Describe the issue
Customer reported the following error issue and unable to execute the script.
Errors that occurred that wasn't handled
Error Index: 0
Get-SecurityCve-2022-21978 : Cannot bind argument to parameter 'ExchangeWellKnownSecurityGroups' because it is null.
Inner Exception: at System.Management.Automation.ExceptionHandlingOps.CheckActionPreference(FunctionContext funcContext, Exception exception)
at System.Management.Automation.Interpreter.ActionCallInstruction`2.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.Interpreter.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.LightLambda.RunVoid1[T0](T0 arg0)
at System.Management.Automation.PSScriptCmdlet.RunClause(Action`1 clause, Object dollarUnderbar, Object inputToProcess)
at System.Management.Automation.PSScriptCmdlet.DoProcessRecord()
at System.Management.Automation.CommandProcessor.ProcessRecord()
Position Message: At C:\HealthChecker.ps1:15441 char:60
+ ... CVE202221978 = (Get-SecurityCve-2022-21978 @cve21978Params)
+ ~~~~~~~~~~~~~~~
Script Stack: at Get-OrganizationInformation<Process>, C:\HealthChecker.ps1: line 15440
at Get-HealthCheckerData, C:\HealthChecker.ps1: line 15529
at Invoke-HealthCheckerMainReport, C:\HealthChecker.ps1: line 15659
at <ScriptBlock><End>, C:\HealthChecker.ps1: line 16470
at <ScriptBlock>, <No file>: line 1
Expected behavior
We need to handle when a user who doesn't have the correct permissions to get the ntSecurityDescriptor from AD, that we need to properly report this and provide the best information that we can. This needs to be addressed if you are in the Organization Management role group as this is where we provide that permission normally for Exchange Admins.
Additional context
Need to go through and create a user that has a deny for Read Permissions on various locations where we are looking for the ntSecurityDescriptor and then properly handle this and report it.
Describe the issue Customer reported the following error issue and unable to execute the script.
Expected behavior We need to handle when a user who doesn't have the correct permissions to get the
ntSecurityDescriptorfrom AD, that we need to properly report this and provide the best information that we can. This needs to be addressed if you are in theOrganization Managementrole group as this is where we provide that permission normally for Exchange Admins.Additional context Need to go through and create a user that has a deny for Read Permissions on various locations where we are looking for the
ntSecurityDescriptorand then properly handle this and report it.