Using ChatGPT to export conditional access rules

Since a couple of months ChatGPT is hot and happening. But what is chatGPT and what are its capability’s from a Microsoft 365 perspective?

According to Wikipedia chatGPT is

chatbot launched by OpenAI in November 2022. It is built on top of OpenAI’s GPT-3 family of large language models, and is fine-tuned (an approach to transfer learning[2]) with both supervised and reinforcement learning techniques.

ChatGPT was launched as a prototype on November 30, 2022, and quickly garnered attention for its detailed responses and articulate answers across many domains of knowledge. Its uneven factual accuracy was identified as a significant drawback.[3] Following the release of ChatGPT, OpenAI was reportedly valued at $29 billion.[4]

In this blog i will explain to you how simple it is to use ChatGPT to create scripts to for instance export and import conditional access rules.

Export all conditional access rules from Azure Active Directory

The first step is logon onto https://chat.openai.com/chat. You are not able to use your work or school account but you are able to use any other Microsoft or Google account.

Write a script in Powershell to export all conditional access rules in JSON and prepare it to Import it to another Microsoft 365 tenant.

After this action ChatGPT gives us the following answer.

As you can see in the print screen it is required to setup a connection to the Microsoft graph. To do this we need to access Azure Active Directory and setup a Application Registration.

When we have created the application registration we need to setup a client secret to secure the connection to he Microsoft Graph.

When the client secret is created you need to be sure you copy and paste the secret ID and the Value (The value is the secret). After this it possible to create a connection to the Microsoft Graph. But it is not yet possible to connect to the conditional access rules. To make this happen we need to add some permissions to the application so we can read the conditional access rules which are in the Azure Active Directory environment.

Now that you have configured the application and the permissions of the application it is possible to connect with the script to the MS Graph and extract the conditional access rules within that organisation.

Check the code created by ChatGPT.

To make sure we are not doing anything we do not want we need to review the script created by the ChatGPT Ai.

If we look to the script some things come to my attention do you also see them? Put them in the comments! When we look at the last part of the reaction we see the message below. So basically the requirements are at the end of the chat.

Requirements

Bellow i have writen down the requirements needed to export all the conditional access rules from a Azure Active Directory tenant.

  • We need a Azure AD P1 License
  • We need a Azure AD environment
  • We need a registrated application with API permissions
  • We need to have the Azure AD powershell module

*Note we also see that the Azure AD powershell will be depricated in the future the plan of Microsoft was to do this June 30th 2022. But they have not done this.

Executing the script

Did you copy paste the script and did you check the script? If so you should have gotten some issues. We need to make sure the script is running correctly without any authentication errors. You probably get the following errors this means we have some work to do to get everything running.

Troubleshooting the script

In the situation we are in now we can do two things.

  1. Troubleshoot ourselves
  2. Let ChatGPT come up with some idea’s

As this blog is about the last part we are going to ask ChatGPT for some recommendations.

So to get this script working some minor adjustments need to be made. In my case i used the wrong ClientID/ ApplicationID. Which i think is awesome that you can go all direction with ChatGPT.

In the end the script i used to export the rules is the one bellow

And this created some awesome results

So how do export conditional access rules the easy way?

Just use the script below and it will keep you going or you can take the Red pil and dive into the Rabithole and use ChatGPT to get the graph authentication working.

Final verdict

As you can see we can go all directions with ChatGPT and i can really help you out with your productivity and workflow. Especially when you are not that good with Powershell and graph (like me) ChatGPT can be really helpful giving you directions and information on how to get things done. Use it as an extension of your own knowledge and always review the source code or content created with it.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s