search

ssc-spc-ccoe-cei / azure-guardrails-solution-accelerator

This implementation automates reporting to verify compliance with GC Cloud Guardrails. SSC and TBS review the results. Cette mise en œuvre automatise la production de rapports afin de vérifier la conformité aux mesures de sécurité infonuagique du GC. SPC et SCT examinent les résultats.
Other
11 stars 4 forks source link

GA MFA check falsely reporting GAs don't have MFA enabled #65

Closed dutt0 closed 9 months ago

dutt0 commented 10 months ago

Describe the bug Global Administrator MFA check reporting falsely that GAs don't have MFA enabled whereas in the GlobalAdministratorsUPN.txt has UPN for both GAs whose MFA is enabled

image

Showing error "Exception calling "invoke" with "0" arguments(s): "You cannot call a method on a null-valued expression." image

Expected behavior Expected behavior would be no error and the workbook control should show that "Two or more global administrator accounts have been identified, and multi-factor authentication (MFA) is enabled for all of them."

To Reproduce Steps to reproduce the behavior:

  1. Upload a file GlobalAdministratorsUPN.txt to the storage container with the UPN of two GAs
  2. Re-run main runbook
  3. See error

Additional context The file uploaded to the tenant is below

GlobalAdministratorsUPN.txt

dutt0 commented 10 months ago

In the GlobalAdministratorsUPN.txt file the UPNs need to be preceded with a hyphen e.g. -xxxxxxxx@xxxxxxxx.onmicrosoft.com