tabs-not-spaces
commented
1 year ago If there's no new api permissions, I'm happy to change this - would you submit a PR?
On Tue, 25 Apr 2023, 12:19 am chug, @.***> wrote:
Hi guys, first off - awesome! This is such a great tool and I'm working on implementing it for our production environment.
We use RBAC and therefore I needed to adapt the script a little bit. Instead of using
$groupQuery = "users/$userId/memberOf"
I changed it to
$groupQuery = "users/$userId/transitiveMemberOf"
Otherwise the query only returns direct memberships instead of all memberships, which doesn't work for us since we use nested groups to grant access to file shares.
— Reply to this email directly, view it on GitHub https://github.com/tabs-not-spaces/Intune.Logonscript.FunctionApp/issues/1, or unsubscribe https://github.com/notifications/unsubscribe-auth/AIDA4LMNSP3YYG3J362F3O3XC53JHANCNFSM6AAAAAAXKSPU6M . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Hi guys, first off - awesome! This is such a great tool and I'm working on implementing it for our production environment.
We use RBAC and therefore I needed to adapt the script a little bit. Instead of using
$groupQuery = "users/$userId/memberOf"
I changed it to
$groupQuery = "users/$userId/transitiveMemberOf"
Otherwise the query only returns direct memberships instead of all memberships, which doesn't work for us since we use nested groups to grant access to file shares.