limjianan
commented
5 months ago okay, i spend a bit more time, and i think it need to update the Get-MdmConfigurationPolicy.ps1 and append a loop before you return $DocSec
########################
if ($policies.'@odata.nextLink') {
do{
$policies= Invoke-DocGraph -fullurl $policies.'@odata.nextLink'
foreach($Policy in $Policies.Value) {
$PolicyA = (Invoke-DocGraph -Path "/deviceManagement/ConfigurationPolicies/$($Policy.Id)/assignments" -Beta).value
$DocSecSingleValue = New-Object DocSection
$DocSecSingleValue.Title = "Settings"
$DocSecSingleValue.Text = ""
$DocSecSingleValue.Objects = @()
$DocSecSingleValue.Transpose = $false
$settings = Invoke-DocGraph -Path (Join-Path -Path "/deviceManagement/ConfigurationPolicies/$($Policy.Id)/settings" -ChildPath '?$expand=settingDefinitions') -Beta
foreach($setting in $settings.value) {
$DocSecSingleValue.Objects += & $getValues -setting $setting
}
$DocSecSingle = New-Object DocSection
$DocSecSingle.Title = $Policy.Name
$DocSecSingle.Text = $Policy.description
$DocSecSingle.Objects = $Policy
$DocSecSingle.Transpose = $false
$DocSecSingle.SubSections = @()
$DocSecSingle.SubSections += Get-AssignmentDetail -Assignments $PolicyA
$DocSecSingle.SubSections += $DocSecSingleValue
$ReturnObj += $DocSecSingle
}
$DocSec.SubSections = $ReturnObj
} until ( !$policies.'@odata.nextLink')
}
i have run the Get-M365Doc and found graph have a limitation of 25 policy https://graph.microsoft.com/beta/$metadata#deviceManagement/configurationPolicies
so it only listed the first 25 policies.
the code should consider whether @odata.nextLink is exist and then continue to pull. I am looking at the Invoke-DocGraph and it should do something there (maybe)