From eb6599fa6603191d98e9031378cef1a717275ffc Mon Sep 17 00:00:00 2001
From: jonas04anderberg <89702299+jonas04anderberg@users.noreply.github.com>
Date: Mon, 11 Dec 2023 11:28:10 +0100
Subject: [PATCH] Update DCToolbox.psm1

Removed -ExpandProperty "policy(`$expand=rules)" so that the script works again. This seems to be solving issue #41
---
 DCToolbox/DCToolbox.psm1 | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/DCToolbox/DCToolbox.psm1 b/DCToolbox/DCToolbox.psm1
index 24328f0..e282c60 100644
--- a/DCToolbox/DCToolbox.psm1
+++ b/DCToolbox/DCToolbox.psm1
@@ -1633,7 +1633,7 @@ function Enable-DCEntraIDPIMRole {
         $CustomObject | Add-Member -MemberType NoteProperty -Name 'RoleDefinitionId' -Value $RoleAssignment.RoleDefinitionId
         $CustomObject | Add-Member -MemberType NoteProperty -Name 'DisplayName' -Value ($EntraIDRoleTemplates | Where-Object { $_.Id -eq $RoleAssignment.RoleDefinitionId } ).DisplayName
 
-        $PolicyAssignment = Get-MgPolicyRoleManagementPolicyAssignment -Filter "scopeId eq '/' and scopeType eq 'DirectoryRole' and roleDefinitionId eq '$($RoleAssignment.RoleDefinitionId)'" -ExpandProperty "policy(`$expand=rules)"
+        $PolicyAssignment = Get-MgPolicyRoleManagementPolicyAssignment -Filter "scopeId eq '/' and scopeType eq 'DirectoryRole' and roleDefinitionId eq '$($RoleAssignment.RoleDefinitionId)'"
 
         # Get the role management policy that's been assigned:
         $Policy = Get-MgPolicyRoleManagementPolicy -UnifiedRoleManagementPolicyId $PolicyAssignment.PolicyId