diff --git a/CHANGELOG.md b/CHANGELOG.md index 6b5766a2b2..36b789c6df 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,8 @@ * MISC * Updated required permissions of several resources FIXES [#2866](https://github.com/microsoft/Microsoft365DSC/issues/2866) + * Added filter to Update-M365DSCAzureAdApplication to be more specific. + FIXES [2565](https://github.com/microsoft/Microsoft365DSC/issues/2565) # 1.23.208.1 @@ -29,7 +31,7 @@ * Fixed issue where Attachments Uri weren't properly exiting single quotes. FIXES [#2822](https://github.com/microsoft/Microsoft365DSC/issues/2822) * PPPowerAppsEnvironment - * Adds support for Developr SKU and fix for Teams SKU + * Adds support for Developer SKU and fix for Teams SKU FIXES [#2821](https://github.com/microsoft/Microsoft365DSC/issues/2821) * SCProtectionAlert * Support for certificate based auth @@ -117,7 +119,7 @@ * Refactored to leverage the official cmdlets instead of using the legacy GraphHandlers. FIXES [#2767](https://github.com/microsoft/Microsoft365DSC/issues/2767) * Changed Export-TargetResource to call Get-M365DSCExportContentForResource - to simplify/conform + variables for authentation are added correctly + to simplify/conform + variables for authentication are added correctly FIXES [#2784](https://github.com/microsoft/Microsoft365DSC/issues/2784) * SCRetentionCompliancePolicy * Fixes an issue where the SkypeLocation was trying to be converted to a string when it was an array. diff --git a/Modules/Microsoft365DSC/Modules/M365DSCPermissions.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCPermissions.psm1 index 7fe7e9f90f..ee4d77702f 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCPermissions.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCPermissions.psm1 @@ -1361,10 +1361,14 @@ function Update-M365DSCAzureAdApplication $context = Get-AzContext } + $resourceAppIdMsGraph = '00000003-0000-0000-c000-000000000000' + $resourceAppIdSharePoint = '00000003-0000-0ff1-ce00-000000000000' + $resourceAppIdExchange = '00000002-0000-0ff1-ce00-000000000000' + $allPrincipals = Get-AzADServicePrincipal - $graphSvcprincipal = $allPrincipals | Where-Object -FilterScript { $_.DisplayName -eq 'Microsoft Graph' } - $spSvcprincipal = $allPrincipals | Where-Object -FilterScript { $_.DisplayName -eq 'Office 365 SharePoint Online' } - $exSvcprincipal = $allPrincipals | Where-Object -FilterScript { $_.DisplayName -eq 'Office 365 Exchange Online' } + $graphSvcprincipal = $allPrincipals | Where-Object -FilterScript { $_.AppId -eq $resourceAppIdMsGraph } + $spSvcprincipal = $allPrincipals | Where-Object -FilterScript { $_.AppId -eq $resourceAppIdSharePoint } + $exSvcprincipal = $allPrincipals | Where-Object -FilterScript { $_.AppId -eq $resourceAppIdExchange } Write-LogEntry ' ' Write-LogEntry 'Checking existance of AD Application'