Skip to content

Commit

Permalink
Fixes CA policy deployment errors
Browse files Browse the repository at this point in the history
  • Loading branch information
Alfred Schreuder committed Jan 17, 2025
1 parent 129fc89 commit 5e5ed01
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 2 deletions.
2 changes: 2 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@

# UNRELEASED

* AADConditionalAccessPolicy
* Fixes CA policy deployment errors when deploying policies based for workload identities.
* AADDeviceRegistrationPolicy
* Fixes an error when trying to disable AAD join.
* FabricAdminTenantSettings
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1035,7 +1035,6 @@ function Set-TargetResource
Write-Verbose -Message 'Set-Targetresource: create Conditions object'
$conditions = @{
applications = @{}
users = @{}
}
#create and provision Application Condition object
Write-Verbose -Message 'Set-Targetresource: create Application Condition object'
Expand Down Expand Up @@ -1122,6 +1121,10 @@ function Set-TargetResource
Write-Verbose -Message 'Set-Targetresource: process includeusers'
if ($currentParameters.ContainsKey('IncludeUsers'))
{
if (-not $conditions.ContainsKey('users'))
{
$conditions.Add('users', @{})
}
$conditions.Users.Add('includeUsers', @())
foreach ($includeuser in $IncludeUsers)
{
Expand Down Expand Up @@ -1169,6 +1172,10 @@ function Set-TargetResource
Write-Verbose -Message 'Set-Targetresource: process excludeusers'
if ($currentParameters.ContainsKey('ExcludeUsers'))
{
if (-not $conditions.ContainsKey('users'))
{
$conditions.Add('users', @{})
}
$conditions.users.Add('excludeUsers', @())
foreach ($excludeuser in $ExcludeUsers)
{
Expand Down Expand Up @@ -1216,6 +1223,10 @@ function Set-TargetResource
Write-Verbose -Message 'Set-Targetresource: process includegroups'
if ($currentParameters.ContainsKey('IncludeGroups'))
{
if (-not $conditions.ContainsKey('users'))
{
$conditions.Add('users', @{})
}
$conditions.users.Add('includeGroups', @())
foreach ($includegroup in $IncludeGroups)
{
Expand Down Expand Up @@ -1266,6 +1277,10 @@ function Set-TargetResource
Write-Verbose -Message 'Set-Targetresource: process excludegroups'
if ($currentParameters.ContainsKey('ExcludeGroups'))
{
if (-not $conditions.ContainsKey('users'))
{
$conditions.Add('users', @{})
}
$conditions.users.Add('excludeGroups', @())
foreach ($ExcludeGroup in $ExcludeGroups)
{
Expand Down Expand Up @@ -1316,6 +1331,10 @@ function Set-TargetResource
Write-Verbose -Message 'Set-Targetresource: process includeroles'
if ($currentParameters.ContainsKey('IncludeRoles'))
{
if (-not $conditions.ContainsKey('users'))
{
$conditions.Add('users', @{})
}
$conditions.Users.Add('includeRoles', @())
if ($IncludeRoles)
{
Expand Down Expand Up @@ -1350,6 +1369,10 @@ function Set-TargetResource
Write-Verbose -Message 'Set-Targetresource: process excluderoles'
if ($currentParameters.ContainsKey('ExcludeRoles'))
{
if (-not $conditions.ContainsKey('users'))
{
$conditions.Add('users', @{})
}
$conditions.users.Add('excludeRoles', @())
if ($ExcludeRoles)
{
Expand Down Expand Up @@ -1384,6 +1407,10 @@ function Set-TargetResource
Write-Verbose -Message 'Set-Targetresource: process includeGuestOrExternalUser'
If ($currentParameters.ContainsKey('IncludeGuestOrExternalUserTypes'))
{
if (-not $conditions.ContainsKey('users'))
{
$conditions.Add('users', @{})
}
$includeGuestsOrExternalUsers = $null
if ($IncludeGuestOrExternalUserTypes.Count -ne 0)
{
Expand Down Expand Up @@ -1415,6 +1442,10 @@ function Set-TargetResource
Write-Verbose -Message 'Set-Targetresource: process excludeGuestsOrExternalUsers'
If ($currentParameters.ContainsKey('ExcludeGuestOrExternalUserTypes'))
{
if (-not $conditions.ContainsKey('users'))
{
$conditions.Add('users', @{})
}
$excludeGuestsOrExternalUsers = $null
if ($ExcludeGuestOrExternalUserTypes.Count -ne 0)
{
Expand Down Expand Up @@ -1851,7 +1882,7 @@ function Set-TargetResource
Write-Verbose -Message 'Create Parameters:'
Write-Verbose -Message (Convert-M365DscHashtableToString $NewParameters)

if ($newparameters.Conditions.applications.count -gt 0 -and $newparameters.Conditions.Users.count -gt 0 -and ($newparameters.GrantControls.count -gt 0 -or $newparameters.SessionControls.count -gt 0))
if ($newparameters.Conditions.applications.count -gt 0 -and ($newparameters.Conditions.Users.count -gt 0 -or $newparameters.Conditions.ClientApplications.count -gt 0) -and ($newparameters.GrantControls.count -gt 0 -or $newparameters.SessionControls.count -gt 0))
{
try
{
Expand Down

0 comments on commit 5e5ed01

Please sign in to comment.