azure-activedirectory-powershell
azure-activedirectory-powershell copied to clipboard
AzureAD
Object reference not set to an instance of an object on New-AzureADMSInvitation
Hello everyone,
this is my command:
New-AzureADMSInvitation -InvitedUserEmailAddress $email -SendInvitationMessage $false -InviteRedirectUrl "https://example.com" -InvitedUserDisplayName "$lastname, $firstname"
The variables are all initialized.
Nevertheless I am getting the following error:
New-AzureADMSInvitation : Object reference not set to an instance of an object.
At C:\Users\attenbej\Desktop\inviteUsersToAAD.ps1:84 char:9
+ New-AzureADMSInvitation -InvitedUserEmailAddress $email -Send ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-AzureADMSInvitation], NullReferenceException
+ FullyQualifiedErrorId : System.NullReferenceException,Microsoft.Open.MSGraphV10.PowerShell.NewAzureADMSInvitation
Could you please look into that, as I am pretty sure that my command is correct. $PSVersionTable.PSVersion shows:
Major Minor Build Revision
----- ----- ----- --------
5 1 17763 1490
Thanks in advance.
I also reported this issue here: https://feedback.azure.com/forums/598699-azure-cloud-shell/suggestions/42345556-please-resolve-error-in-new-azureadmsinvitation If anyone else has also problems with it, feel free to upvote.
The cause of this error seems to be, that some Tokens (got mine with the MSAL.PS module) can't be processed properly by the module and result in this error. If I invoke the request myself it works fine. This is the solution in case you have the same problem:
Invoke-RestMethod -Uri https://graph.microsoft.com/v1.0/invitations -Method POST -UseBasicParsing -Body "{`"invitedUserEmailAddress`":`"$email`",`"inviteRedirectUrl`":`"$redirectUrl`", `"invitedUserDisplayName`":`"$lastname, $firstname`"}" -Headers @{"Authorization"="Bearer $($token.Accesstoken)"}
+1 hitting this running under an SPN from an ADO pipeline. Thanks for the hint on the token.
Edit: Looks like this was a bad implementation on my end. I needed to pass both the AaDAccess token and the MSAccessToken to Connect-AzureAD. There are a number of bad implementations that come up in web searches.
