Skip to content

v1.6.1

Choose a tag to compare

@yusha yusha released this 24 Jun 23:11

Fixes

  • The tool now obtains missing permissions itself — no portal step. If a required Microsoft Graph scope isn't in your sign-in token (most often the admin-restricted Policy.ReadWrite.ConditionalAccess that Step 10 needs), the tool re-opens the consent window automatically and asks you to consent on behalf of the organization. Just accept the dialog (tick "Consent on behalf of your organization").
  • Step 10 no longer fails the whole offboarding. The Conditional Access policy is optional, report-only defense-in-depth. The "Offboarded Users" group membership — the actual mechanism — is always created; if the report-only policy still can't be created, the step records a clear warning with remediation instead of a red failure, so a fully-completed offboarding is reported as successful.

Full Changelog: v1.6.0...v1.6.1