maester icon indicating copy to clipboard operation
maester copied to clipboard
verified publisher icon maester365

MT1020: Test-MtCaExclusionForDirectorySyncAccount reports $False when no ADConnect account present

Open michelderooij opened this issue 1 year ago • 0 comments

Used: Module 0.0.127

Test: MT1020 Test-MtCaExclusionForDirectorySyncAccount test "GET https://graph.microsoft.com/v1.0/directoryRoles(roleTemplateId='d29b2b05-8046-44ba-8758-1e26182fcf32')?$select=id" returns 404 Not Found when there is no ADConnect account present.

Result: Not Found is expected when there is no account with that role template present.

Expected: The test is about "All Conditional Access policies are configured to exclude directory synchronization accounts or do not scope them", which does not apply when there are no ADConnect sync accounts. So, the test should Pass, otherwise it will fail for all cloud-only organizations.

michelderooij avatar May 13 '24 10:05 michelderooij