orca icon indicating copy to clipboard operation
orca copied to clipboard
verified publisher icon cammurray

Get-ProtectionAlert CMD-Let can not be used when Connect-IPPSSession is done using App based Auth (App-Registration)

Open MarkusGreinerSkaylink opened this issue 1 month ago • 3 comments

If we use App based authentication we can not use the Get-ProtectionAlert CMD-Let

Image

Not sure what exactly ORCA requires from Get-ProtectionAlert. Could you redesign it using Graph calls?

Thanks

MarkusGreinerSkaylink avatar Nov 11 '25 17:11 MarkusGreinerSkaylink

I guess it would help, if we just put a try catch block around the line 45 in Get-ORCACollection.ps1 e.g.

if($SCC -and $Collection["Services"] -band [ORCAService]::MDO) { try { Write-Verbose "$(Get-Date) Getting Protection Alerts" $Collection["ProtectionAlert"] = Get-ProtectionAlert | Where-Object {$_.IsSystemRule} -ErrorAction:SilentlyContinue } Catch { Write-Verbose "$(Get-Date) Failed to run CMD-Let Get-ProtectionAlert" } }

MarkusGreinerSkaylink avatar Nov 11 '25 18:11 MarkusGreinerSkaylink

I haven't found any way to list protection alert policies other than with the Get-ProtectionAlert cmdlet.

SamErde avatar Nov 11 '25 18:11 SamErde

I understand. Could you wrap the "get-protectionalert" with a try catch block? I use the get-orcacollection from Maester and the problem is that all Orca tests will fail if i am connected to IPPSSession using App based Auth. So, i understand that this would not fix the root cause (that IPPSSession does not fully support App based Auth) but it would help in my case, and not harm others. Thank you very much

MarkusGreinerSkaylink avatar Nov 14 '25 10:11 MarkusGreinerSkaylink