From 8f29b4c9331c257bf26d661f492fca4cc85aaca1 Mon Sep 17 00:00:00 2001 From: Nik Charlebois Date: Wed, 4 Dec 2024 07:31:38 -0500 Subject: [PATCH] AADIdentityAPIConnector - Fix Export Logic --- CHANGELOG.md | 2 ++ .../MSFT_AADIdentityAPIConnector.psm1 | 19 +++++++++++++++---- 2 files changed, 17 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 059fe494b6..c91884078e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,8 @@ * Added support for #microsoft.graph.accessReviewInactiveUsersQueryScope in odatatype. * AADActivityBasedTimeoutPolicy * Added support for AccessTokens. +* AADIdentityAPIConnector + * Changed the export logic to export passwords as credential objects instead of string. * AADRoleManagementPolicyRule * Added the logic to handle filters in the Export logic flow. * EXOManagementRoleAssignment diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/MSFT_AADIdentityAPIConnector.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/MSFT_AADIdentityAPIConnector.psm1 index e41811a9d2..ce9c1eb5be 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/MSFT_AADIdentityAPIConnector.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADIdentityAPIConnector/MSFT_AADIdentityAPIConnector.psm1 @@ -124,9 +124,9 @@ function Get-TargetResource foreach ($currentCertificate in $getValue.AuthenticationConfiguration.AdditionalProperties.certificateList) { $myCertificate = @{} - $myCertificate.Add('Pkcs12Value', 'Please insert a valid Pkcs12Value') + $myCertificate.Add('Pkcs12Value', "New-Object System.Management.Automation.PSCredential('Password', (ConvertTo-SecureString ('Please insert a valid Pkcs12Value') -AsPlainText -Force))") $myCertificate.Add('Thumbprint', $currentCertificate.thumbprint) - $myCertificate.Add('Password', 'Please insert a valid Password for the certificate') + $myCertificate.Add('Password', "New-Object System.Management.Automation.PSCredential('Password', (ConvertTo-SecureString ('Please insert a valid Password for the certificate') -AsPlainText -Force))") $myCertificate.Add('IsActive', $currentCertificate.isActive) if ($myCertificate.values.Where({ $null -ne $_ }).Count -gt 0) @@ -661,6 +661,11 @@ function Export-TargetResource } foreach ($config in $getValue) { + if ($null -ne $Global:M365DSCExportResourceInstancesCount) + { + $Global:M365DSCExportResourceInstancesCount++ + } + $displayedKey = $config.Id if (-not [String]::IsNullOrEmpty($config.displayName)) { @@ -685,12 +690,11 @@ function Export-TargetResource } $Results = Get-TargetResource @Params - $Results.Password = 'Please insert a valid Password' + $Results.Password = "New-Object System.Management.Automation.PSCredential('Password', (ConvertTo-SecureString ('Please insert a valid Password') -AsPlainText -Force));" $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results - if ($null -ne $Results.Certificates) { $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString ` @@ -718,6 +722,13 @@ function Export-TargetResource $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Certificates' -IsCIMArray:$True } + # Replace the main password variable. + $currentDSCBlock = $currentDSCBlock.Replace('"New-Object System.', 'New-Object System.').Replace(') -AsPlainText -Force));";', ') -AsPlainText -Force));') + + # Replace the certificate variables. + $currentDSCBlock = $currentDSCBlock.Replace("'New-Object System.", "New-Object System.").Replace(" -Force))'", " -Force))") + $currentDSCBlock = $currentDSCBlock.Replace("(ConvertTo-SecureString (''", "(ConvertTo-SecureString ('").Replace("''Password''", "'Password'").Replace("'') -AsPlainText", "') -AsPlainText") + $dscContent += $currentDSCBlock Save-M365DSCPartialExport -Content $currentDSCBlock ` -FileName $Global:PartialExportFileName