Private/Get-AllConditionalAccessPolicies.ps1
|
function Get-AllConditionalAccessPolicies { <# .SYNOPSIS Get all Conditional Access policies with fallback to REST API .DESCRIPTION Retrieves all Conditional Access policies. Attempts to use the cmdlet first, but falls back to REST API if there are module conflicts. .OUTPUTS Array of Conditional Access policy objects #> [CmdletBinding()] param() try { # Try to get policies using cmdlet first try { $policies = Get-MgIdentityConditionalAccessPolicy -All -ErrorAction Stop return $policies } catch { Write-Verbose "Get-MgIdentityConditionalAccessPolicy failed, using REST API fallback: $_" # Fallback to REST API $uri = "https://graph.microsoft.com/v1.0/identity/conditionalAccess/policies" $allPolicies = @() do { try { $response = Invoke-MgGraphRequest -Method GET -Uri $uri -ErrorAction Stop if ($response.value) { $allPolicies += $response.value } $uri = $response.'@odata.nextLink' } catch { Write-Error "Error retrieving policies via REST API: $_" break } } while ($uri) return $allPolicies } } catch { Write-Error "Failed to retrieve Conditional Access policies: $_" return @() } } |