diff --git a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 index ff311a85737e..a787676e9de2 100644 --- a/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/Activity Triggers/Domain Analyser/Push-DomainAnalyserDomain.ps1 @@ -256,13 +256,16 @@ function Push-DomainAnalyserDomain { continue } # Test if there are already MSCNAME values set, skip domain if there is - $CurrentMSCNAMEInfo = ConvertFrom-Json $DomainObject.DomainAnalyser -Depth 10 - if (![string]::IsNullOrWhiteSpace($CurrentMSCNAMEInfo.MSCNAMEDKIMSelectors.selector1.Value) -and - ![string]::IsNullOrWhiteSpace($CurrentMSCNAMEInfo.MSCNAMEDKIMSelectors.selector2.Value)) { - $Result.MSCNAMEDKIMSelectors = $CurrentMSCNAMEInfo.MSCNAMEDKIMSelectors - continue + if ($null -ne $DomainObject.DomainAnalyser) { + $CurrentMSCNAMEInfo = ConvertFrom-Json $DomainObject.DomainAnalyser -Depth 10 + if (![string]::IsNullOrWhiteSpace($CurrentMSCNAMEInfo.MSCNAMEDKIMSelectors.selector1.Value) -and + ![string]::IsNullOrWhiteSpace($CurrentMSCNAMEInfo.MSCNAMEDKIMSelectors.selector2.Value)) { + $Result.MSCNAMEDKIMSelectors = $CurrentMSCNAMEInfo.MSCNAMEDKIMSelectors + continue + } } + # Compute the DKIM CNAME records from $Tenant.InitialDomainName according to this logic: https://learn.microsoft.com/en-us/defender-office-365/email-authentication-dkim-configure#syntax-for-dkim-cname-records # Test if it has a - in the domain name if ($Domain -like '*-*') { @@ -298,9 +301,9 @@ function Push-DomainAnalyserDomain { } $Result.MSCNAMEDKIMSelectors = $MSCNAMERecords } catch { - $Message = 'MS DKIM CNAME Error' - Write-LogMessage -API 'DomainAnalyser' -tenant $DomainObject.TenantId -message $Message -LogData (Get-CippException -Exception $_) -sev Error - return $Message + $ErrorMessage = Get-CippException -Exception $_ + Write-LogMessage -API 'DomainAnalyser' -tenant $DomainObject.TenantId -message "MS CNAME DKIM error: $($ErrorMessage.NormalizedError)" -LogData $ErrorMessage -sev Error + return $ErrorMessage.NormalizedError } } diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 index f720cf05d8d7..446a1c5fc5ac 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 @@ -55,7 +55,7 @@ function Get-Tenants { } if ($CleanOld) { - $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')&`$select=customer,autoExtendDuration,endDateTime`$top=300" -NoAuthCheck:$true + $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')&`$select=customer,autoExtendDuration,endDateTime&`$top=300" -NoAuthCheck:$true $GDAPList = foreach ($Relationship in $GDAPRelationships) { [PSCustomObject]@{ customerId = $Relationship.customer.tenantId @@ -86,7 +86,9 @@ function Get-Tenants { $ActiveRelationships = $GDAPList | Where-Object $IncludedTenantFilter | Where-Object { $_.customerId -notin $SkipListCache.customerId } $TenantList = $ActiveRelationships | Group-Object -Property customerId | ForEach-Object { - #Write-Host "Processing $($_.Name) to add to tenant list." + + # Write-Host (ConvertTo-Json -InputObject $_ -Depth 10) + # Write-Host "Processing $($_.Name), $($_.displayName) to add to tenant list." $ExistingTenantInfo = Get-CIPPAzDataTableEntity @TenantsTable -Filter "PartitionKey eq 'Tenants' and RowKey eq '$($_.Name)'" if ($TriggerRefresh.IsPresent -and $ExistingTenantInfo.customerId) { # Reset error count @@ -111,13 +113,17 @@ function Get-Tenants { } catch { try { #doing alternative method to temporarily get domains. Nightly refresh will fix this as it will be marked for renew. - $Domain = (New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/tenantRelationships/findTenantInformationByTenantId(tenantId='$($LatestRelationship.customerId)')" -NoAuthCheck:$true).defaultDomainName - $defaultDomainName = $Domain - $initialDomainName = $Domain + Write-Host 'Main method failed, trying alternative method.' + Write-Host "Domain variable is $Domain" + $Domain = (New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/tenantRelationships/findTenantInformationByTenantId(tenantId='$($LatestRelationship.customerId)')" -NoAuthCheck:$true ).defaultDomainName + Write-Host "Alternative method worked, got domain $Domain." $RequiresRefresh = $true - } catch { - Write-LogMessage -API 'Get-Tenants' -message "Tried adding $($LatestRelationship.customerId) to tenant list but failed to get domains - $($_.Exception.Message)" -level 'Critical' + $ErrorMessage = Get-CippException -Exception $_ + Write-LogMessage -API 'Get-Tenants' -message "Tried adding $($LatestRelationship.customerId) to tenant list but failed to get domains - $($_.Exception.Message)" -Sev 'Critical' -LogData $ErrorMessage + } finally { + $defaultDomainName = $Domain + $initialDomainName = $Domain } } Write-Host 'finished getting domain' @@ -175,7 +181,7 @@ function Get-Tenants { } foreach ($Tenant in $TenantList | Where-Object $IncludedTenantFilter) { - if ($Tenant.defaultDomainName -eq 'Invalid' -or !$Tenant.defaultDomainName) { + if ($Tenant.defaultDomainName -eq 'Invalid' -or [string]::IsNullOrWhiteSpace($Tenant.defaultDomainName)) { Write-LogMessage -API 'Get-Tenants' -message "We're skipping $($Tenant.displayName) as it has an invalid default domain name. Something is up with this instance." -level 'Critical' continue }