powershell -PS C:\> Test-AzureADClientConfigurationRecord contoso.com +PS C:\> Test-EntraIDClientConfigurationRecord contoso.com ``` Verifies that the DNS CNAME record msoid.contoso.com is correct or missing. ### Example 2 ```powershell -PS C:\> "contoso.com","fabrikam.com","tailspintoys.com" | Test-AzureADClientConfigurationRecord +PS C:\> "contoso.com","fabrikam.com","tailspintoys.com" | Test-EntraIDClientConfigurationRecord ``` Verifies that the DNS CNAME records msoid.contoso.com, msoid.fabrikam.com, and msoid.tailspintoys.com are correct. @@ -86,8 +86,10 @@ True if all DNS records are correct, false otherwise. If you pass multiple doma Starting in early 2023, Microsoft's recommendations changed. Now, the msoid record should not be defined for any tenants not operated by 21Vianet. For more information, see: https://learn.microsoft.com/en-gb/microsoft-365/admin/services-in-china/purpose-of-cname?view=o365-21vianet +Microsoft Entra ID used to be called Microsoft Azure Active Directory, and previous versions of this cmdlet reflected that. + ## RELATED LINKS -[Test-AzureADJoinRecords]() +[Test-EntraIDJoinRecords]() [Test-Office365DnsRecords]() [about_Office365DnsChecker]() \ No newline at end of file diff --git a/man/en-US/Test-AzureADEnterpriseEnrollmentRecord.md b/man/en-US/Test-EntraIDEnterpriseEnrollmentRecord.md similarity index 68% rename from man/en-US/Test-AzureADEnterpriseEnrollmentRecord.md rename to man/en-US/Test-EntraIDEnterpriseEnrollmentRecord.md index 3f6f526..96ecb5e 100644 --- a/man/en-US/Test-AzureADEnterpriseEnrollmentRecord.md +++ b/man/en-US/Test-EntraIDEnterpriseEnrollmentRecord.md @@ -1,36 +1,36 @@ --- external help file: Office365DnsChecker-help.xml Module Name: Office365DnsChecker -online version: https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-AzureADEnteprriseEnrollmentRecord.md +online version: https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-EntraIDEnterpriseEnrollmentRecord.md schema: 2.0.0 --- -# Test-AzureADEnterpriseEnrollmentRecord +# Test-EntraIDEnterpriseEnrollmentRecord ## SYNOPSIS -Verifies that a domain's Azure AD enterprise enrollment DNS record is correct. +Verifies that a domain's Entra ID enterprise enrollment DNS record is correct. ## SYNTAX ``` -Test-AzureADEnterpriseEnrollmentRecord [-DomainName] [] +Test-EntraIDEnterpriseEnrollmentRecord [-DomainName] [] ``` ## DESCRIPTION -This cmdlet checks one or more domains for the presence and correctness of the Azure Active Directory enterprise enrollment DNS record, named enterpriseenrollment. It should be a CNAME pointing to enterpriseenrollment.manage.microsoft.com. +This cmdlet checks one or more domains for the presence and correctness of the Entra ID enterprise enrollment DNS record, named enterpriseenrollment. It should be a CNAME pointing to enterpriseenrollment.manage.microsoft.com. ## EXAMPLES ### EXAMPLE 1 ``` -C:\PS> Test-AzureADEnterpriseEnrollmentRecord contoso.com +C:\PS> Test-EntraIDEnterpriseEnrollmentRecord contoso.com ``` Verifies that the DNS CNAME record enterpriseenrollment.contoso.com is correct. ### EXAMPLE 2 ``` -C:\PS> "contoso.com","fabrikam.com","tailspintoys.com" | Test-AzureADEnterpriseEnrollmentRecord +C:\PS> "contoso.com","fabrikam.com","tailspintoys.com" | Test-EntraIDEnterpriseEnrollmentRecord ``` Verifies that the DNS CNAME records enterpriseenrollment.contoso.com, enterpriseenrollment.fabrikam.com, and enterpriseenrollment.tailspintoys.com are correct. @@ -66,10 +66,11 @@ One or more domain names to check. This cmdlet accepts pipeline input as well. True if all DNS records are correct, false otherwise. If you pass multiple domain names to this cmdlet, the result will consider all domains; that is, if contoso.com is correct but fabrikam.com is not, the result will be false. ## NOTES +Microsoft Entra ID used to be called Microsoft Azure Active Directory, and previous versions of this cmdlet reflected that. ## RELATED LINKS -[Test-AzureADJoinRecords]() +[Test-EntraIDJoinRecords]() [Test-Office365DnsRecords]() diff --git a/man/en-US/Test-AzureADEnterpriseRegistrationRecord.md b/man/en-US/Test-EntraIDEnterpriseRegistrationRecord.md similarity index 65% rename from man/en-US/Test-AzureADEnterpriseRegistrationRecord.md