-
Notifications
You must be signed in to change notification settings - Fork 491
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AADAdministrativeUnit - suggestions for solution of various issues #2786
Comments
I think I'm the only one who has been reporting the bugs - I'd be quite OK with a breaking change here if it fixes the issue better :) |
According to our BR change policy we could introduce the BR change in the first version of April 23. If there is a fix available, that could introduced now, I would go ahead with the fix now, that would not bring any BR. Could you outline the issue a bit more granular? |
The issue is that the parameter ScopedRoleMember contains a nested CimInstance. However, the code that DRG has built doesn't address that, so exporting a resource will fail or return useless info. Same with updates as the Test-TargetResource is also unable to compare parameters in this scenario. |
I agree that Breaking Changed should only be released according to the release schedule. However in this case it looks like the resource never worked anyways, so the breaking change would be to fix something that currently doesn't work. So I would be fine with that. @NikCharlebois, what do you think? |
To be clear, I don't have a solution that is not a BR. |
Can confirm that both Get-TargetResource (#2775) and Set-TargetResource (#2776) both appear to be broken at present - agree with @ykuijs that perhaps it needn't be considered a 'breaking change' in the same way (since it is already broken!) I am also keen on building live configs with AUs. Could the resource be fixed for now, and the issue with the DRG raised as a separate issue for further consideration? |
If it’s already broken, we should go ahead with a fix. |
ok, I have tested a solution that both passes tests and seems to actually work. See PR #2794 |
Details of the scenario you tried and the problem that is occurring
Various issues have been reported from users trying to use the AADAdministrativeUnit resource.
I have myself seen issues with export and updates when testing against a tenant that has an AU with ScopedRoleMembers. Sorry to say, when I built the resource I never tested it 'live' prior to submitting it.
The issue is a nested CimInstance in the schema-class MSFT_MicrosoftGraphScopedRoleMembership
The majority of the code for this resource is provided by DRG but DRG doesn't include sufficient code to fully address nested CimInstances with regards to converting between formats in Test- and Export-TargetResource.
Verbose logs showing the problem
Suggested solution to the issue
There are two solutions - a) A fix could be implemented in DRG to handle nested CimInstances allowing the resource to be 'rebuilt' or b) the Cim Class specifying ScopedRoleMembership could be changed to include the fields that are provided by the nested CimInstance (ie 'flatten the object') and thereby remove the cause for issues.
Solution b) will be a breaking change for anyone that are using the resource. However, I doubt that many do, given the issues it has.
If solution b) is acceptable, I have a fix ready to PR
The DSC configuration that is used to reproduce the issue (as detailed as possible)
The text was updated successfully, but these errors were encountered: