NLBaselineCA

1.0.0

Public/Get-NLBaselineCANamedLocations.ps1

                                function Get-NLBaselineCANamedLocations {

    <#

    .SYNOPSIS

    List all Named Locations

    .DESCRIPTION

    Lists all Conditional Access named locations in the tenant

    #>

    [CmdletBinding()]

    param()

    try {

        # Check connection

        $context = Get-MgContext -ErrorAction SilentlyContinue

        if (-not $context -or -not $context.TenantId) {

            Write-Host "Not connected to Microsoft 365. Connecting..." -ForegroundColor Yellow

            Write-Host ""

            $connection = Connect-NLBaselineCA

            if (-not $connection) {

                Write-Error "Cannot connect to Microsoft 365"

                return

            }

            $context = Get-MgContext

        }

        Write-Host "Retrieving Named Locations..." -ForegroundColor Yellow

        Write-Host ""

        # Try normal cmdlet first, fallback to REST API

        $namedLocations = $null

        try {

            $namedLocations = Get-MgIdentityConditionalAccessNamedLocation -All -ErrorAction Stop

        }

        catch {

            # Use REST API fallback

            $invokeCmd = Get-Command Invoke-MgGraphRequest -ErrorAction SilentlyContinue

            if ($invokeCmd) {

                $response = Invoke-MgGraphRequest -Method GET -Uri "https://graph.microsoft.com/v1.0/identity/conditionalAccess/namedLocations" -ErrorAction Stop

                $namedLocations = $response.value

            }

            else {

                throw "Cannot retrieve named locations: $_"

            }

        }

        if (-not $namedLocations -or $namedLocations.Count -eq 0) {

            Write-Host "No named locations found." -ForegroundColor Yellow

            return

        }

        Write-Host "Found $($namedLocations.Count) named location(s):" -ForegroundColor Green

        Write-Host ""

        foreach ($location in $namedLocations) {

            Write-Host "  $($location.DisplayName)" -ForegroundColor White

            Write-Host "    ID: $($location.Id)" -ForegroundColor Gray

            if ($location.AdditionalProperties.isTrusted) {

                Write-Host "    Type: Trusted IP Range" -ForegroundColor Cyan

                if ($location.AdditionalProperties.ipRanges) {

                    $ipRanges = $location.AdditionalProperties.ipRanges.cidrAddress

                    Write-Host "    IP Ranges: $($ipRanges -join ', ')" -ForegroundColor Gray

                }

            }

            else {

                Write-Host "    Type: Country/Region" -ForegroundColor Cyan

                if ($location.AdditionalProperties.countriesAndRegions) {

                    $countries = $location.AdditionalProperties.countriesAndRegions

                    Write-Host "    Countries: $($countries -join ', ')" -ForegroundColor Gray

                }

            }

            Write-Host ""

        }

    }

    catch {

        Write-Error "Error listing named locations: $_"

    }

}