From 62ac24d16bec53bbb5546f959819198ee81f202c Mon Sep 17 00:00:00 2001 From: Ricardo Mestre Date: Mon, 1 Jul 2024 19:04:53 +0100 Subject: [PATCH 1/2] Recreate policy instead of changing it --- CHANGELOG.md | 9 ++++++++- .../MSFT_EXOAuthenticationPolicy.psm1 | 4 +++- 2 files changed, 11 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f7bc8ff791..8ad9ac561d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ # Change log for Microsoft365DSC +# UNRELEASED + +* EXOAuthenticationPolicy + * If policy needs changes then recreate it to avoid issue with + `Set-AuthenticationPolicy` cmdlet + FIXES [#4819](https://github.com/microsoft/Microsoft365DSC/issues/4819) + # 1.24.626.1 * AADGroup @@ -19,7 +26,7 @@ * M365DSCUtil * Fixes an issue where the comparison with null-valued desired value throws an error. * DEPENDENCIES - * Updated MSCloudLoginAssistant to version 1.1.18 + * Updated MSCloudLoginAssistant to version 1.1.18 * M365DSCResourceGenerator * Update CimInstance comparison template * MISC diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAuthenticationPolicy/MSFT_EXOAuthenticationPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAuthenticationPolicy/MSFT_EXOAuthenticationPolicy.psm1 index 741cc99558..4d0cf695a3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAuthenticationPolicy/MSFT_EXOAuthenticationPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAuthenticationPolicy/MSFT_EXOAuthenticationPolicy.psm1 @@ -329,10 +329,12 @@ function Set-TargetResource Remove-AuthenticationPolicy -Identity $Identity -Confirm:$false } # CASE: Authentication Policy exists and it should, but has different values than the desired one + # Policy cannot be changed so it must be deleted and re-created again elseif ($Ensure -eq 'Present' -and $currentAuthenticationPolicyConfig.Ensure -eq 'Present') { Write-Verbose -Message "Authentication Policy '$($Identity)' exists. Updating settings." - Set-AuthenticationPolicy -Identity $Identity @NewAuthenticationPolicyParams | Out-Null + Remove-AuthenticationPolicy -Identity $Identity -Confirm:$false + New-AuthenticationPolicy -Name $Identity @NewAuthenticationPolicyParams | Out-Null } } From 8a6b4d8696e6299bba64ed9dd09943f3e87fde27 Mon Sep 17 00:00:00 2001 From: Ricardo Mestre Date: Mon, 1 Jul 2024 19:54:29 +0100 Subject: [PATCH 2/2] Fix unit tests --- .../Microsoft365DSC.EXOAuthenticationPolicy.Tests.ps1 | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOAuthenticationPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOAuthenticationPolicy.Tests.ps1 index e15730e8d0..e0015545ef 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOAuthenticationPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOAuthenticationPolicy.Tests.ps1 @@ -41,9 +41,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName New-AuthenticationPolicy { } - Mock -CommandName Set-AuthenticationPolicy { - } - Mock -CommandName Remove-AuthenticationPolicy { } @@ -195,7 +192,8 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { It 'Should call the Set method' { Set-TargetResource @testParams - Should -Invoke -CommandName Set-AuthenticationPolicy -Exactly 1 + Should -Invoke -CommandName Remove-AuthenticationPolicy -Exactly 1 + Should -Invoke -CommandName New-AuthenticationPolicy -Exactly 1 } }