Open rnliseb opened 3 years ago
I also ran into this same problem. I was able to debug it down to a policy that lists object ID's for groups that I do not see in the GUI.. $Policy.conditions.users.includeGroups is the collection where I found my problem. I just don't know how the object ID's got orphaned or how to remove them. Two of the object ID's that were returned, I cannot find anywhere in my AAD.
Im getting the same issue with this but cannot tied down the issue. Any ideas?
in PS 7.1.3 i get the following:
Invoke-RestMethod: C:\Program Files\WindowsPowerShell\Modules\DCToolbox\1.0.23\DCToolbox.psm1:1220
Line |
1220 | … ryRequest = Invoke-RestMethod -Headers $HeaderParams -Uri $GraphUri - …
| ~~~~~~~~~~~~~
| {"error":{"code":"Request_ResourceNotFound","message":"Resource 'XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX'
| does not exist or one of its queried reference-property objects are not
| present.","innerError":{"date":"2021-11-04T10:11:27","request-id":"XXXXXXXXXXXXXXXXXX","client-request-id":"XXXXXXXXXXXXXXXXXXXXXXX"}}}
I am also seeing this issue. Some policy that lists object ID's for groups (or users) that I do not see in the GUI.
Could you please change the code so that if its unable to lookup the objectID than it will just use that in the report?
The other Conditional Access commands work well. However, this one errors with a 404:
`VERBOSE: Connecting to Microsoft Graph... VERBOSE: Generating Conditional Access policy design report... Invoke-RestMethod : The remote server returned an error: (404) Not Found. At C:\Program Files\WindowsPowerShell\Modules\DCToolbox\1.0.18\DCToolbox.psm1:895 char:29