Skip to content

Commit

Permalink
Merge pull request #4324 from andikrueger/andikrueger/issue4265
Browse files Browse the repository at this point in the history
AADUser: Ensure: Absent logic seems wrong
  • Loading branch information
NikCharlebois authored Feb 14, 2024
2 parents 986382b + b515483 commit 3c83f2f
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 24 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,9 @@
* AADRoleEligibilityScheduleRequest
* Fixed an issue where an error was thrown if no requests were found instead
of simply returning the Null object.
* AADUser
* Fixed and issue where an user would be created even if the resrouce was set to absent.
FIXES [[#4265](https://github.com/microsoft/Microsoft365DSC/issues/4265)]
* EXOMobileDeviceMailboxPolicy
* Fixes an issue where an empty MinPasswordLength value was always passed down
to the update logic flow.
Expand Down
49 changes: 25 additions & 24 deletions Modules/Microsoft365DSC/DSCResources/MSFT_AADUser/MSFT_AADUser.psm1
Original file line number Diff line number Diff line change
Expand Up @@ -180,8 +180,8 @@ function Get-TargetResource
}
else
{
Write-Verbose -Message "Retrieving user from the exported instances"
$user = $Script:M365DSCExportInstances | Where-Object -FilterScript {$_.UserPrincipalName -eq $UserPrincipalName}
Write-Verbose -Message 'Retrieving user from the exported instances'
$user = $Script:M365DSCExportInstances | Where-Object -FilterScript { $_.UserPrincipalName -eq $UserPrincipalName }
}

Write-Verbose -Message "Found User $($UserPrincipalName)"
Expand All @@ -193,7 +193,7 @@ function Get-TargetResource
}

# return membership of static groups only
[array]$currentMemberOf = (Get-MgUserMemberOfAsGroup -UserId $UserPrincipalName -All | Where-Object -FilterScript {$_.GroupTypes -notcontains 'DynamicMembership'}).DisplayName
[array]$currentMemberOf = (Get-MgUserMemberOfAsGroup -UserId $UserPrincipalName -All | Where-Object -FilterScript { $_.GroupTypes -notcontains 'DynamicMembership' }).DisplayName

$userPasswordPolicyInfo = $user | Select-Object UserprincipalName, @{
N = 'PasswordNeverExpires'; E = { $_.PasswordPolicies -contains 'DisablePasswordExpiration' }
Expand All @@ -204,7 +204,7 @@ function Get-TargetResource
{
$Script:allDirectoryRoleAssignment = Get-MgBetaRoleManagementDirectoryRoleAssignment -All
}
$assignedRoles = $Script:allDirectoryRoleAssignment | Where-Object -FilterScript {$_.PrincipalId -eq $user.Id}
$assignedRoles = $Script:allDirectoryRoleAssignment | Where-Object -FilterScript { $_.PrincipalId -eq $user.Id }

$rolesValue = @()
if ($null -eq $Script:allAssignedRoles -and $assignedRoles.Length -gt 0)
Expand All @@ -213,7 +213,7 @@ function Get-TargetResource
}
foreach ($assignedRole in $assignedRoles)
{
$currentRoleInfo = $Script:allAssignedRoles | Where-Object -FilterScript {$_.Id -eq $assignedRole.RoleDefinitionId}
$currentRoleInfo = $Script:allAssignedRoles | Where-Object -FilterScript { $_.Id -eq $assignedRole.RoleDefinitionId }
$rolesValue += $currentRoleInfo.DisplayName
}

Expand Down Expand Up @@ -418,7 +418,7 @@ function Set-TargetResource
Write-Verbose -Message "Removing User {$UserPrincipalName}"
Remove-MgUser -UserId $UserPrincipalName
}
else
elseif ($Ensure -eq 'Present')
{
$PasswordPolicies = $null
if ($PasswordNeverExpires)
Expand Down Expand Up @@ -498,7 +498,7 @@ function Set-TargetResource

if ($null -ne $Password)
{
Write-Verbose -Message "PasswordProfile property will not be updated"
Write-Verbose -Message 'PasswordProfile property will not be updated'
}

$CreationParams.Add('UserId', $UserPrincipalName)
Expand Down Expand Up @@ -584,20 +584,20 @@ function Set-TargetResource
if ($null -eq $group)
{
New-M365DSCLogEntry -Message 'Error updating data:' `
-Exception "Attempting to add a user to a group that doesn't exist" `
-Source $($MyInvocation.MyCommand.Source) `
-TenantId $TenantId `
-Credential $Credential
-Exception "Attempting to add a user to a group that doesn't exist" `
-Source $($MyInvocation.MyCommand.Source) `
-TenantId $TenantId `
-Credential $Credential

throw "Group '$memberOfGroup' does not exist in tenant"
}
if ($group.GroupTypes -contains 'DynamicMembership')
{
New-M365DSCLogEntry -Message 'Error updating data:' `
-Exception "Attempting to add a user to a dynamic group" `
-Source $($MyInvocation.MyCommand.Source) `
-TenantId $TenantId `
-Credential $Credential
-Exception 'Attempting to add a user to a dynamic group' `
-Source $($MyInvocation.MyCommand.Source) `
-TenantId $TenantId `
-Credential $Credential

throw "Cannot add user $UserPrincipalName to group '$memberOfGroup' because it is a dynamic group"
}
Expand All @@ -615,20 +615,20 @@ function Set-TargetResource
if ($null -eq $group)
{
New-M365DSCLogEntry -Message 'Error updating data:' `
-Exception "Attempting to add a user to a group that doesn't exist" `
-Source $($MyInvocation.MyCommand.Source) `
-TenantId $TenantId `
-Credential $Credential
-Exception "Attempting to add a user to a group that doesn't exist" `
-Source $($MyInvocation.MyCommand.Source) `
-TenantId $TenantId `
-Credential $Credential

throw "Group '$($_.InputObject)' does not exist in tenant"
}
if ($group.GroupTypes -contains 'DynamicMembership')
{
New-M365DSCLogEntry -Message 'Error updating data:' `
-Exception "Attempting to add a user to a dynamic group" `
-Source $($MyInvocation.MyCommand.Source) `
-TenantId $TenantId `
-Credential $Credential
-Exception 'Attempting to add a user to a dynamic group' `
-Source $($MyInvocation.MyCommand.Source) `
-TenantId $TenantId `
-Credential $Credential

throw "Cannot add user $UserPrincipalName to group '$($_.InputObject)' because it is a dynamic group"
}
Expand Down Expand Up @@ -914,7 +914,8 @@ function Export-TargetResource
Property = $propertiesToRetrieve
ErrorAction = 'Stop'
}
if ($Filter -like "*endsWith*") {
if ($Filter -like '*endsWith*')
{
$ExportParameters.Add('CountVariable', 'count')
$ExportParameters.Add('ConsistencyLevel', 'eventual')
}
Expand Down

0 comments on commit 3c83f2f

Please sign in to comment.