Merge pull request #3376 from NikCharlebois/AADNamedLocationPolicy-ad…

…ded-CountryLookupMethod Aad named location policy added country lookup method
microsoft · Jun 12, 2023 · 12fef7c · 12fef7c
2 parents a435635 + 15d46fd
commit 12fef7c
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 2 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,9 @@
 
 # UNRELEASED
 
+* AADNamedLocationPolicy
+  * Added support forthe CountryLookupMethod property
+    FIXES [#3345](https://github.com/microsoft/Microsoft365DSC/issues/3345)
 * DEPENDENCIES
   * Updated Microsoft.Graph dependencies to version 1.28.0.
 

diff --git a/...Microsoft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.psm1 b/...Microsoft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.psm1
@@ -29,6 +29,11 @@ function Get-TargetResource
         [System.String[]]
         $CountriesAndRegions,
 
+        [Parameter()]
+        [System.String]
+        [ValidateSet('clientIpAddress','authenticatorAppGps')]
+        $CountryLookupMethod,
+
         [Parameter()]
         [System.Boolean]
         $IncludeUnknownCountriesAndRegions,
@@ -129,6 +134,7 @@ function Get-TargetResource
                 IpRanges                          = $NamedLocation.AdditionalProperties.ipRanges.cidrAddress
                 IsTrusted                         = $NamedLocation.AdditionalProperties.isTrusted
                 CountriesAndRegions               = [String[]]$NamedLocation.AdditionalProperties.countriesAndRegions
+                CountryLookupMethod               = $NamedLocation.AdditionalProperties.countryLookupMethod
                 IncludeUnknownCountriesAndRegions = $NamedLocation.AdditionalProperties.includeUnknownCountriesAndRegions
                 Ensure                            = 'Present'
                 ApplicationSecret                 = $ApplicationSecret
@@ -185,6 +191,11 @@ function Set-TargetResource
         [System.String[]]
         $CountriesAndRegions,
 
+        [Parameter()]
+        [System.String]
+        [ValidateSet('clientIpAddress','authenticatorAppGps')]
+        $CountryLookupMethod,
+
         [Parameter()]
         [System.Boolean]
         $IncludeUnknownCountriesAndRegions,
@@ -264,6 +275,7 @@ function Set-TargetResource
     {
         $desiredValues.Add('includeUnknownCountriesAndRegions', $IncludeUnknownCountriesAndRegions)
         $desiredValues.Add('countriesAndRegions', $CountriesAndRegions)
+        $desiredValues.Add('countryLookupMethod', $CountryLookupMethod)
     }
 
     # Named Location should exist but it doesn't
@@ -333,6 +345,11 @@ function Test-TargetResource
         [System.String[]]
         $CountriesAndRegions,
 
+        [Parameter()]
+        [System.String]
+        [ValidateSet('clientIpAddress','authenticatorAppGps')]
+        $CountryLookupMethod,
+
         [Parameter()]
         [System.Boolean]
         $IncludeUnknownCountriesAndRegions,
@@ -459,7 +476,6 @@ function Export-TargetResource
 
     try
     {
-
         $AADNamedLocations = Get-MgIdentityConditionalAccessNamedLocation -Filter $Filter -All:$true -ErrorAction Stop
         if ($AADNamedLocations.Length -eq 0)
         {

diff --git a/...oft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.schema.mof b/...oft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.schema.mof
@@ -7,6 +7,7 @@ class MSFT_AADNamedLocationPolicy : OMI_BaseResource
     [Write, Description("Specifies the IP ranges of the Named Location in Azure Active Directory")] String IpRanges[];
     [Write, Description("Specifies the isTrusted value for the Named Location in Azure Active Directory")] Boolean IsTrusted;
     [Write, Description("Specifies the countries and regions for the Named Location in Azure Active Directory")] String CountriesAndRegions[];
+    [Write, Description("Determines what method is used to decide which country the user is located in. Possible values are clientIpAddress(default) and authenticatorAppGps."), ValueMap{"clientIpAddress","authenticatorAppGps"}, Values{"clientIpAddress","authenticatorAppGps"}] String CountryLookupMethod;
     [Write, Description("Specifies the includeUnknownCountriesAndRegions value for the Named Location in Azure Active Directory")] Boolean IncludeUnknownCountriesAndRegions;
     [Write, Description("Specify if the Azure AD Named Location should exist or not."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure;
     [Write, Description("Credentials for the Microsoft Graph delegated permissions."), EmbeddedInstance("MSFT_Credential")] string Credential;

diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SCProtectionAlert/MSFT_SCProtectionAlert.psm1
@@ -135,7 +135,6 @@ function Get-TargetResource
         $CertificatePassword
     )
 
-
     Write-Verbose -Message "Getting configuration of SCProtectionAlert for $Name"
 
     if ($Global:CurrentModeIsExport)
-Original file line number
+Diff line change
@@ Expand Up / @@ -135,7 +135,6 @@ function Get-TargetResource @@
             $CertificatePassword
         )
         Write-Verbose -Message "Getting configuration of SCProtectionAlert for $Name"
         if ($Global:CurrentModeIsExport)
@@ Expand Down @@