Forum Discussion
Create Named Location list using PowerShell
Here's a quick-n-dirty re-working if your original script demonstrating the Get-Content approach.
I've included a screenshot showing the output from $ipRanges but I had to keep the subtle change regarding "`1", otherwise, it throws an error for me under Windows PowerShell.
Connect-AzureAD $ipRanges = New-Object -TypeName System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.IpRange] Get-Content -Path C:\IPs.csv | ForEach-Object { $ipRanges.Add($_) } New-AzureADMSNamedLocationPolicy -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "IP named location policy" -IsTrusted $false -IpRanges $ipRanges$ipRanges output (purely as confirmation it's correctly producing the IpRange data type):
Cheers,
Lain
Use the following Graph command
Import-Module Microsoft.Graph.Identity.SignIns
Connect-MgGraph -Scopes ('Policy.Read.All', 'Policy.ReadWrite.ConditionalAccess')
$params = @{
"@odata.type" = "#microsoft.graph.ipNamedLocation"
DisplayName = "Untrusted IP named location"
IsTrusted = $false
IpRanges = @(
@{
"@odata.type" = "#microsoft.graph.iPv4CidrRange"
CidrAddress = "12.34.221.11/22"
}
@{
"@odata.type" = "#microsoft.graph.iPv6CidrRange"
CidrAddress = "2001:0:9d38:90d6:0:0:0:0/63"
}
)
}
New-MgIdentityConditionalAccessNamedLocation -BodyParameter $params
Hello farismalaeb ,
Thank you for your reply.
But what if I need to add multiple IP ranges?
For example, 12.12.12.12/24, 15.15.15.15/25, 16.16.16.16/16 ?
This is my goal.
The Graph will add multiple IP
Here is a small update.
Replace the $Location with your CSV
Import-Module Microsoft.Graph.Identity.SignIns Connect-MgGraph -Scopes ('Policy.Read.All', 'Policy.ReadWrite.ConditionalAccess') $Location=@('1.1.1.1/24','2.2.2.2/24','3.3.3.3/24') $params = @{ "@odata.type" = "#microsoft.graph.ipNamedLocation" DisplayName = "New Test Location" IsTrusted = $false IpRanges=@() } Foreach ($S in $Location){ $IpRanges=@{} $IpRanges.add("@odata.type" , "#microsoft.graph.iPv4CidrRange") $IpRanges.add("CidrAddress" , $S) $params.IpRanges+=$IpRanges } New-MgIdentityConditionalAccessNamedLocation -BodyParameter $paramsOut of curiosity, does your CSV have a header? If so, then line 3 is probably where things are coming unstuck.
Are you able to provide an example of what your CSV looks like?
Beyond that, your code example looks mostly okay on the surface. The only issue is the "`1" on line 2, which shouldn't be there. It should simply be:
#Either in the old-school format like this: $ipRanges = New-Object -TypeName System.Collections.Generic.List[Microsoft.Open.MSGraph.Model.IpRange]; # Or like this: $ipRanges = [System.Collections.Generic.List[Microsoft.Open.MSGraph.Model.IpRange]]::new();Leaving the "`1" in there throws an exception, but I'm guessing you've either already come across that or just made a copy-and-paste mistake from the commandlet help Docs article.
Cheers,
Lain
Hello LainRobertson,
Thank you for your reply.
The csv file is very simple, it doesn't have any headers:
But when I try to get what I have in the array, I get the following result:
Probably PowerShell thinks that the first line is the header.
Regarding the "`1" on line 2, I removed it and have the following error: Cannot find an overload for "Add" and the argument count: "1". I used the old-school format.
Here's a quick-n-dirty re-working if your original script demonstrating the Get-Content approach.
I've included a screenshot showing the output from $ipRanges but I had to keep the subtle change regarding "`1", otherwise, it throws an error for me under Windows PowerShell.
Connect-AzureAD $ipRanges = New-Object -TypeName System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.IpRange] Get-Content -Path C:\IPs.csv | ForEach-Object { $ipRanges.Add($_) } New-AzureADMSNamedLocationPolicy -OdataType "#microsoft.graph.ipNamedLocation" -DisplayName "IP named location policy" -IsTrusted $false -IpRanges $ipRanges$ipRanges output (purely as confirmation it's correctly producing the IpRange data type):
Cheers,
Lain