rename to man/en-US/Test-EntraIDEnterpriseRegistrationRecord.md index e08e044..9861824 100644 --- a/man/en-US/Test-AzureADEnterpriseRegistrationRecord.md +++ b/man/en-US/Test-EntraIDEnterpriseRegistrationRecord.md @@ -1,37 +1,36 @@ --- external help file: Office365DnsChecker-help.xml Module Name: Office365DnsChecker -online version: +online version: https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-EntraIDEnterpriseRegistrationRecord.md schema: 2.0.0 --- -# Test-AzureADEnterpriseRegistrationRecord +# Test-EntraIDEnterpriseRegistrationRecord ## SYNOPSIS -Verifies that a domain's Azure AD enterprise registration DNS record is correct. +Verifies that a domain's Entra ID enterprise registration DNS record is correct. ## SYNTAX ``` -Test-AzureADEnterpriseRegistrationRecord [-DomainName] [] +Test-EntraIDEnterpriseRegistrationRecord [-DomainName] [] ``` ## DESCRIPTION -This cmdlet checks one or more domains for the presence and correctness of the Azure Active Directory enterprise registration DNS record, named enterpriseregistration. -It should be a CNAME pointing to enterpriseregistration.windows.net. +This cmdlet checks one or more domains for the presence and correctness of the Entra ID enterprise registration DNS record, named enterpriseregistration. It should be a CNAME pointing to enterpriseregistration.windows.net. ## EXAMPLES ### EXAMPLE 1 ``` -C:\PS> Test-AzureADEnterpriseRegistrationRecord contoso.com +C:\PS> Test-EntraIDEnterpriseRegistrationRecord contoso.com ``` Verifies that the DNS CNAME record enterpriseregistration.contoso.com is correct. ### EXAMPLE 2 ``` -C:\PS> "contoso.com","fabrikam.com","tailspintoys.com" | Test-AzureADEnterpriseRegistrationRecord +C:\PS> "contoso.com","fabrikam.com","tailspintoys.com" | Test-EntraIDEnterpriseRegistrationRecord ``` Verifies that the DNS CNAME records enterpriseregistration.contoso.com, enterpriseregistration.fabrikam.com, and enterpriseregistration.tailspintoys.com are correct. @@ -67,10 +66,11 @@ One or more domain names to check. This cmdlet accepts pipeline input as well. True if all DNS records are correct, false otherwise. If you pass multiple domain names to this cmdlet, the result will consider all domains; that is, if contoso.com is correct but fabrikam.com is not, the result will be false. ## NOTES +Microsoft Entra ID used to be called Microsoft Azure Active Directory, and previous versions of this cmdlet reflected that. ## RELATED LINKS -[Test-AzureADJoinRecords]() +[Test-EntraIDJoinRecords]() [Test-Office365DnsRecords]() diff --git a/man/en-US/Test-AzureADRecords.md b/man/en-US/Test-EntraIDRecords.md similarity index 64% rename from man/en-US/Test-AzureADRecords.md rename to man/en-US/Test-EntraIDRecords.md index 12f545e..075b2cc 100644 --- a/man/en-US/Test-AzureADRecords.md +++ b/man/en-US/Test-EntraIDRecords.md @@ -1,39 +1,39 @@ --- external help file: Office365DnsChecker-help.xml Module Name: Office365DnsChecker -online version: https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-AzureADRecords.md +online version: https://github.com/rhymeswithmogul/Office365DNSChecker/blob/main/man/en-US/Test-EntraIDRecords.md schema: 2.0.0 --- -# Test-AzureADRecords +# Test-EntraIDRecords ## SYNOPSIS -Tests all Azure AD DNS records for correctness. +Tests all Entra ID DNS records for correctness. ## SYNTAX ``` -Test-AzureADRecords [-DomainName] [-Use21Vianet] [] +Test-EntraIDRecords [-DomainName] [-Use21Vianet] [] ``` ## DESCRIPTION -This cmdlet will test the Azure Active Directory client configuration, enterprise enrollment, and enterprise registration DNS records for correctness. +This cmdlet will test the Entra ID client configuration, enterprise enrollment, and enterprise registration DNS records for correctness. ## EXAMPLES ### Example 1 ```powershell -PS C:\> Test-AzureADRecords contoso.com +PS C:\> Test-EntraIDRecords contoso.com ``` Verifies that the DNS CNAME records enterprisenrollment.contoso.com, enterpriseregistration.contoso.com, and msoid.contoso.com are correct. ### Example 2 ```powershell -PS C:\> "contoso.com","fabrikam.com","tailspintoys.com" | Test-AzureADRecords +PS C:\> "contoso.com","fabrikam.com","tailspintoys.com" | Test-EntraIDRecords ``` -Verifies that the three Azure AD records for all three domains are correct. +Verifies that the three Entra ID records for all three domains are correct. ## PARAMETERS @@ -81,10 +81,12 @@ One or more domain names to check. This cmdlet accepts pipeline input as well. True if all DNS records are correct, false otherwise. If you pass multiple domain names to this cmdlet, the result will consider all domains; that is, if contoso.com is correct but fabrikam.com is not, the result will be false. ## NOTES -This cmdlet is the same as running Test-AzureADClientConfigurationRecord, Test-AzureADEnterpriseEnrollmentRecord, and Test-AzureADEnterpriseRegistrationRecord. +This cmdlet is the same as running Test-EntraIDClientConfigurationRecord, Test-EntraIDEnterpriseEnrollmentRecord, and Test-EntraIDEnterpriseRegistrationRecord. + +Microsoft Entra ID used to be called Microsoft Azure Active Directory, and previous versions of this cmdlet reflected that. ## RELATED LINKS -[Test-AzureADClientConfigurationRecord]() -[Test-AzureADEnterpriseEnrollmentRecord]() -[Test-AzureADEnterpriseRegistrationRecord]() \ No newline at end of file +[Test-EntraIDClientConfigurationRecord]() +[Test-EntraIDEnterpriseEnrollmentRecord]() +[Test-EntraIDEnterpriseRegistrationRecord]() \ No newline at end of file diff --git a/man/en-US/Test-Office365DNSRecords.md b/man/en-US/Test-Office365DNSRecords.md index ec73133..2f5836c 100644 --- a/man/en-US/Test-Office365DNSRecords.md +++ b/man/en-US/Test-Office365DNSRecords.md @@ -13,11 +13,11 @@ Verifies that all of a domain's Office 365 DNS records are correct. ## SYNTAX ``` -Test-Office365DNSRecords [-DomainName] [-Use21Vianet] [-DANERequired] [] +Test-Office365DNSRecords [-DomainName] [-Use21Vianet] [-DaneRequired] [] ``` ## DESCRIPTION -This cmdlet will check for the presence and correctness of all of one or more domains' DNS records that support all of Office 365's services, including Azure AD, Exchange Online, Microsoft Teams, and Skype for Business. +This cmdlet will check for the presence and correctness of all of one or more domains' DNS records that support all of Office 365's services, including Entra ID, Exchange Online, Microsoft Teams, and Skype for Business. ## EXAMPLES @@ -77,7 +77,6 @@ Default value: None Accept pipeline input: True (ByValue) Accept wildcard characters: False ``` - ### -Use21Vianet If your Office 365 tenant is hosted by 21Vianet, include this switch. Chinese customers must have the msoid attribute set to a special value. @@ -93,23 +92,6 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -DANERequired -Specify this switch to print a warning if the DNSSEC/DANE-enabled MX endpoints are not in use. Without this switch, either the non-secure or secure MX names will be considered good. - -The DNSSEC/DANE-enabled endpoints will not be available for use until March 2024, with general availability in July 2024. - -```yaml -Type: SwitchParameter -Parameter Sets: (All) -Aliases: - -Required: False -Position: Named -Default value: None -Accept pipeline input: False -Accept wildcard characters: False -``` - ### CommonParameters This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/?LinkID=113216). @@ -124,12 +106,13 @@ One or more domain names to check. This cmdlet accepts pipeline input as well. True if all DNS records are correct, false otherwise. If you pass multiple domain names to this cmdlet, the result will consider all domains; that is, if contoso.com is correct but fabrikam.com is not, the result will be false. ## NOTES +Microsoft Entra ID used to be called Microsoft Azure Active Directory, and previous versions of this cmdlet reflected that. ## RELATED LINKS [about_Office365DnsChecker]() -[Test-AzureADJoinRecords]() +[Test-EntraIDJoinRecords]() [Test-ExchangeOnlineRecords]() diff --git a/src/Office365DnsChecker.psm1 b/src/Office365DnsChecker.psm1 index ef5d7ff..45b6d04 100644 --- a/src/Office365DnsChecker.psm1 +++ b/src/Office365DnsChecker.psm1 @@ -50,7 +50,7 @@ Function Test-Office365DNSRecords { $DomainName | ForEach-Object { Write-Output "Checking Office 365 DNS records for $_." - $result = Test-AzureADRecords -DomainName $_ -Use21Vianet:$Use21Vianet | Out-Null + $result = Test-EntraIDRecords -DomainName $_ -Use21Vianet:$Use21Vianet | Out-Null $result = Test-ExchangeOnlineRecords -DomainName $_ -DANERequired:$DANERequired | Out-Null $result = Test-TeamsRecords -DomainName $_ | Out-Null } @@ -212,9 +212,10 @@ Function Write-Success } #endregion Helper cmdlets -#region Azure AD cmdlets -Function Test-AzureADRecords +#region Entra cmdlets +Function Test-EntraIDRecords { + [Alias('Test-AzureADRecords')] [Diagnostics.CodeAnalysis.SuppressMessageAttribute( 'PSUseSingularNouns', '', Justification='We are testing multiple DNS records.' @@ -232,15 +233,16 @@ Function Test-AzureADRecords Process { $DomainName | ForEach-Object { - Test-AzureADClientConfigurationRecord -DomainName $_ -Use21Vianet:$Use21Vianet - Test-AzureADEnterpriseEnrollmentRecord -DomainName $_ - Test-AzureADEnterpriseRegistrationRecord -DomainName $_ + Test-EntraIDClientConfigurationRecord -DomainName $_ -Use21Vianet:$Use21Vianet + Test-EntraIDEnterpriseEnrollmentRecord -DomainName $_ + Test-EntraIDEnterpriseRegistrationRecord -DomainName $_ } } } -Function Test-AzureADClientConfigurationRecord +Function Test-EntraIDClientConfigurationRecord { + [Alias('Test-AzureADClientConfigurationRecord')] [CmdletBinding()] [OutputType([Bool])] Param( @@ -276,7 +278,7 @@ Function Test-AzureADClientConfigurationRecord # if this DNS record is missing. If (-Not $dnsLookup -and -Not $Use21Vianet) { - Write-Success -Product 'Azure AD' 'The client configuration CNAME record is not present.' + Write-Success -Product 'Entra ID' 'The client configuration CNAME record is not present.' } # However, if it exists and is not set to the default value of @@ -300,10 +302,10 @@ Function Test-AzureADClientConfigurationRecord Else { If ($Use21Vianet) { - Write-Success -Product 'Azure AD' 'The client configuration CNAME record is present and correct for 21Vianet.' + Write-Success -Product 'Entra ID' 'The client configuration CNAME record is present and correct for 21Vianet.' } Else { - Write-Success -Product 'Azure AD' 'The client configuration CNAME record is present, but correct.' + Write-Success -Product 'Entra ID' 'The client configuration CNAME record is present, but correct.' } } } @@ -314,8 +316,9 @@ Function Test-AzureADClientConfigurationRecord } } -Function Test-AzureADEnterpriseEnrollmentRecord +Function Test-EntraIDEnterpriseEnrollmentRecord { + [Alias('Test-AzureADEnterpriseEnrollmentRecord')] [OutputType([Bool])] Param( [Parameter(Mandatory, ValueFromPipeline)] @@ -332,7 +335,7 @@ Function Test-AzureADEnterpriseEnrollmentRecord Process { $DomainName | ForEach-Object { - Write-Output "Checking AAD enterprise enrollment record for $_" + Write-Output "Checking Entra ID enterprise enrollment record for $_" $record = "enterpriseenrollment.$_" $dnsLookup = Resolve-DnsNameCrossPlatform -Type CNAME -Name $record @@ -370,7 +373,7 @@ Function Test-AzureADEnterpriseEnrollmentRecord } Else { - Write-Success -Product 'Azure AD' 'The enterprise enrollment DNS record is correct.' + Write-Success -Product 'Entra ID' 'The enterprise enrollment DNS record is correct.' } } } @@ -380,8 +383,9 @@ Function Test-AzureADEnterpriseEnrollmentRecord } } -Function Test-AzureADEnterpriseRegistrationRecord +Function Test-EntraIDEnterpriseRegistrationRecord { + [Alias('Test-AzureADEnterpriseRegistrationRecord')] [OutputType([Bool])] Param( [Parameter(Mandatory, ValueFromPipeline)] @@ -399,7 +403,7 @@ Function Test-AzureADEnterpriseRegistrationRecord Process { $DomainName | ForEach-Object { - Write-Output "Checking AAD enterprise registration record for $_" + Write-Output "Checking Entra ID enterprise registration record for $_" $record = "enterpriseregistration.$_" $dnsLookup = Resolve-DnsNameCrossPlatform -Type CNAME -Name $record @@ -438,7 +442,7 @@ Function Test-AzureADEnterpriseRegistrationRecord } Else { - Write-Success -Product 'Azure AD' 'The enterprise registration DNS record is correct.' + Write-Success -Product 'Entra ID' 'The enterprise registration DNS record is correct.' } } } @@ -447,7 +451,7 @@ Function Test-AzureADEnterpriseRegistrationRecord Return $result } } -#endregion Azure AD cmdlets +#endregion Entra ID cmdlets #region Exchange Online cmdlets Function Test-ExchangeOnlineRecords