From e81c61309659e924219306a71c463eae84ea51b5 Mon Sep 17 00:00:00 2001
From: AdminDroid <49208841+admindroid-community@users.noreply.github.com>
Date: Fri, 9 Aug 2024 14:49:39 +0530
Subject: [PATCH] Export Conditional Access Policies

While converting object Ids to name, error thrown for deleted objects-fixed
---
 Export CA policies/ExportCAPolicies.ps1 | 28 ++++++++++++++++++-------
 1 file changed, 20 insertions(+), 8 deletions(-)

diff --git a/Export CA policies/ExportCAPolicies.ps1 b/Export CA policies/ExportCAPolicies.ps1
index b773c0d..bae5a80 100644
--- a/Export CA policies/ExportCAPolicies.ps1	
+++ b/Export CA policies/ExportCAPolicies.ps1	
@@ -2,7 +2,7 @@
 =============================================================================================
 Name:          Export Conditional Access Policies to Excel using PowerShell  
 Description:   The script exports all Conditional Access policies to an Excel file. 
-Version:       2.0
+Version:       2.2
 Website:       o365reports.com
 
 Script Highlights: 
@@ -98,11 +98,23 @@ Function ConvertTo-Name {
         }
         # Retrieve the display name for the directory object with the given ID
         else{
-        $Name = (Get-MgBetaDirectoryObject -DirectoryObjectId $Id).AdditionalProperties["displayName"]
-        $DirectoryObjsHash[$Id]=$Name
-        }
-        $ConvertedNames += $Name     
-    }
+         try
+         {
+          $Name = ((Get-MgBetaDirectoryObject -DirectoryObjectId $Id ).AdditionalProperties["displayName"] )
+          if($Name -ne $null)
+          {
+           $DirectoryObjsHash[$Id]=$Name
+           $ConvertedNames += $Name
+           
+          }
+         }
+         catch
+         {
+          Write-Host "Deleted object configured in the CA policy $CAName" -ForegroundColor Red
+          Write-Host "Processing CA policies..."
+         }
+        }        
+    } 
      return $ConvertedNames
 }
 
@@ -230,12 +242,12 @@ Get-MgBetaIdentityConditionalAccessPolicy -All | Foreach {
 
  #Convert id to names for Assignment properties
  if($IncludeUsers.Count -ne 0 -and ($IncludeUsers -ne 'All' -and $IncludeUsers -ne 'None' ))
- {
+ { 
   $IncludeUsers=ConvertTo-Name -InputIds $IncludeUsers
  }
  $IncludeUsers=$IncludeUsers -join ","
  
- if($ExcludeUsers.Count -ne 0)# -and ($ExcludeUsers -ne 'GuestsOrExternalUsers'  ))
+ if(($ExcludeUsers.Count -ne 0) -and ($ExcludeUsers -ne 'GuestsOrExternalUsers'  ))
  {
   $ExcludeUsers=ConvertTo-Name -InputIds $ExcludeUsers
  }