You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Details of the scenario you tried and the problem that is occurring
If there is a MessageContainsDataClassifications value set the format is an array of strings containing both single and double quotation marks making the assignment of the value to the property in the PSCustom object that is created to later be parsed for Test and Set to be invalid. The commands Set-TransportRule and New-TransportRule both require an array of Hashtables and NOT and array of strings. The string array as said is invalid due to PS parsing and it would not be able to be converted using casting (i.e. static Parse method) regardless. The fix would be to convert the string into a format (HashTable) which can be used. The issue is not only the format but also the content of the strings representing the hashtables. some values are translated into human-readable values which are not valid for making change (i.e. Infinity and recommended). So the fix is somewhat non-trivial.
Verbose logs showing the problem
Suggested solution to the issue
Creating a conversion function within the Resource.psm1 and calling this to convert the string[] into a usable
The schema.mof will need to be changed to reflect a change of the property type from String[} to Hashtable[]
Test logic will need to be changed to compare the array of Hashtables
Here is a draft conversion function.
function ConvertDataClassifications-ToHashTable
{
[OutputType([Hashtable[]])]
[CmdletBinding()]
param([String[]]$DataClassificationString)
$DataClassificationCollection = [System.collections.ArrayList]@()
if($null -eq $Global:AllDataClassifications)
{
# Define Lookup using GUID
$Global:AllDataClassifications = @{}
foreach($DC in Get-DataClassification)
{
$Global:AllDataClassifications.Add($DC.identity,$DC)
}
}
$Pattern = '\{id:"(?<id>[^"\,]+)",\s*guid:"(?<guid>[^"\,]+)",\s*displayName:"(?<Name>[^"\,]+)",\s*minCount:(?<minCount>[^"\,]+),\s*maxCount:(?<maxCount>[^"\,]+),\s*minConfidence:(?<minConfidence>[^"\,]+),\s*maxConfidence:(?<maxConfidence>[^"\,\}]+)'
foreach($DCS in $DataClassificationString)
{
$DataClassification = $null
if($DCS -match $Pattern)
{
$Matches.Remove(0)
$DataClassificationSettings = $Matches.clone()
$DataClassification = $Global:AllDataClassifications[$DataClassificationSettings.guid]
## If Properties that should be numeric are not
# Query the number that should be set for DataClassicfication
if($DataClassificationSettings.minconfidence -match 'Recommended')
{
$DataClassificationSettings.minConfidence = $DataClassification.RecommendedConfidence
}
# Assume for now that if Infinitiy that maxCOunt is not Set explicitly
if($DataClassificationSettings.maxCount -match 'Infinity')
{
# TODO What numeric value is Inifinity
# $DataClassificationSettings.maxCount = -1 #$DataClassification | fl * -Force
# Remove Property and assume for not Infinity is default is not set
$DataClassificationSettings.Remove('maxcount')
}
$DataClassificationCollection.Add($DataClassificationSettings) | Out-Null
}
else
{
Write-Warning "CANNOT parse '$DCS'"
}
}
return $DataClassificationCollection
}
The DSC configuration that is used to reproduce the issue (as detailed as possible)
Export-M365DSCConfiguration-Components 'EXOTransportRule'-Credential $cred
.\M365TenantConfig.ps1
# Open M365TenantConfig.ps1 in Editor with PS Syntax parsing and it will be clear# Below excerpt with HashTable Key(i.e. Resoure Property) as a variable
$MessageContainsDataClassifications = @("{id:"ABA Routing Number", guid:"cb353f78-2b72-4c3c-8827-92ebe4f69fdf", displayName:"ABA Routing Number", minCount:1, maxCount:Infinity, minConfidence:Recommended, maxConfidence:100}","{id:"Credit Card Number", guid:"50842eb7-edc8-4019-85dd-5a5c1f2bb085", displayName:"Credit Card Number", minCount:1, maxCount:Infinity, minConfidence:Recommended, maxConfidence:100}","{id:"Drug Enforcement Agency (DEA) Number", guid:"9a5445ad-406e-43eb-8bd7-cac17ab6d0e4", displayName:"Drug Enforcement Agency (DEA) Number", minCount:1, maxCount:Infinity, minConfidence:Recommended, maxConfidence:100}","{id:"U.S. / U.K. Passport Number", guid:"178ec42a-18b4-47cc-85c7-d62c92fd67f8", displayName:"U.S. / U.K. Passport Number", minCount:1, maxCount:Infinity, minConfidence:Recommended, maxConfidence:100}","{id:"U.S. Bank