@@ -19,7 +19,7 @@ function Set-CIPPCAExclusion {
1919 $ExcludeUsers.Add ($User )
2020 }
2121 foreach ($User in $Users.value ) {
22- if ($ExcludeUsers -notcontains $User ) {
22+ if ($User -and $User -ne ' ' -and $ ExcludeUsers-notcontains $User ) {
2323 $ExcludeUsers.Add ($User )
2424 }
2525 }
@@ -42,14 +42,20 @@ function Set-CIPPCAExclusion {
4242 }
4343
4444 $RawJson = ConvertTo-Json - Depth 10 - InputObject $NewExclusions
45- if ($PSCmdlet.ShouldProcess ($PolicyId , " Add exclusion for $UserID "
45+
46+ if ($Users ) {
47+ $UserIdentifier = ($Username -join ' , '
48+ } else {
49+ $UserIdentifier = $UserID
50+ }
51+ if ($PSCmdlet.ShouldProcess ($PolicyId , " Add exclusion for $UserIdentifier "
4652 $null = New-GraphPOSTRequest - uri " https://graph.microsoft.com/beta/identity/conditionalAccess/policies/$ ( $CheckExisting.id ) " - tenantid $tenantfilter - type PATCH - body $RawJSON - AsApp $true
4753 }
4854 }
4955
5056 if ($ExclusionType -eq ' remove'
5157 if ($Users ) {
52- $UserID = $Users.value
58+ $UserID = $Users.value | Where-Object { $_ -and $_ -ne ' ' }
5359 $Username = $Users.addedFields.userPrincipalName
5460 } else {
5561 if ($UserID -match ' ^[a-f0-9]{8}-([a-f0-9]{4}-){3}[a-f0-9]{12}$'
@@ -64,7 +70,13 @@ function Set-CIPPCAExclusion {
6470 }
6571 }
6672 $RawJson = ConvertTo-Json - Depth 10 - InputObject $NewExclusions
67- if ($PSCmdlet.ShouldProcess ($PolicyId , " Remove exclusion for $UserID "
73+
74+ if ($Users ) {
75+ $UserIdentifier = ($Username -join ' , '
76+ } else {
77+ $UserIdentifier = $UserID
78+ }
79+ if ($PSCmdlet.ShouldProcess ($PolicyId , " Remove exclusion for $UserIdentifier "
6880 $null = New-GraphPOSTRequest - uri " https://graph.microsoft.com/beta/identity/conditionalAccess/policies/$ ( $CheckExisting.id ) " - tenantid $tenantfilter - type PATCH - body $RawJSON - AsApp $true
6981 }
7082 }
0 commit comments