MT1011 recommendation #490
robybrisson
started this conversation in
General
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
The test's text indicates that security info registration should be done from trusted locations (makes sense). The check seems to be returning "True" when trusted locations are instead excluded, instead allowing users to register only from non-trusted locations.
$result = $false
foreach ($policy in $policies) {
if ( $policy.conditions.users.includeUsers -eq "All"
-and $policy.conditions.clientAppTypes -eq "all"-and $policy.conditions.applications.includeUserActions -eq "urn:user:registersecurityinfo"
-and $policy.conditions.users.excludeRoles -eq "62e90394-69f5-4237-9190-012177145e10"-and $policy.conditions.locations.excludeLocations -eq "AllTrusted" `
Am I misunderstanding the intention of this policy?
Thanks,
Roby!
Beta Was this translation helpful? Give feedback.
All reactions