Account Number", guid:"a2ce32a8-f935-4bb6-8e96-2a5157672e2c", displayName:"U.S. Bank Account Number", minCount:1, maxCount:Infinity, minConfidence:Recommended, maxConfidence:100}","{id:"U.S. Individual Taxpayer Identification Number (ITIN)", guid:"e55e2a32-f92d-4985-a35d-a0b269eb687b", displayName:"U.S. Individual Taxpayer Identification Number (ITIN)", minCount:1, maxCount:Infinity, minConfidence:Recommended, maxConfidence:100}","{id:"U.S. Social Security Number (SSN)", guid:"a44669fe-0d48-453d-a9b1-2cc83f2cba77", displayName:"U.S. Social Security Number (SSN)", minCount:1, maxCount:Infinity, minConfidence:Recommended, maxConfidence:100}");
The operating system the target node is running
@{OsName=Microsoft Windows 10 Enterprise; OsOperatingSystemSKU=EnterpriseEdition; OsArchitecture=64-bit; WindowsVersion=2009; WindowsBuildLabEx=19041.1.amd64fre.vb_release.191206-1406; OsLanguage=en-US; OsMuiLanguages=System.String[]}
Version of the DSC module that was used ('dev' if using current dev branch)
Just did a POC minimized version of EXOTransportRule and if the property MessageContainsDataClassifications is reduced to just contain @(@{Name=''}) without checking the other properties of the Data sensitivity definition then a simple check would be to see that all are present if not then set using the default property values (i.e. do not supply values). Else either a special case would have to made for this resource property and given that what you get back from Get-TransportRule is NOT valid for doing a Set or New-TransportRule with there will be a lot of potential mapping issues (i.e StringName to Int value).
I did not further check yet if Hashtable[] are handled properly in Test-M365DSCParameterState but even if what you get (current - String[]) with what you desire (MessageContainsDataClassifications (Hashtable[]) cannot be compared property/generically
Just adding a comment that the format Get-TransportRule was returning for MessageContainsDataClassifications is JSON5 ... took me a while to understand that.
NikCharlebois
added a commit
to NikCharlebois/Microsoft365DSC
that referenced
this issue
Jul 21, 2022
Details of the scenario you tried and the problem that is occurring
If there is a MessageContainsDataClassifications value set the format is an array of strings containing both single and double quotation marks making the assignment of the value to the property in the PSCustom object that is created to later be parsed for Test and Set to be invalid. The commands Set-TransportRule and New-TransportRule both require an array of Hashtables and NOT and array of strings. The string array as said is invalid due to PS parsing and it would not be able to be converted using casting (i.e. static Parse method) regardless. The fix would be to convert the string into a format (HashTable) which can be used. The issue is not only the format but also the content of the strings representing the hashtables. some values are translated into human-readable values which are not valid for making change (i.e. Infinity and recommended). So the fix is somewhat non-trivial.
Verbose logs showing the problem
Suggested solution to the issue
Creating a conversion function within the Resource.psm1 and calling this to convert the string[] into a usable
The schema.mof will need to be changed to reflect a change of the property type from String[} to Hashtable[]
Test logic will need to be changed to compare the array of Hashtables
Here is a draft conversion function.
function ConvertDataClassifications-ToHashTable
{
}
The DSC configuration that is used to reproduce the issue (as detailed as possible)
The operating system the target node is running
@{OsName=Microsoft Windows 10 Enterprise; OsOperatingSystemSKU=EnterpriseEdition; OsArchitecture=64-bit; WindowsVersion=2009; WindowsBuildLabEx=19041.1.amd64fre.vb_release.191206-1406; OsLanguage=en-US; OsMuiLanguages=System.String[]}
Version of the DSC module that was used ('dev' if using current dev branch)
ModuleType Version Name ExportedCommands
Manifest 1.22.216.1 Microsoft365DSC {Assert-M365DSCBlueprint, Assert-M365DSCTemplate, Compare-M365DSCConfigurations, Confirm-M365DSCDependencies...}
The text was updated successfully, but these errors were encountered: