Skip to content

Commit 6caa71b

Browse files
authored
Merge pull request #910 from KelvinTegelaar/dev
[pull] dev from KelvinTegelaar:dev
2 parents 1a5859d + 65a0899 commit 6caa71b

6 files changed

Lines changed: 53 additions & 31 deletions

File tree

Modules/CIPPCore/Public/Compare-CIPPIntuneObject.ps1

Lines changed: 16 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -285,8 +285,15 @@ function Compare-CIPPIntuneObject {
285285
# Both empty (null, "", []) - no difference
286286
continue
287287
}
288-
if ($val1 -or $val2) {
288+
if ($null -ne $val1 -and $null -ne $val2) {
289289
Compare-ObjectsRecursively -Object1 $val1 -Object2 $val2 -PropertyPath $newPath -Depth ($Depth + 1) -MaxDepth $MaxDepth
290+
} elseif (-not $val1IsEmpty -or -not $val2IsEmpty) {
291+
# One side is null/empty, the other is not - report as difference
292+
$result.Add([PSCustomObject]@{
293+
Property = $newPath
294+
ExpectedValue = if ($null -eq $val1) { '' } else { $val1 }
295+
ReceivedValue = if ($null -eq $val2) { '' } else { $val2 }
296+
})
290297
}
291298
} catch {
292299
throw
@@ -297,10 +304,10 @@ function Compare-CIPPIntuneObject {
297304
$valIsEmpty = ($null -eq $val -or $val -eq '' -or ($val -is [Array] -and $val.Count -eq 0))
298305
if (-not $valIsEmpty) {
299306
$result.Add([PSCustomObject]@{
300-
Property = $newPath
301-
ExpectedValue = $val
302-
ReceivedValue = ''
303-
})
307+
Property = $newPath
308+
ExpectedValue = $val
309+
ReceivedValue = ''
310+
})
304311
}
305312
} catch {
306313
throw
@@ -311,10 +318,10 @@ function Compare-CIPPIntuneObject {
311318
$valIsEmpty = ($null -eq $val -or $val -eq '' -or ($val -is [Array] -and $val.Count -eq 0))
312319
if (-not $valIsEmpty) {
313320
$result.Add([PSCustomObject]@{
314-
Property = $newPath
315-
ExpectedValue = ''
316-
ReceivedValue = $val
317-
})
321+
Property = $newPath
322+
ExpectedValue = ''
323+
ReceivedValue = $val
324+
})
318325
}
319326
} catch {
320327
throw

Modules/CIPPCore/Public/New-CIPPCAPolicy.ps1

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,8 @@ function New-CIPPCAPolicy {
6161
$GroupIds.Add($NewGroup.GroupId)
6262
}
6363
} else {
64-
Write-Warning "Group $_ not found in the tenant"
64+
Write-Warning "Group $_ not found in the tenant and CreateGroups is disabled"
65+
throw "Group '$_' not found in tenant $TenantFilter. Enable 'Create groups if they do not exist' or create the group manually before deploying this policy."
6566
}
6667
}
6768
}
@@ -444,7 +445,7 @@ function New-CIPPCAPolicy {
444445
# Preserve any exclusion groups named "Vacation Exclusion - <PolicyDisplayName>" from existing policy
445446
try {
446447
$ExistingVacationGroup = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/groups?`$filter=startsWith(displayName,'Vacation Exclusion')&`$select=id,displayName&`$top=999&`$count=true" -ComplexFilter -tenantid $TenantFilter -asApp $true |
447-
Where-Object { $CheckExisting.conditions.users.excludeGroups -contains $_.id }
448+
Where-Object { $CheckExisting.conditions.users.excludeGroups -contains $_.id }
448449
if ($ExistingVacationGroup) {
449450
if (-not ($JSONobj.conditions.users.PSObject.Properties.Name -contains 'excludeGroups')) {
450451
$JSONobj.conditions.users | Add-Member -NotePropertyName 'excludeGroups' -NotePropertyValue @() -Force

Modules/CIPPCore/Public/New-CIPPGroup.ps1

Lines changed: 26 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -178,16 +178,20 @@ function New-CIPPGroup {
178178
GroupType = $NormalizedGroupType
179179
Email = if ($NeedsEmail) { $Email } else { $null }
180180
}
181-
$CacheEntity = @{
182-
PartitionKey = 'GroupCreation'
183-
RowKey = $CacheRowKey
184-
GroupId = [string]$GraphRequest.id
185-
DisplayName = [string]$GroupObject.displayName
186-
GroupType = [string]$NormalizedGroupType
187-
Email = [string]$(if ($NeedsEmail) { $Email } else { '' })
188-
Tenant = [string]$TenantFilter
181+
try {
182+
$CacheEntity = @{
183+
PartitionKey = 'GroupCreation'
184+
RowKey = $CacheRowKey
185+
GroupId = [string]$GraphRequest.id
186+
DisplayName = [string]$GroupObject.displayName
187+
GroupType = [string]$NormalizedGroupType
188+
Email = [string]$(if ($NeedsEmail) { $Email } else { '' })
189+
Tenant = [string]$TenantFilter
190+
}
191+
Add-CIPPAzDataTableEntity @GroupCacheTable -Entity $CacheEntity -Force
192+
} catch {
193+
Write-Warning "Failed to write group creation cache for $($GroupObject.displayName): $($_.Exception.Message)"
189194
}
190-
Add-CIPPAzDataTableEntity @GroupCacheTable -Entity $CacheEntity -Force
191195
if ($GroupObject.subscribeMembers) {
192196
#Waiting for group to become available in Exo.
193197
Start-Sleep -Seconds 10
@@ -267,16 +271,20 @@ function New-CIPPGroup {
267271
GroupType = $NormalizedGroupType
268272
Email = $Email
269273
}
270-
$CacheEntity = @{
271-
PartitionKey = 'GroupCreation'
272-
RowKey = $CacheRowKey
273-
GroupId = [string]$GraphRequest.Identity
274-
DisplayName = [string]$GroupObject.displayName
275-
GroupType = [string]$NormalizedGroupType
276-
Email = [string]$Email
277-
Tenant = [string]$TenantFilter
274+
try {
275+
$CacheEntity = @{
276+
PartitionKey = 'GroupCreation'
277+
RowKey = $CacheRowKey
278+
GroupId = [string]$GraphRequest.Identity
279+
DisplayName = [string]$GroupObject.displayName
280+
GroupType = [string]$NormalizedGroupType
281+
Email = [string]$Email
282+
Tenant = [string]$TenantFilter
283+
}
284+
Add-CIPPAzDataTableEntity @GroupCacheTable -Entity $CacheEntity -Force
285+
} catch {
286+
Write-Warning "Failed to write group creation cache for $($GroupObject.displayName): $($_.Exception.Message)"
278287
}
279-
Add-CIPPAzDataTableEntity @GroupCacheTable -Entity $CacheEntity -Force
280288
}
281289

282290
Write-LogMessage -API $APIName -tenant $TenantFilter -message "Created group $($GroupObject.displayName) with id $($Result.GroupId)" -Sev Info

Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardConditionalAccessTemplate.ps1

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -121,6 +121,12 @@ function Invoke-CIPPStandardConditionalAccessTemplate {
121121
} else {
122122
$templateResult = New-CIPPCATemplate -TenantFilter $tenant -JSON $CheckExististing -preloadedLocations $preloadedLocations
123123
$CompareObj = ConvertFrom-Json -ErrorAction SilentlyContinue -InputObject $templateResult
124+
if ($null -eq $Policy -or $null -eq $CompareObj) {
125+
$nullSide = if ($null -eq $Policy) { 'template policy' } else { 'tenant policy conversion' }
126+
Write-LogMessage -API 'Standards' -tenant $Tenant -message "Cannot compare CA policy: $nullSide returned null for $($Settings.TemplateList.label)" -sev Error
127+
Set-CIPPStandardsCompareField -FieldName "standards.ConditionalAccessTemplate.$($Settings.TemplateList.value)" -FieldValue "Error comparing policy: $nullSide returned null" -Tenant $Tenant
128+
return
129+
}
124130
try {
125131
$Compare = Compare-CIPPIntuneObject -ReferenceObject $Policy -DifferenceObject $CompareObj -CompareType 'ca'
126132
} catch {

host.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616
"distributedTracingEnabled": false,
1717
"version": "None"
1818
},
19-
"defaultVersion": "10.2.6",
19+
"defaultVersion": "10.3.0",
2020
"versionMatchStrategy": "Strict",
2121
"versionFailureStrategy": "Fail"
2222
}

version_latest.txt

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
10.2.6
1+
10.3.0

0 commit comments

Comments
 (0)