Skip to content

Commit

Permalink
Merge pull request #1126 from JohnDuprey/dev
Browse files Browse the repository at this point in the history
offboarding tweaks
  • Loading branch information
JohnDuprey authored Sep 27, 2024
2 parents 79516c4 + d7d26f2 commit 7ff3ac8
Show file tree
Hide file tree
Showing 3 changed files with 16 additions and 3 deletions.
3 changes: 2 additions & 1 deletion Modules/CIPPCore/Public/GraphHelper/New-ExoRequest.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -142,11 +142,12 @@ function New-ExoRequest {
ContentType = 'application/json'
}

$Return = Invoke-RestMethod @ExoRequestParams
$Return = Invoke-RestMethod @ExoRequestParams -ResponseHeadersVariable ResponseHeaders
$URL = $Return.'@odata.nextLink'
$Return
} until ($null -eq $URL)

Write-Verbose ($ResponseHeaders | ConvertTo-Json)
if ($ReturnedData.'@adminapi.warnings' -and $ReturnedData.value -eq $null) {
$ReturnedData.value = $ReturnedData.'@adminapi.warnings'
}
Expand Down
2 changes: 1 addition & 1 deletion Modules/CIPPCore/Public/Invoke-CIPPOffboardingJob.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ function Invoke-CIPPOffboardingJob {
if ($Options -is [string]) {
$Options = $Options | ConvertFrom-Json
}
$userid = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($username)" -tenantid $Tenantfilter).id
$userid = (New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users/$($username)?`$select=id" -tenantid $Tenantfilter).id
Write-Host "Running offboarding job for $username with options: $($Options | ConvertTo-Json -Depth 10)"
$Return = switch ($Options) {
{ $_.'ConvertToShared' -eq 'true' } {
Expand Down
14 changes: 13 additions & 1 deletion Modules/CIPPCore/Public/Remove-CIPPMailboxPermissions.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,19 @@ function Remove-CIPPMailboxPermissions {
}
}
'FullAccess' {
$permissions = New-ExoRequest -tenantid $TenantFilter -cmdlet 'Remove-MailboxPermission' -cmdParams @{Identity = $userid; user = $AccessUser; accessRights = @('FullAccess') } -Anchor $userid
$ExoRequest = @{
tenantid = $TenantFilter
cmdlet = 'Remove-MailboxPermission'
cmdParams = @{
Identity = $userid
user = $AccessUser
accessRights = @('FullAccess')
Verbose = $true
}
Anchor = $userid
}
New-ExoRequest @ExoRequest

if ($permissions -notlike "*because the ACE doesn't exist on the object.*") {
Write-LogMessage -user $ExecutingUser -API $APIName -message "Removed FullAccess permissions for $($AccessUser) from $($userid)'s mailbox." -Sev 'Info' -tenant $TenantFilter
"Removed FullAccess permissions for $($AccessUser) from $($userid)'s mailbox."
Expand Down

0 comments on commit 7ff3ac8

Please sign in to comment.