From 8f52bcff5de17c81469e778c5908b91f26d20a3c Mon Sep 17 00:00:00 2001 From: John Duprey Date: Fri, 24 Oct 2025 23:15:23 -0400 Subject: [PATCH 1/9] flex tweaks --- .../HTTP Functions/CIPP/Settings/Invoke-ExecApiClient.ps1 | 4 ++-- .../HTTP Functions/CIPP/Settings/Invoke-ExecBackendURLs.ps1 | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecApiClient.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecApiClient.ps1 index dd9fdd54ab66..7e3b75de8e8f 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecApiClient.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecApiClient.ps1 @@ -101,7 +101,7 @@ function Invoke-ExecApiClient { 'GetAzureConfiguration' { $Owner = $env:WEBSITE_OWNER_NAME Write-Information "Owner: $Owner" - if ($Owner -match '^(?[^+]+)\+(?[^-]+(?:-[^-]+)*?)(?:-[^-]+webspace(?:-Linux)?)?$') { + if ($env:WEBSITE_SKU -ne 'FlexConsumption' -and $Owner -match '^(?[^+]+)\+(?[^-]+(?:-[^-]+)*?)(?:-[^-]+webspace(?:-Linux)?)?$') { $RGName = $Matches.RGName } else { $RGName = $env:WEBSITE_RESOURCE_GROUP @@ -123,7 +123,7 @@ function Invoke-ExecApiClient { 'SaveToAzure' { $TenantId = $env:TenantID $Owner = $env:WEBSITE_OWNER_NAME - if ($Owner -match '^(?[^+]+)\+(?[^-]+(?:-[^-]+)*?)(?:-[^-]+webspace(?:-Linux)?)?$') { + if ($env:WEBSITE_SKU -ne 'FlexConsumption' -and $Owner -match '^(?[^+]+)\+(?[^-]+(?:-[^-]+)*?)(?:-[^-]+webspace(?:-Linux)?)?$') { $RGName = $Matches.RGName } else { $RGName = $env:WEBSITE_RESOURCE_GROUP diff --git a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecBackendURLs.ps1 b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecBackendURLs.ps1 index 40da6efbdd9c..a9ef82959f51 100644 --- a/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecBackendURLs.ps1 +++ b/Modules/CIPPCore/Public/Entrypoints/HTTP Functions/CIPP/Settings/Invoke-ExecBackendURLs.ps1 @@ -1,4 +1,4 @@ -Function Invoke-ExecBackendURLs { +function Invoke-ExecBackendURLs { <# .FUNCTIONALITY Entrypoint @@ -14,7 +14,7 @@ Function Invoke-ExecBackendURLs { Write-Host 'PowerShell HTTP trigger function processed a request.' $Owner = $env:WEBSITE_OWNER_NAME - if ($Owner -match '^(?[^+]+)\+(?[^-]+(?:-[^-]+)*?)(?:-[^-]+webspace(?:-Linux)?)?$') { + if ($env:WEBSITE_SKU -ne 'FlexConsumption' -and $Owner -match '^(?[^+]+)\+(?[^-]+(?:-[^-]+)*?)(?:-[^-]+webspace(?:-Linux)?)?$') { $RGName = $Matches.RGName } else { $RGName = $env:WEBSITE_RESOURCE_GROUP From 9fb0f856aa34d4dff9878b98622fd40c1b8bc840 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Mon, 27 Oct 2025 10:51:51 -0400 Subject: [PATCH 2/9] prevent cleanup if no relationships are returned --- Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 index 88c083dce27f..31e1a66e9b10 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 @@ -60,7 +60,17 @@ function Get-Tenants { } if ($CleanOld.IsPresent) { - $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')&`$select=customer,autoExtendDuration,endDateTime&`$top=300" -NoAuthCheck:$true + try { + $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')&`$select=customer,autoExtendDuration,endDateTime&`$top=300" -NoAuthCheck:$true + if (!$GDAPRelationships) { + Write-LogMessage -API 'Get-Tenants' -message 'Tried cleaning old tenants but failed to get GDAP relationships - No relationships returned' -Sev 'Critical' + throw 'Failed to get GDAP relationships for cleaning old tenants.' + } + } catch { + $ErrorMessage = Get-CippException -Exception $_ + Write-LogMessage -API 'Get-Tenants' -message "Tried cleaning old tenants but failed to get GDAP relationships - $($_.Exception.Message)" -Sev 'Critical' -LogData $ErrorMessage + throw $_ + } $GDAPList = foreach ($Relationship in $GDAPRelationships) { [PSCustomObject]@{ customerId = $Relationship.customer.tenantId From aa0fc23535a448de5da257086f2bfd5c54159489 Mon Sep 17 00:00:00 2001 From: rvdwegen Date: Tue, 28 Oct 2025 10:47:36 +0100 Subject: [PATCH 3/9] temp tenant count feedback --- Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 index 31e1a66e9b10..1f434ed35581 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 @@ -95,6 +95,9 @@ function Get-Tenants { } #get the full list of tenants $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')$RelationshipFilter&`$select=customer,autoExtendDuration,endDateTime&`$top=300" -NoAuthCheck:$true + Write-Host "GDAP relationships found: $($GDAPRelationships.Count)" + $totalTenants = $GDAPRelationships.customer.tenantId.Count | Select-Object -Unique + Write-Host "Total tenants found in relationships result: $totalTenants" $GDAPList = foreach ($Relationship in $GDAPRelationships) { [PSCustomObject]@{ customerId = $Relationship.customer.tenantId From 41820262a33b703ef54395bbe2fd55664072d4e5 Mon Sep 17 00:00:00 2001 From: rvdwegen Date: Tue, 28 Oct 2025 11:04:16 +0100 Subject: [PATCH 4/9] write-info --- Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 index 1f434ed35581..62dc9089aa6d 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 @@ -96,8 +96,9 @@ function Get-Tenants { #get the full list of tenants $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')$RelationshipFilter&`$select=customer,autoExtendDuration,endDateTime&`$top=300" -NoAuthCheck:$true Write-Host "GDAP relationships found: $($GDAPRelationships.Count)" + Write-Information "GDAP relationships found: $($GDAPRelationships.Count)" $totalTenants = $GDAPRelationships.customer.tenantId.Count | Select-Object -Unique - Write-Host "Total tenants found in relationships result: $totalTenants" + Write-Information "Total tenants found in relationships result: $totalTenants" $GDAPList = foreach ($Relationship in $GDAPRelationships) { [PSCustomObject]@{ customerId = $Relationship.customer.tenantId From b783c3d563b456d4c23b74687c5adb14b319d982 Mon Sep 17 00:00:00 2001 From: rvdwegen Date: Tue, 28 Oct 2025 12:16:02 +0100 Subject: [PATCH 5/9] remove top 300 for now --- Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 index 62dc9089aa6d..66d14d2be0c5 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 @@ -94,7 +94,7 @@ function Get-Tenants { throw 'RefreshToken not set. Cannot get tenant list.' } #get the full list of tenants - $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')$RelationshipFilter&`$select=customer,autoExtendDuration,endDateTime&`$top=300" -NoAuthCheck:$true + $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')$RelationshipFilter&`$select=customer,autoExtendDuration,endDateTime" -NoAuthCheck:$true Write-Host "GDAP relationships found: $($GDAPRelationships.Count)" Write-Information "GDAP relationships found: $($GDAPRelationships.Count)" $totalTenants = $GDAPRelationships.customer.tenantId.Count | Select-Object -Unique From 1883a42411276afe3c488c48fb350aa36e43bb4f Mon Sep 17 00:00:00 2001 From: rvdwegen Date: Tue, 28 Oct 2025 15:03:48 +0100 Subject: [PATCH 6/9] unique tenants log --- Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 index 66d14d2be0c5..4dc3618c077d 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 @@ -97,8 +97,8 @@ function Get-Tenants { $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')$RelationshipFilter&`$select=customer,autoExtendDuration,endDateTime" -NoAuthCheck:$true Write-Host "GDAP relationships found: $($GDAPRelationships.Count)" Write-Information "GDAP relationships found: $($GDAPRelationships.Count)" - $totalTenants = $GDAPRelationships.customer.tenantId.Count | Select-Object -Unique - Write-Information "Total tenants found in relationships result: $totalTenants" + $totalTenants = $GDAPRelationships.customer.tenantId | Select-Object -Unique + Write-Information "Total tenants found in relationships result: $($totalTenants.count)" $GDAPList = foreach ($Relationship in $GDAPRelationships) { [PSCustomObject]@{ customerId = $Relationship.customer.tenantId From d4830f6010c5dafcd628e070513ee60b98fabcc4 Mon Sep 17 00:00:00 2001 From: rvdwegen Date: Tue, 28 Oct 2025 16:03:14 +0100 Subject: [PATCH 7/9] change to v1 --- Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 index 4dc3618c077d..9a67193e698c 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 @@ -94,7 +94,7 @@ function Get-Tenants { throw 'RefreshToken not set. Cannot get tenant list.' } #get the full list of tenants - $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')$RelationshipFilter&`$select=customer,autoExtendDuration,endDateTime" -NoAuthCheck:$true + $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')$RelationshipFilter&`$select=customer,autoExtendDuration,endDateTime" -NoAuthCheck:$true Write-Host "GDAP relationships found: $($GDAPRelationships.Count)" Write-Information "GDAP relationships found: $($GDAPRelationships.Count)" $totalTenants = $GDAPRelationships.customer.tenantId | Select-Object -Unique From b0127f39a618df687b0e260416999bced45b9243 Mon Sep 17 00:00:00 2001 From: rvdwegen Date: Wed, 29 Oct 2025 12:07:43 +0100 Subject: [PATCH 8/9] remove MLT odata filter --- Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 index 9a67193e698c..c3e3847b8b07 100644 --- a/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 +++ b/Modules/CIPPCore/Public/GraphHelper/Get-Tenants.ps1 @@ -61,7 +61,9 @@ function Get-Tenants { if ($CleanOld.IsPresent) { try { - $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')&`$select=customer,autoExtendDuration,endDateTime&`$top=300" -NoAuthCheck:$true + $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active'&`$select=customer,autoExtendDuration,endDateTime" -NoAuthCheck:$true + # Filter out MLT relationships locally + $GDAPRelationships = $GDAPRelationships | Where-Object { $_.displayName -notlike 'MLT_*' } if (!$GDAPRelationships) { Write-LogMessage -API 'Get-Tenants' -message 'Tried cleaning old tenants but failed to get GDAP relationships - No relationships returned' -Sev 'Critical' throw 'Failed to get GDAP relationships for cleaning old tenants.' @@ -94,7 +96,9 @@ function Get-Tenants { throw 'RefreshToken not set. Cannot get tenant list.' } #get the full list of tenants - $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active' and not startsWith(displayName,'MLT_')$RelationshipFilter&`$select=customer,autoExtendDuration,endDateTime" -NoAuthCheck:$true + $GDAPRelationships = New-GraphGetRequest -uri "https://graph.microsoft.com/v1.0/tenantRelationships/delegatedAdminRelationships?`$filter=status eq 'active'$RelationshipFilter&`$select=customer,autoExtendDuration,endDateTime" -NoAuthCheck:$true + # Filter out MLT relationships locally + $GDAPRelationships = $GDAPRelationships | Where-Object { $_.displayName -notlike 'MLT_*' } Write-Host "GDAP relationships found: $($GDAPRelationships.Count)" Write-Information "GDAP relationships found: $($GDAPRelationships.Count)" $totalTenants = $GDAPRelationships.customer.tenantId | Select-Object -Unique From 3433d059375af2265087c0688904d0ef96c57c30 Mon Sep 17 00:00:00 2001 From: John Duprey Date: Wed, 29 Oct 2025 08:52:34 -0700 Subject: [PATCH 9/9] Update version_latest.txt --- version_latest.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/version_latest.txt b/version_latest.txt index f6f89a8f8109..0431022f1fa0 100644 --- a/version_latest.txt +++ b/version_latest.txt @@ -1 +1 @@ -8.6.1 +8.6.2 \ No newline at end of file