You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Details of the scenario you tried and the problem that is occurring
If the attributes "IncludeGuestOrExternalUserTypes" or "ExcludeGuestOrExternalUserTypes" are empty (e.g. = "") an empty Odata.Type is added to the parameters. The command fail consequently.
Add a condition
if($IncludeGuestOrExternalUserTypes){
and
f($ExcludeGuestOrExternalUserTypes){
and remove
else
{
$externalTenants.Add('@odata.type', '')
}
from the code.
The DSC configuration that is used to reproduce the issue (as detailed as possible)
# insert configuration here
AADConditionalAccessPolicy test
{
ApplicationEnforcedRestrictionsIsEnabled =$False;
BuiltInControls =@("block");
ClientAppTypes =@("all");
CloudAppSecurityIsEnabled =$False;
CloudAppSecurityType ="";
CustomAuthenticationFactors =@();
DeviceFilterMode ="exclude";
DeviceFilterRule ="device.trustType -eq `"ServerAD`"";
DisplayName ="My test Policy";
Ensure ="Present";
ExcludeApplications =@();
ExcludeExternalTenantsMembers =@();
ExcludeExternalTenantsMembershipKind ="";
ExcludeGroups =@();
ExcludeLocations =@("test");
ExcludePlatforms =@();
ExcludeRoles =@();
ExcludeUsers =@("[email protected]");
GrantControlOperator ="OR";
Id ="9932ac93-7671-46d3-8714-7e95624af6fe";
IncludeApplications =@("079e1f00-7eae-475d-90db-977deb9edb40");
IncludeExternalTenantsMembers =@();
IncludeExternalTenantsMembershipKind ="";
IncludeGroups =@();
IncludeLocations =@("All");
IncludePlatforms =@("windows");
IncludeRoles =@();
IncludeUserActions =@();
IncludeUsers =@("All");
PersistentBrowserIsEnabled =$False;
PersistentBrowserMode ="";
SignInFrequencyIsEnabled =$False;
SignInFrequencyType ="";
SignInRiskLevels =@();
State ="enabledForReportingButNotEnforced";
UserRiskLevels =@();
}
#### The operating system the target node is running
OsName : Microsoft Windows 10 Pro
OsOperatingSystemSKU : 48
OsArchitecture : 64-bit
WindowsVersion : 2009
WindowsBuildLabEx : 19041.1.amd64fre.vb_release.191206-1406
OsLanguage : en-US
OsMuiLanguages : {en-US}
#### Version of the DSC module that was used ('dev' if using current dev branch)1.23.322.1
The text was updated successfully, but these errors were encountered:
sandrola
added a commit
to swisscom/Microsoft365DSC
that referenced
this issue
Mar 31, 2023
Details of the scenario you tried and the problem that is occurring
If the attributes "IncludeGuestOrExternalUserTypes" or "ExcludeGuestOrExternalUserTypes" are empty (e.g. = "") an empty Odata.Type is added to the parameters. The command fail consequently.
Verbose logs showing the problem
Invalid OData type specified: ""
+ CategoryInfo : InvalidOperation: ({ ConditionalAc...AccessPolicy1 }:) [], CimException
+ FullyQualifiedErrorId : BadRequest,Microsoft.Graph.PowerShell.Cmdlets.UpdateMgIdentityConditionalAccessPolicy_UpdateExpanded
+ PSComputerName : localhost
Suggested solution to the issue
Add a condition
if($IncludeGuestOrExternalUserTypes){
and
f($ExcludeGuestOrExternalUserTypes){
and remove
else
{
$externalTenants.Add('@odata.type', '')
}
from the code.
The DSC configuration that is used to reproduce the issue (as detailed as possible)
The text was updated successfully, but these errors were encountered: