From b1acb18a0421176adc38bb423d5a823a9efd45cc Mon Sep 17 00:00:00 2001 From: Fabien Tschanz Date: Fri, 20 Dec 2024 13:28:09 +0100 Subject: [PATCH 1/7] Update documentation for M365DSC updates --- .../user-guide/get-started/how-to-install.md | 9 +++---- .../user-guide/get-started/troubleshooting.md | 25 +++++++++++++++++++ 2 files changed, 29 insertions(+), 5 deletions(-) diff --git a/docs/docs/user-guide/get-started/how-to-install.md b/docs/docs/user-guide/get-started/how-to-install.md index df0f8f21b1..c15e403c35 100644 --- a/docs/docs/user-guide/get-started/how-to-install.md +++ b/docs/docs/user-guide/get-started/how-to-install.md @@ -15,7 +15,7 @@ Executing this command can take a minute or two to complete, after which the bas ## Dependencies -However, Microsoft365DSC depends on several other modules to function properly. For example, it uses the MSCloudLoginAssistant module to delegate all authentication logic to the various workloads, it leverages a dozen Microsoft Graph PowerShell modules to interact with various configuration settings, etc. Current versions of Microsoft365DSC no longer download all the required prerequisites by default. When you install the Microsoft365DSC, you only get the core component after which you have to download all prerequisite modules as well. It is our recommendation that you run the following command to update all dependencies on the system after installing the module: +However, Microsoft365DSC depends on several other modules to function properly. For example, it uses the MSCloudLoginAssistant module to delegate all authentication logic to the various workloads, it leverages a dozen Microsoft Graph PowerShell modules to interact with various configuration settings, etc. Current versions of Microsoft365DSC no longer download all the required prerequisites by default. When you install the Microsoft365DSC module, you only get the core component after which you have to download all prerequisite modules as well. It is our recommendation that you run the following command to update all dependencies on the system after installing the module: ```PowerShell Update-M365DSCDependencies @@ -41,11 +41,10 @@ Get-Module Microsoft365DSC -ListAvailable | select ModuleBase, Version ## Updating To A Newer Version -To update an older version of Microsoft365DSC, use the **Update-Module** cmdlet and run the **Update-M365DSCDependencies** cmdlet again to update any dependencies. +To update an older version of Microsoft365DSC, use the **Update-M365DSCModule** cmdlet. This will update the current version of Microsoft365DSC and all dependencies in one go as well as uninstalling all outdated versions. ```PowerShell -Update-Module Microsoft365DSC -Update-M365DSCDependencies +Update-M365DSCModule ``` ## More Information @@ -55,7 +54,7 @@ More information about installing modules: - Installing a PowerShell module - Find-Module cmdlet - Install-Module cmdlet -- Update-Module cmdlet +- Update-M365DSCModule cmdlet - Save-Module cmdlet - About PSModulePath diff --git a/docs/docs/user-guide/get-started/troubleshooting.md b/docs/docs/user-guide/get-started/troubleshooting.md index f974c666ae..5ace1769bd 100644 --- a/docs/docs/user-guide/get-started/troubleshooting.md +++ b/docs/docs/user-guide/get-started/troubleshooting.md @@ -64,3 +64,28 @@ Optionally, for improved performance, you can increase the handles and threads p $quotaConfiguration.HandlesPerHost = 8192 $quotaConfiguration.ThreadsPerHost = 512 ``` + + +## Error "InvalidOperation: Cannot index into a null array" when creating a report from configuration + +### ISSUE + +When creating a report from either running `New-M365DSCDeltaReport` or `New-M365DSCReportFromConfiguration`, you might receive the following error and the generated report is empty: + +```powershell +Cannot index into a null array. +At C:\Program Files\WindowsPowerShell\Modules\DSCParser\2.0.0.5\Modules\DSCParser.psm1:**456** char:9 ++ $resourceType = $resource.CommandElements[0].Value ++ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + + CategoryInfo : InvalidOperation: (:) [], RuntimeException + + FullyQualifiedErrorId : NullArray +``` + +### CAUSE + +This issue might occur if there are multiple versions of Microsoft365DSC present on the current machine and the configuration contains nested objects. +The nested objects are resolved from their CIM definitions, and if multiple versions of Microsoft365DSC are present, multiple versions of these CIM definitions exist. + +### RESOLUTION + +Update and install to the latest supported version of Microsoft365DSC using `Update-M365DSCModule`. This will uninstall all outdated versions and dependencies and update to the latest version available on the PowerShell Gallery. \ No newline at end of file From fb9aae7843e441e0abcbe9447989d17240455a89 Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Mon, 23 Dec 2024 17:16:31 -0500 Subject: [PATCH 2/7] Defender adds support for UseBasicParsing --- CHANGELOG.md | 8 ++++++++ .../MSFT_DefenderDeviceAuthenticatedScanDefinition.psm1 | 4 ++-- .../Modules/WorkloadHelpers/M365DSCDefenderHelper.psm1 | 3 ++- 3 files changed, 12 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6b89a9c8f2..f65de7a463 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,13 @@ # Change log for Microsoft365DSC +# UNRELEASED + +* DefenderDeviceAuthenticatedScanDefinition + * Fixed the Data Type export. +* MISC + * DEFENDER + * Added support for the UseBasicParsing paramter for REST calls. + # 1.24.1218.1 * AADApplication diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderDeviceAuthenticatedScanDefinition/MSFT_DefenderDeviceAuthenticatedScanDefinition.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderDeviceAuthenticatedScanDefinition/MSFT_DefenderDeviceAuthenticatedScanDefinition.psm1 index 70b2391927..0c3135890c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderDeviceAuthenticatedScanDefinition/MSFT_DefenderDeviceAuthenticatedScanDefinition.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_DefenderDeviceAuthenticatedScanDefinition/MSFT_DefenderDeviceAuthenticatedScanDefinition.psm1 @@ -146,8 +146,8 @@ function Get-TargetResource else { $ScanAuthenticationParamsValue = @{ - '@odata.context' = '#microsoft.windowsDefenderATP.api.SnmpAuthParams' - Type = 'NoAuthNoPriv' + DataType = '#microsoft.windowsDefenderATP.api.SnmpAuthParams' + Type = 'NoAuthNoPriv' } } diff --git a/Modules/Microsoft365DSC/Modules/WorkloadHelpers/M365DSCDefenderHelper.psm1 b/Modules/Microsoft365DSC/Modules/WorkloadHelpers/M365DSCDefenderHelper.psm1 index df62ffcf32..c677bfaeb1 100644 --- a/Modules/Microsoft365DSC/Modules/WorkloadHelpers/M365DSCDefenderHelper.psm1 +++ b/Modules/Microsoft365DSC/Modules/WorkloadHelpers/M365DSCDefenderHelper.psm1 @@ -24,7 +24,8 @@ function Invoke-M365DSCDefenderREST $response = Invoke-WebRequest -Method $Method ` -Uri $Uri ` -Headers $headers ` - -Body $bodyJSON + -Body $bodyJSON ` + -UseBasicParsing $result = ConvertFrom-Json $response.Content return $result } From cea6565f4fbbf5a01dbb83963d3e0c999607a13e Mon Sep 17 00:00:00 2001 From: Sergei Nikalaichyk Date: Fri, 27 Dec 2024 11:11:59 -0600 Subject: [PATCH 3/7] Added UseBasicParsing to Invoke-WebRequest calls for AADVerifiedIdAuthority, AADVerifiedIdAuthorityContract, and AzureVerifiedIdFaceCheck --- .../MSFT_AADVerifiedIdAuthority.psm1 | 4 ++-- .../MSFT_AADVerifiedIdAuthorityContract.psm1 | 4 ++-- .../MSFT_AzureVerifiedIdFaceCheck.psm1 | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.psm1 index 8da0f80edd..b79636d69d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthority/MSFT_AADVerifiedIdAuthority.psm1 @@ -575,11 +575,11 @@ function Invoke-M365DSCVerifiedIdWebRequest if ($Method -eq 'PATCH' -or $Method -eq 'POST') { $BodyJson = $body | ConvertTo-Json - $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers -Body $BodyJson + $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers -Body $BodyJson -UseBasicParsing } else { - $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers + $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers -UseBasicParsing } if ($Method -eq 'DELETE') diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthorityContract/MSFT_AADVerifiedIdAuthorityContract.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthorityContract/MSFT_AADVerifiedIdAuthorityContract.psm1 index 0ff063c803..88225c80a0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthorityContract/MSFT_AADVerifiedIdAuthorityContract.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADVerifiedIdAuthorityContract/MSFT_AADVerifiedIdAuthorityContract.psm1 @@ -922,11 +922,11 @@ function Invoke-M365DSCVerifiedIdWebRequest if ($Method -eq 'PATCH' -or $Method -eq 'POST') { $BodyJson = $body | ConvertTo-Json -Depth 10 - $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers -Body $BodyJson + $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers -Body $BodyJson -UseBasicParsing } else { - $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers + $response = Invoke-WebRequest -Method $Method -Uri $Uri -Headers $headers -UseBasicParsing } if ($Method -eq 'DELETE') diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureVerifiedIdFaceCheck/MSFT_AzureVerifiedIdFaceCheck.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureVerifiedIdFaceCheck/MSFT_AzureVerifiedIdFaceCheck.psm1 index 467f46d674..c42db507fd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AzureVerifiedIdFaceCheck/MSFT_AzureVerifiedIdFaceCheck.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AzureVerifiedIdFaceCheck/MSFT_AzureVerifiedIdFaceCheck.psm1 @@ -345,7 +345,7 @@ function Export-TargetResource Authorization = (Get-MSCloudLoginConnectionProfile -Workload AdminAPI).AccessToken } $uri = 'https://verifiedid.did.msidentity.com/v1.0/verifiableCredentials/authorities' - $response = Invoke-WebRequest -Uri $uri -Method Get -Headers $headers + $response = Invoke-WebRequest -Uri $uri -Method Get -Headers $headers -UseBasicParsing $authorities = ConvertFrom-Json $response.Content $resourceGroups = Get-AzResourceGroup -ErrorAction Stop From b96199a58b71daea2641045dd926bec1fbeeb4e6 Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Fri, 27 Dec 2024 13:46:40 -0500 Subject: [PATCH 4/7] Fix --- CHANGELOG.md | 5 +++-- ...ationCertificateBasedAuthConfiguration.psm1 | 18 ++++++++++++++---- 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f65de7a463..42f4f58bae 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,14 +2,15 @@ # UNRELEASED +* AADOrganizationCertificateBasedAuthConfiguration + * Fixed the primary key of the resource. + FIXES [#5523](https://github.com/microsoft/Microsoft365DSC/issues/5523) * DefenderDeviceAuthenticatedScanDefinition * Fixed the Data Type export. * MISC * DEFENDER * Added support for the UseBasicParsing paramter for REST calls. -# 1.24.1218.1 - * AADApplication * Added support for Oauth2PermissionScopes. * Fixes comparison issue for permissions. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/MSFT_AADOrganizationCertificateBasedAuthConfiguration.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/MSFT_AADOrganizationCertificateBasedAuthConfiguration.psm1 index 109cc8b9a6..8a5b4423f2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/MSFT_AADOrganizationCertificateBasedAuthConfiguration.