fix: add more logging to mfa report

JohnDuprey · JohnDuprey · commit b5014c2c8646 · 2025-03-03T18:11:26.000-05:00
diff --git a/Modules/CIPPCore/Public/Get-CIPPMFAState.ps1 b/Modules/CIPPCore/Public/Get-CIPPMFAState.ps1
@@ -17,10 +17,12 @@ function Get-CIPPMFAState {
         }
     }
 
+    $Errors = [System.Collections.Generic.List[object]]::new()
     try {
         $SecureDefaultsState = (New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/identitySecurityDefaultsEnforcementPolicy' -tenantid $TenantFilter ).IsEnabled
     } catch {
         Write-Host "Secure Defaults not available: $($_.Exception.Message)"
+        $Errors.Add(@{Step = 'SecureDefaults'; Message = $_.Exception.Message })
     }
     $CAState = [System.Collections.Generic.List[object]]::new()
 
@@ -29,6 +31,7 @@ function Get-CIPPMFAState {
     } catch {
         $CAState.Add('Not Licensed for Conditional Access') | Out-Null
         $MFARegistration = $null
+        $Errors.Add(@{Step = 'MFARegistration'; Message = $_.Exception.Message })
         Write-Host "User registration details not available: $($_.Exception.Message)"
     }
 
@@ -58,6 +61,7 @@ function Get-CIPPMFAState {
         } catch {
             $CASuccess = $false
             $CAError = "CA policies not available: $($_.Exception.Message)"
+            $Errors.Add(@{Step = 'CAPolicies'; Message = $_.Exception.Message })
         }
     }
 
@@ -110,6 +114,7 @@ function Get-CIPPMFAState {
             CoveredByCA     = $CoveredByCA
             CAPolicies      = $UserCAState
             CoveredBySD     = $SecureDefaultsState
+            Errors          = $Errors
             RowKey          = [string]($_.UserPrincipalName).replace('#', '')
             PartitionKey    = 'users'
         }

Original file line number	Diff line number	Diff line change
`@@ -17,10 +17,12 @@ function Get-CIPPMFAState {`
`17`	`17`	`}`
`18`	`18`	`}`
`19`	`19`
	`20`	`+ $Errors = [System.Collections.Generic.List[object]]::new()`
`20`	`21`	`try {`
`21`	`22`	`$SecureDefaultsState = (New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/identitySecurityDefaultsEnforcementPolicy' -tenantid $TenantFilter ).IsEnabled`
`22`	`23`	`} catch {`
`23`	`24`	`Write-Host "Secure Defaults not available: $($_.Exception.Message)"`
	`25`	`+ $Errors.Add(@{Step = 'SecureDefaults'; Message = $_.Exception.Message })`
`24`	`26`	`}`
`25`	`27`	`$CAState = [System.Collections.Generic.List[object]]::new()`
`26`	`28`
`@@ -29,6 +31,7 @@ function Get-CIPPMFAState {`
`29`	`31`	`} catch {`
`30`	`32`	`$CAState.Add('Not Licensed for Conditional Access') \| Out-Null`
`31`	`33`	`$MFARegistration = $null`
	`34`	`+ $Errors.Add(@{Step = 'MFARegistration'; Message = $_.Exception.Message })`
`32`	`35`	`Write-Host "User registration details not available: $($_.Exception.Message)"`
`33`	`36`	`}`
`34`	`37`
`@@ -58,6 +61,7 @@ function Get-CIPPMFAState {`
`58`	`61`	`} catch {`
`59`	`62`	`$CASuccess = $false`
`60`	`63`	`$CAError = "CA policies not available: $($_.Exception.Message)"`
	`64`	`+ $Errors.Add(@{Step = 'CAPolicies'; Message = $_.Exception.Message })`
`61`	`65`	`}`
`62`	`66`	`}`
`63`	`67`
`@@ -110,6 +114,7 @@ function Get-CIPPMFAState {`
`110`	`114`	`CoveredByCA = $CoveredByCA`
`111`	`115`	`CAPolicies = $UserCAState`
`112`	`116`	`CoveredBySD = $SecureDefaultsState`
	`117`	`+ Errors = $Errors`
`113`	`118`	`RowKey = [string]($_.UserPrincipalName).replace('#', '')`
`114`	`119`	`PartitionKey = 'users'`
`115`	`120`	`}`