Comments (7)
Does your tenant have at least one Entra ID P1 or P2 license to enable Conditional Access?
from microsoft365dsc.
@andikrueger If you look closely the deployment is actually failing for all resources with "Set-Targetresource: Failed creating new policy", the same issue has been reported already on #4725 and doesn't look like a licensing issue since this was working before.
from microsoft365dsc.
Before deploying in my company tenant, I test this function in the Microsoft CDX tenant. I have license M365 E5.
from microsoft365dsc.
In my event viewer, log reports:
"Error creating new policy:
{ Response status code does not indicate success: BadRequest (Bad Request). } \ at Set-TargetResource, C:\Program Files\WindowsPowerShell\Modules\Microsoft365DSC\1.24.529.1\DscResources\MSFT_AADConditionalAccessPolicy\MSFT_AADConditionalAccessPolicy.psm1: line 1682"
And in line 1655 in MSFT_AADConditionalAccessPolicy.psm1 I found that Conditional use " $NewParameters.Add('ConditionalAccessPolicyId', $currentPolicy.Id)"
But in Microsoft graph document, It does not have "ConditionalAccessPolicyId", It only has "Id". I try to fix but it not work
from microsoft365dsc.
hello,
I am facing the same error when trying to make a start-dscconfiguration with my MOF file.
Error creating new policy:
{ Response status code does not indicate success: BadRequest (Bad Request). } \ at Set-TargetResource, C:\Program Files\WindowsPowerShell\Modules\Microsoft365dsc\1.24.522.1\DscResources\MSFT_AADConditionalAccessPolicy\MSFT_AADConditionalAccessPolicy.psm1: line 1682
I have one computer with module Microsoft365dsc version 1.24.522.1. I have update the Microsoft365dsc recently.
And I have another computer on which I did not updated recently and it is using module version 1.24.228.1.
With version 1.24.228.1, everything is working fine for EntraID ConditionAccess, I can created and update conditionalAccess from MOF file without error.
But with version 1.24.522.1, creation and update of conditionalAccess does not work anymore.
The DSC agent verbose log does not output any error, it seems that everything is working fine. But when checking the conditionalAccess M365 console, nothing changed. And looking at eventlog, there is this error "BadRequest".
It seems that since update of Microsoft365DSC, some functionality for conditionalaccess are not working anymore.
Moreover, I can see that there are new option for "TransferMethods" in conditionaccess setting has been added.
Does any one manage to create and update conditionalAccess object with version 1.24.522.1 and earlier version ?
Regards
from microsoft365dsc.
hello, One update from my end.
M365DSC deployment is successfull by removing from the MOF file, the line corresponding:
TransferMethods = "";
The M365DSC team has switched from "Update-MgBetaIdentityConditionalAccessPolicy" to Invoke-MgGraphRequest.
There maybe some fine tuning to do with this new property TransferMethods on $newparameters variable.
Great job to the team by the way.
Regards
Vi-Nam
from microsoft365dsc.
Related Issues (20)
- IntuneSettingCatalogASRRulesPolicyWindows10: Latest two Attack Surface Reduction rules not supported
- SPO export: Getting multiple The collection has not been initialized errors
- Get-M365DSCCompiledPermissionList with -AccessType Read returns Write permissions HOT 1
- IDX12729: Unable to decode the header '[PII of type 'System.String' is hidden. For more details, see https://aka.ms/IdentityModel/PII.]' as Base64Url encoded string. HOT 2
- SPOTenantSettings issue HOT 1
- IntuneAppConfigurationDevicePolicy: Not working HOT 12
- AADConditionalAccessPolicy: deployment bug since version 1.24.522.1. It's working with 1.24.515.2 HOT 4
- IntuneDeviceRemediation: Assignments are exported without display name HOT 6
- EXOSharedMailbox: Loading of module / connection to ExchangeOnline not proper
- Export-M365DSCConfiguration - System.Management.Automation.RuntimeException: You cannot call a method on a null-valued expression. HOT 3
- Examples of M365 DSC Blueprints HOT 5
- While Exporting Configuration of Planner | It return an empty .ps1 File HOT 2
- O365OrgSettings: Fix: Boolean Parameters default to false if not specified in configuration
- Composite resources at component level for devops HOT 1
- composite resource structure at component level (instead of workload level), for Devops HOT 2
- SPOTenantSettings: Failing to deploy or test the resource's state with latest Graph version HOT 20
- Partial Export was saved at... HOT 2
- ENHANCEMENT / FEATURE REQUEST - Filter on Property HOT 3
- Clarification on Setting Execution Policy for Microsoft 365 DSC HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from microsoft365dsc.