Additional checks for Get-AllAadGroupAssignments.ps1

[Arne-RFA]

It would be great to see Conditional Access, App Protection, and App Configuration added.

[JayRHa]

Okay let me work in this

[kh-ps-dreamer]

Any chance you could add Proactive Remediation, or any of the "Endpoint security" policies - antivirus, disk encryption, firewall, ASR, Endpoint detection and response?

[MStormW]

I would like to second the addition of Endpoint Security policies. Also, @JayRHa are you aware if this functionality will ever be implemented by Microsoft? I feel it is such an essential tool to keep track of where groups have been used. I'm so glad you have made this tool but I feel Microsoft should implement it themselves.

[ivassallo19]

I am adding to this thread with my findings, let me know if I should raise a new issue. It seems that the 'Security baselines' section (that looks at /intents) includes 'Microsoft Defender for Endpoint Security Baseline' baselines, but it does not include 'Security Baseline for Windows 10 and later' or 'Security Baseline for Microsoft Edge' baselines. I currently don't have a baseline under 'Windows 365 Security Baseline' or 'Microsoft 365 Apps for Enterprise Security Baseline' to determine if these are included or not, but I would guess not. I did use Graph Explorer to look around, and found that they are included in /configurationPolicies, but this includes other policies as well. For now I've changed my local copy and added this as a topic.