Merge pull request #5599 from NikCharlebois/AADRoleEligibilitySchedul…

…eRequest---Export-Fix AADRoleEligibilityScheduleRequest - Export Fix
microsoft · Dec 29, 2024 · 63e1303 · 63e1303
2 parents a1f9c43 + aa08cf4
commit 63e1303
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 52 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,8 @@
 * AADOrganizationCertificateBasedAuthConfiguration
   * Fixed the primary key of the resource.
     FIXES [#5523](https://github.com/microsoft/Microsoft365DSC/issues/5523)
+* AADRoleEligibilityScheduleRequest
+  * Fixed error when extracting an entry with a deleted principal.
 * DefenderDeviceAuthenticatedScanDefinition
   * Fixed the Data Type export.
 * MISC

diff --git a/...ources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 b/...ources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1
@@ -756,8 +756,15 @@ function Export-TargetResource
                 if ($null -eq $groupInfo)
                 {
                     $principalType = 'ServicePrincipal'
-                    $spnInfo = Get-MgServicePrincipal -ServicePrincipalId $request.PrincipalId
-                    $PrincipalValue = $spnInfo.DisplayName
+                    $spnInfo = Get-MgServicePrincipal -ServicePrincipalId $request.PrincipalId -ErrorAction SilentlyContinue
+                    if ($null -ne $spnInfo)
+                    {
+                        $PrincipalValue = $spnInfo.DisplayName
+                    }
+                    else
+                    {
+                        $PrincipalValue = $null
+                    }
                 }
                 else
                 {
@@ -769,61 +776,64 @@ function Export-TargetResource
                 $PrincipalValue = $userInfo.UserPrincipalName
             }
 
-            $RoleDefinitionId = Get-MgBetaRoleManagementDirectoryRoleDefinition -UnifiedRoleDefinitionId $request.RoleDefinitionId
-            $params = @{
-                Id                    = $request.Id
-                Principal             = $PrincipalValue
-                PrincipalType         = $principalType
-                DirectoryScopeId      = $request.DirectoryScopeId
-                RoleDefinition        = $RoleDefinitionId.DisplayName
-                Ensure                = 'Present'
-                Credential            = $Credential
-                ApplicationId         = $ApplicationId
-                TenantId              = $TenantId
-                ApplicationSecret     = $ApplicationSecret
-                CertificateThumbprint = $CertificateThumbprint
-                ManagedIdentity       = $ManagedIdentity.IsPresent
-                AccessTokens          = $AccessTokens
-            }
+            if ($null -ne $PrincipalValue)
+            {
+                $RoleDefinitionId = Get-MgBetaRoleManagementDirectoryRoleDefinition -UnifiedRoleDefinitionId $request.RoleDefinitionId
+                $params = @{
+                    Id                    = $request.Id
+                    Principal             = $PrincipalValue
+                    PrincipalType         = $principalType
+                    DirectoryScopeId      = $request.DirectoryScopeId
+                    RoleDefinition        = $RoleDefinitionId.DisplayName
+                    Ensure                = 'Present'
+                    Credential            = $Credential
+                    ApplicationId         = $ApplicationId
+                    TenantId              = $TenantId
+                    ApplicationSecret     = $ApplicationSecret
+                    CertificateThumbprint = $CertificateThumbprint
+                    ManagedIdentity       = $ManagedIdentity.IsPresent
+                    AccessTokens          = $AccessTokens
+                }
 
-            $Results = Get-TargetResource @Params
+                $Results = Get-TargetResource @Params
 
-            $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode `
-                -Results $Results
-            try
-            {
-                if ($null -ne $results.ScheduleInfo)
+                $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode `
+                    -Results $Results
+                try
                 {
-                    $Results.ScheduleInfo = Get-M365DSCAzureADEligibilityRequestScheduleInfoAsString -ScheduleInfo $Results.ScheduleInfo
+                    if ($null -ne $results.ScheduleInfo)
+                    {
+                        $Results.ScheduleInfo = Get-M365DSCAzureADEligibilityRequestScheduleInfoAsString -ScheduleInfo $Results.ScheduleInfo
+                    }
+                }
+                catch
+                {
+                    Write-Verbose -Message "Error converting Schedule: $_"
+                }
+                if ($Results.TicketInfo)
+                {
+                    $Results.TicketInfo = Get-M365DSCAzureADEligibilityRequestTicketInfoAsString -TicketInfo $Results.TicketInfo
+                }
+                $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName `
+                    -ConnectionMode $ConnectionMode `
+                    -ModulePath $PSScriptRoot `
+                    -Results $Results `
+                    -Credential $Credential
+                if ($null -ne $Results.ScheduleInfo)
+                {
+                    $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock `
+                        -ParameterName 'ScheduleInfo'
+                }
+                if ($null -ne $Results.TicketInfo)
+                {
+                    $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock `
+                        -ParameterName 'TicketInfo'
                 }
-            }
-            catch
-            {
-                Write-Verbose -Message "Error converting Schedule: $_"
-            }
-            if ($Results.TicketInfo)
-            {
-                $Results.TicketInfo = Get-M365DSCAzureADEligibilityRequestTicketInfoAsString -TicketInfo $Results.TicketInfo
-            }
-            $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName `
-                -ConnectionMode $ConnectionMode `
-                -ModulePath $PSScriptRoot `
-                -Results $Results `
-                -Credential $Credential
-            if ($null -ne $Results.ScheduleInfo)
-            {
-                $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock `
-                    -ParameterName 'ScheduleInfo'
-            }
-            if ($null -ne $Results.TicketInfo)
-            {
-                $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock `
-                    -ParameterName 'TicketInfo'
-            }
 
-            $dscContent += $currentDSCBlock
-            Save-M365DSCPartialExport -Content $currentDSCBlock `
-                -FileName $Global:PartialExportFileName
+                $dscContent += $currentDSCBlock
+                Save-M365DSCPartialExport -Content $currentDSCBlock `
+                    -FileName $Global:PartialExportFileName
+            }
             $i++
             Write-Host $Global:M365DSCEmojiGreenCheckMark
         }