Public/Rename-NLBaselineCAPolicies.ps1
|
function Rename-NLBaselineCAPolicies { <# .SYNOPSIS Rename Conditional Access policies .DESCRIPTION Renames Conditional Access policies that match a specific prefix or pattern. Useful for bulk renaming during migrations or reorganizations. .EXAMPLE Rename-NLBaselineCAPolicies -OldPrefix "CA200" -NewPrefix "PROD-CA200" #> [CmdletBinding()] param( [Parameter(Mandatory = $true)] [string]$OldPrefix, [Parameter(Mandatory = $true)] [string]$NewPrefix ) try { # Check connection $context = Get-MgContext -ErrorAction SilentlyContinue if (-not $context -or -not $context.TenantId) { Write-Host "Not connected to Microsoft 365. Connecting..." -ForegroundColor Yellow Write-Host "" $connection = Connect-NLBaselineCA if (-not $connection) { Write-Error "Cannot connect to Microsoft 365" return } $context = Get-MgContext } Write-Host "========================================" -ForegroundColor Cyan Write-Host " RENAME POLICIES" -ForegroundColor Cyan Write-Host "========================================" -ForegroundColor Cyan Write-Host "" Write-Host "Old prefix: $OldPrefix" -ForegroundColor Yellow Write-Host "New prefix: $NewPrefix" -ForegroundColor Yellow Write-Host "" # Get policies matching old prefix Write-Host "Retrieving policies with prefix '$OldPrefix'..." -ForegroundColor Gray $policies = Get-AllConditionalAccessPolicies $matchingPolicies = $policies | Where-Object { $_.DisplayName -like "$OldPrefix*" } if ($matchingPolicies.Count -eq 0) { Write-Error "No policies found with prefix '$OldPrefix'" return } Write-Host "Found $($matchingPolicies.Count) policies to rename" -ForegroundColor Green Write-Host "" Write-Host "Policies to rename:" -ForegroundColor Yellow foreach ($policy in $matchingPolicies) { $newName = $policy.DisplayName -replace "^$([regex]::Escape($OldPrefix))", $NewPrefix Write-Host " $($policy.DisplayName) -> $newName" -ForegroundColor Gray } Write-Host "" $confirm = Read-Host "Do you want to proceed? (Y/N)" if ($confirm -ne "Y" -and $confirm -ne "y") { Write-Host "Operation cancelled" -ForegroundColor Yellow return } $renamedCount = 0 $errors = @() foreach ($policy in $matchingPolicies) { try { $newName = $policy.DisplayName -replace "^$([regex]::Escape($OldPrefix))", $NewPrefix Write-Host "Renaming: $($policy.DisplayName) -> $newName" -ForegroundColor Yellow # Update policy using REST API $body = @{ displayName = $newName } | ConvertTo-Json -Depth 10 $invokeCmd = Get-Command Invoke-MgGraphRequest -ErrorAction SilentlyContinue if ($invokeCmd) { Invoke-MgGraphRequest -Method PATCH ` -Uri "https://graph.microsoft.com/v1.0/identity/conditionalAccess/policies/$($policy.Id)" ` -Body $body ` -ContentType "application/json" ` -ErrorAction Stop Write-Host " Renamed successfully" -ForegroundColor Green $renamedCount++ } else { throw "Invoke-MgGraphRequest not available" } } catch { $errors += "Error renaming $($policy.DisplayName): $_" Write-Host " Error: $_" -ForegroundColor Red } } Write-Host "" Write-Host "========================================" -ForegroundColor Green Write-Host " SUMMARY" -ForegroundColor Green Write-Host "========================================" -ForegroundColor Green Write-Host "Renamed: $renamedCount policies" -ForegroundColor White if ($errors.Count -gt 0) { Write-Host "Errors: $($errors.Count)" -ForegroundColor Red foreach ($error in $errors) { Write-Host " - $error" -ForegroundColor Yellow } } Write-Host "" } catch { Write-Error "Error renaming policies: $_" } } |