diff --git a/Solutions/Azure Active Directory/Analytic Rules/UserAssignedPrivilegedRole.yaml b/Solutions/Azure Active Directory/Analytic Rules/UserAssignedPrivilegedRole.yaml
index 744587d8f27..0786b454ecf 100644
--- a/Solutions/Azure Active Directory/Analytic Rules/UserAssignedPrivilegedRole.yaml	
+++ b/Solutions/Azure Active Directory/Analytic Rules/UserAssignedPrivilegedRole.yaml	
@@ -26,9 +26,8 @@ query: |
   | where ActivityDisplayName has_any ("Add eligible member to role", "Add member to role")
   | mv-apply TargetResource = TargetResources on 
     (
-        where TargetResource.type =~ "User"
-        | extend Target = tostring(TargetResource.userPrincipalName)
-        | extend Target = iff(TargetResources.type == "ServicePrincipal", tostring(TargetResources.displayName), Target),
+        where TargetResource.type in~ ("User", "ServicePrincipal")
+        | extend Target = iff(TargetResource.type =~ "ServicePrincipal", tostring(TargetResource.displayName), tostring(TargetResource.userPrincipalName)),
                  props = TargetResource.modifiedProperties
     )
   | mv-apply Property = props on 
@@ -56,5 +55,5 @@ entityMappings:
         columnName: InitiatorName
       - identifier: UPNSuffix
         columnName: InitiatorUPNSuffix
-version: 1.0.5
+version: 1.0.6
 kind: Scheduled