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADOrganizationCertificateBasedAuthConfiguration/MSFT_AADOrganizationCertificateBasedAuthConfiguration.psm1 @@ -9,7 +9,7 @@ function Get-TargetResource [Microsoft.Management.Infrastructure.CimInstance[]] $CertificateAuthorities, - [Parameter()] + [Parameter(Mandatory = $true)] [System.String] $OrganizationId, #endregion @@ -141,7 +141,7 @@ function Set-TargetResource [Microsoft.Management.Infrastructure.CimInstance[]] $CertificateAuthorities, - [Parameter()] + [Parameter(Mandatory = $true)] [System.String] $OrganizationId, #endregion @@ -225,7 +225,13 @@ function Set-TargetResource certificateAuthorities = $createCertAuthorities } - $policy = Invoke-MgGraphRequest -Uri ((Get-MSCloudLoginConnectionProfile -Workload MicrosoftGraph).ResourceUrl + "beta/organization/$OrganizationId/certificateBasedAuthConfiguration/") -Method POST -Body $params + $uri = ((Get-MSCloudLoginConnectionProfile -Workload MicrosoftGraph).ResourceUrl + ` + "beta/organization/$OrganizationId/certificateBasedAuthConfiguration/") + + Write-Verbose -Message "Creating with Parameters:`r`n$(ConvertTo-Json $params -Depth 10)" + Invoke-MgGraphRequest -Uri $uri ` + -Method 'POST' ` + -Body $params } } @@ -240,7 +246,7 @@ function Test-TargetResource [Microsoft.Management.Infrastructure.CimInstance[]] $CertificateAuthorities, - [Parameter()] + [Parameter(Mandatory = $true)] [System.String] $OrganizationId, #endregion @@ -417,6 +423,10 @@ function Export-TargetResource } foreach ($config in $getValue) { + if ($null -ne $Global:M365DSCExportResourceInstancesCount) + { + $Global:M365DSCExportResourceInstancesCount++ + } $displayedKey = "CertificateBasedAuthConfigurations for $($getValue.DisplayName)" Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ From f039356f52a583c394e247d446159dfd7e055a07 Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Sun, 29 Dec 2024 09:42:38 -0500 Subject: [PATCH 5/7] AADRoleEligibilityScheduleRequest - Export Fix --- CHANGELOG.md | 2 + ...SFT_AADRoleEligibilityScheduleRequest.psm1 | 116 ++++++++++-------- 2 files changed, 65 insertions(+), 53 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 42f4f58bae..26e967f969 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,8 @@ * AADOrganizationCertificateBasedAuthConfiguration * Fixed the primary key of the resource. FIXES [#5523](https://github.com/microsoft/Microsoft365DSC/issues/5523) +* AADRoleEligibilityScheduleRequest + * Fixed error when extracting an entry with a deleted principal. * DefenderDeviceAuthenticatedScanDefinition * Fixed the Data Type export. * MISC diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 index 3cebcf39a2..42ba8bd62f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 @@ -756,8 +756,15 @@ function Export-TargetResource if ($null -eq $groupInfo) { $principalType = 'ServicePrincipal' - $spnInfo = Get-MgServicePrincipal -ServicePrincipalId $request.PrincipalId - $PrincipalValue = $spnInfo.DisplayName + $spnInfo = Get-MgServicePrincipal -ServicePrincipalId $request.PrincipalId -ErrorAction SilentlyContinue + if ($null -ne $spnInfo) + { + $PrincipalValue = $spnInfo.DisplayName + } + else + { + $PrincipalValue = $null + } } else { @@ -769,62 +776,65 @@ function Export-TargetResource $PrincipalValue = $userInfo.UserPrincipalName } - $RoleDefinitionId = Get-MgBetaRoleManagementDirectoryRoleDefinition -UnifiedRoleDefinitionId $request.RoleDefinitionId - $params = @{ - Id = $request.Id - Principal = $PrincipalValue - PrincipalType = $principalType - DirectoryScopeId = $request.DirectoryScopeId - RoleDefinition = $RoleDefinitionId.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent - AccessTokens = $AccessTokens - } + if ($null -ne $PrincipalValue) + { + $RoleDefinitionId = Get-MgBetaRoleManagementDirectoryRoleDefinition -UnifiedRoleDefinitionId $request.RoleDefinitionId + $params = @{ + Id = $request.Id + Principal = $PrincipalValue + PrincipalType = $principalType + DirectoryScopeId = $request.DirectoryScopeId + RoleDefinition = $RoleDefinitionId.