msgraph-sdk-powershell
msgraph-sdk-powershell copied to clipboard
microsoftgraph
New-MgSecurityAttackSimulation - endUserNotificationSetting properties seem to be broken
Describe the bug
Trying to create a new attack simulation with New-MgSecurityAttackSimulation, but once I introduce settings for endUserNotificationSetting, the cmdlet always errors with:
- `{"Code":400,"Message":"Bad request","Target":null,"Details":[{"Code":400,"Message":"Parameter endUserNotificationId is not valid","Target":null,"Details":null,"InnerError":null}],"InnerError":null}
Status: 400 (BadRequest) ErrorCode: UnknownError`
If I set endUserNotificationSetting -> settingType = unknown, it ignores that property and everything under it, and the simulation creates OK. The issue seems to be no matter how I try to include notification settings, creation via Graph results in an error. Even using the documented creation from the MS KB does not work:
- https://learn.microsoft.com/en-us/graph/api/attacksimulationroot-post-simulation?view=graph-rest-1.0&tabs=powershell
Expected behavior
Expect to be able to provide notification options to API/cmdlet, and have them work.
How to reproduce
Purged tenant data, apologies if I messed up formatting, but this should be a mostly complete example that will not work as is (unless changing endUserNotificationSetting = @{ settingtype = "unknown"}
[Microsoft.Graph.PowerShell.Models.IMicrosoftGraphSimulation]$newCampaignData = @{
#AND/OR just $newCampaignData = @{
AttackTechnique = "credentialHarvesting"
AttackType = "social"
"[email protected]" = "https://graph.microsoft.com/v1.0/security/attacksimulation/payloads/$($payloadID)"
"[email protected]" = "https://graph.microsoft.com/v1.0/security/attacksimulation/landingPages/$($landingPageID)"
"[email protected]" = "https://graph.microsoft.com/v1.0/security/attacksimulation/loginPages/$($loginPageID)"
includedAccountTarget = @{
"@odata.type" = "#microsoft.graph.addressBookAccountTargetContent"
type = "addressBook"
accountTargetEmails = $aryTargetUsers
}
TrainingSetting = @{
# Even when this is set to "noTraining", fails.
settingType = "microsoftManaged"
trainingCompletionDuration = "fortnite"
}
endUserNotificationSetting = @{
notificationPreference = "microsoft"
settingType = "noTraining" #I have tried every supported value for this - setting to unknown lets this work, anything with training in name fails.
positiveReinforcement = @{
# I've tried every combination I can figure out for enduserNotification data, but no matter what I
# "[email protected]" = "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/$($positiveNotificationID)"
# endUserNotification = "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/$($positiveNotificationID)"
# endUserNotification = ($allEndUserNotifications | where NotificationType -eq "positiveReinforcement") #This is a GET for the correct notification, containing all properties
deliveryPreference = "deliverImmedietly"
defaultLanguage = "en"
}
simulationNotification = @{
targettedUserType = "compromised"
"[email protected]" = "https://graph.microsoft.com/v1.0/security/attacksimulation/endUserNotifications/$($simulationNotificationID)"
defaultLanguage = "en"
}
}
createdBy = @{ email = "[email protected]" }
launchDateTime = (Get-Date)
payloadDeliveryPlatform = "email"
Description = $newCampaignName
DisplayName = $newCampaignName
DurationInDays = 2
status = "draft"
}
New-MgSecurityAttackSimulation -BodyParameter $newCampaignData -ErrorAction Stop
SDK Version
No response
Latest version known to work for scenario above?
No response
Known Workarounds
Per above, tweaking this will make it work, but it ignores all notification options.
endUserNotificationSetting = @{
notificationPreference = "microsoft"
settingType = "unknown"
}
Debug output
Click to expand log
```</details>
### Configuration
_No response_
### Other information
_No response_