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + AccessTokens = $AccessTokens + } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @Params - $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results - try - { - if ($null -ne $results.ScheduleInfo) + $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` + -Results $Results + try { - $Results.ScheduleInfo = Get-M365DSCAzureADEligibilityRequestScheduleInfoAsString -ScheduleInfo $Results.ScheduleInfo + if ($null -ne $results.ScheduleInfo) + { + $Results.ScheduleInfo = Get-M365DSCAzureADEligibilityRequestScheduleInfoAsString -ScheduleInfo $Results.ScheduleInfo + } + } + catch + { + Write-Verbose -Message "Error converting Schedule: $_" + } + if ($Results.TicketInfo) + { + $Results.TicketInfo = Get-M365DSCAzureADEligibilityRequestTicketInfoAsString -TicketInfo $Results.TicketInfo + } + $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $Results ` + -Credential $Credential + if ($null -ne $Results.ScheduleInfo) + { + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` + -ParameterName 'ScheduleInfo' + } + if ($null -ne $Results.TicketInfo) + { + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` + -ParameterName 'TicketInfo' } - } - catch - { - Write-Verbose -Message "Error converting Schedule: $_" - } - if ($Results.TicketInfo) - { - $Results.TicketInfo = Get-M365DSCAzureADEligibilityRequestTicketInfoAsString -TicketInfo $Results.TicketInfo - } - $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` - -ConnectionMode $ConnectionMode ` - -ModulePath $PSScriptRoot ` - -Results $Results ` - -Credential $Credential - if ($null -ne $Results.ScheduleInfo) - { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'ScheduleInfo' - } - if ($null -ne $Results.TicketInfo) - { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock ` - -ParameterName 'TicketInfo' - } - $dscContent += $currentDSCBlock - Save-M365DSCPartialExport -Content $currentDSCBlock ` - -FileName $Global:PartialExportFileName - $i++ + $dscContent += $currentDSCBlock + Save-M365DSCPartialExport -Content $currentDSCBlock ` + -FileName $Global:PartialExportFileName + $i++ + } Write-Host $Global:M365DSCEmojiGreenCheckMark } return $dscContent From aa08cf4885be4b4ba38bcd99be7cf2863f341747 Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Sun, 29 Dec 2024 09:46:23 -0500 Subject: [PATCH 6/7] Update MSFT_AADRoleEligibilityScheduleRequest.psm1 --- .../MSFT_AADRoleEligibilityScheduleRequest.psm1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 index 42ba8bd62f..5091971e4f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 @@ -833,8 +833,8 @@ function Export-TargetResource $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` -FileName $Global:PartialExportFileName - $i++ } + $i++ Write-Host $Global:M365DSCEmojiGreenCheckMark } return $dscContent From 68752eca8c70b0df4a7833b39457a3de74c7c2b6 Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Mon, 30 Dec 2024 13:15:20 -0500 Subject: [PATCH 7/7] AADAuthenticationRequirement - Fixes logic to Extract All User Instances --- CHANGELOG.md | 2 ++ .../MSFT_AADAuthenticationRequirement.psm1 | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 26e967f969..347bee63d0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ # UNRELEASED +* AADAuthenticationRequirement + * Changed Export logic to extract instances from all users. * AADOrganizationCertificateBasedAuthConfiguration * Fixed the primary key of the resource. FIXES [#5523](https://github.com/microsoft/Microsoft365DSC/issues/5523) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/MSFT_AADAuthenticationRequirement.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/MSFT_AADAuthenticationRequirement.psm1 index bb76b820b1..e8e8fae959 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/MSFT_AADAuthenticationRequirement.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationRequirement/MSFT_AADAuthenticationRequirement.psm1 @@ -310,7 +310,7 @@ function Export-TargetResource try { - [array]$getValue = Get-MgUser -ErrorAction Stop | Where-Object -FilterScript { $null -ne $_.Id } + [array]$getValue = Get-MgUser -ErrorAction Stop -All | Where-Object -FilterScript { $null -ne $_.Id } $i = 1 $dscContent = ''