Microsoft365DSC
Microsoft365DSC copied to clipboard
microsoft
AADAdministrativeUnit with dynamic MembershipType works only at creation
Description of the issue
When I deploy for the first time a dynamic Administrative Unit with the following parameters:
AADAdministrativeUnit $OrganizationalRelationship.DisplayName {
DisplayName = "Test-Dynamic-Unit-DSC"
Description = "Description"
MembershipRule = '(user.userPrincipalName -contains "@xxx.com")'
MembershipRuleProcessingState = "On"
MembershipType = "Dynamic"
Ensure = "Present"
ApplicationId = $ApplicationId
TenantId = $TenantId
CertificateThumbprint = $Thumbprint
}
Everything goes well and the administrative unit is created correctly, dynamic and membership is also correct.
But, when I deploy the same configuration again via my pipeline, the DSC configuration will first retrieve all the members and then end up with the following error:
A parameter cannot be found that matches parameter name 'membershipType'.
+ CategoryInfo: InvalidArgument: (:) [], CimException
+ FullyQualifiedErrorId: NamedParameterNotFound,Update-MgBetaDirectoryAdministrativeUnit
+ PSComputerName: localhost
VERBOSE: [fv-az390-40]: LCM: [ End Set ]
[[AADAdministrativeUnit]Test-Dynamic-Unit-DSC::[EntraID]EntraID_Configuration] in 223.7350 seconds.
The PowerShell DSC resource '[AADAdministrativeUnit]Test-Dynamic-Unit-DSC::[EntraID]EntraID_Configuration' with
SourceInfo 'D:\a\1\s\M365Config\0.0.1\DSCResources\EntraID\EntraID.schema.psm1::28::17::AADAdministrativeUnit' threw
one or more non-terminating errors while running the Set-TargetResource functionality. These errors are logged to the
ETW channel called Microsoft-Windows-DSC/Operational. Refer to this channel for more details.
+ CategoryInfo: InvalidOperation: (:) [], CimException
+ FullyQualifiedErrorId: NonTerminatingErrorFromProvider
+ PSComputerName: localhost
VERBOSE: [fv-az390-40]: LCM: [ End Set ]
The SendConfigurationApply function did not succeed.
+ CategoryInfo: NotSpecified: (root/Microsoft/...gurationManager:String) [], CimException
+ FullyQualifiedErrorId: MI RESULT 1
+ PSComputerName: localhost
VERBOSE: Operation 'Invoke CimMethod' complete.
I want to deploy dynamic administrative unit and ensure their value through my pipeline. But it seems to work only for creation.
Thanks for your help.
Microsoft 365 DSC Version
1.23.1220.1
Which workloads are affected
Azure Active Directory
The DSC configuration
AADAdministrativeUnit $OrganizationalRelationship.DisplayName {
DisplayName = "Test-Dynamic-Unit-DSC"
Description = "Description"
MembershipRule = '(user.userPrincipalName -contains "@xxx.com")'
MembershipRuleProcessingState = "On"
MembershipType = "Dynamic"
Ensure = "Present"
ApplicationId = $ApplicationId
TenantId = $TenantId
CertificateThumbprint = $Thumbprint
}
Verbose logs showing the problem
[[AADAdministrativeUnit]Test-Dynamic-Unit-DSC::[EntraID]EntraID_Configuration]
VERBOSE: [fv-az390-40]: LCM: [ Start Test ]
[[AADAdministrativeUnit]Test-Dynamic-Unit-DSC::[EntraID]EntraID_Configuration]
VERBOSE: [fv-az390-40]:
[[AADAdministrativeUnit]Test-Dynamic-Unit-DSC::[EntraID]EntraID_Configuration] Testing configuration of the Azure AD
Administrative Unit with Id {b9948da3-d097-4b2a-b228-f429000e35ad} and DisplayName {Test-Dynamic-Unit-DSC}
VERBOSE: [fv-az390-40]:
[[AADAdministrativeUnit]Test-Dynamic-Unit-DSC::[EntraID]EntraID_Configuration] An Azure AD Administrative Unit with Id
{b9948da3-d097-4b2a-b228-f429000e35ad} and DisplayName {Test-Dynamic-Unit-DSC} was found.
VERBOSE: [fv-az390-40]:
[[AADAdministrativeUnit]Test-Dynamic-Unit-DSC::[EntraID]EntraID_Configuration] AU {Test-Dynamic-Unit-DSC}
MembershipType {}
VERBOSE: [fv-az390-40]:
[[AADAdministrativeUnit]Test-Dynamic-Unit-DSC::[EntraID]EntraID_Configuration] AU {Test-Dynamic-Unit-DSC} get Members
VERBOSE: [fv-az390-40]:
-------------------------------
A parameter cannot be found that matches parameter name 'membershipType'.
+ CategoryInfo: InvalidArgument: (:) [], CimException
+ FullyQualifiedErrorId: NamedParameterNotFound,Update-MgBetaDirectoryAdministrativeUnit
+ PSComputerName: localhost
VERBOSE: [fv-az390-40]: LCM: [ End Set ]
[[AADAdministrativeUnit]Test-Dynamic-Unit-DSC::[EntraID]EntraID_Configuration] in 223.7350 seconds.
The PowerShell DSC resource '[AADAdministrativeUnit]Test-Dynamic-Unit-DSC::[EntraID]EntraID_Configuration' with
SourceInfo 'D:\a\1\s\M365Config\0.0.1\DSCResources\EntraID\EntraID.schema.psm1::28::17::AADAdministrativeUnit' threw
one or more non-terminating errors while running the Set-TargetResource functionality. These errors are logged to the
ETW channel called Microsoft-Windows-DSC/Operational. Refer to this channel for more details.
+ CategoryInfo: InvalidOperation: (:) [], CimException
+ FullyQualifiedErrorId: NonTerminatingErrorFromProvider
+ PSComputerName: localhost
VERBOSE: [fv-az390-40]: LCM: [ End Set ]
The SendConfigurationApply function did not succeed.
+ CategoryInfo: NotSpecified: (root/Microsoft/...gurationManager:String) [], CimException
+ FullyQualifiedErrorId: MI RESULT 1
+ PSComputerName: localhost
VERBOSE: Operation 'Invoke CimMethod' complete.
Environment Information + PowerShell Version
OsName : Microsoft Windows Server 2022 Datacenter
OsOperatingSystemSKU : DatacenterServerEdition
OsArchitecture : 64-bit
WindowsVersion : 2009
WindowsBuildLabEx : 20348.1.amd64fre.fe_release.210507-1500
OsLanguage : en-US
OsMuiLanguages : {en-US}
Key : PSVersion
Value : 5.1.20348.2110
Name : PSVersion
Key : PSEdition
Value : Desktop
Name : PSEdition
Key : PSCompatibleVersions
Value : {1.0, 2.0, 3.0, 4.0...}
Name : PSCompatibleVersions
Key : BuildVersion
Value : 10.0.20348.2110
Name : BuildVersion
Key : CLRVersion
Value : 4.0.30319.42000
Name : CLRVersion
Key : WSManStackVersion
Value : 3.0
Name : WSManStackVersion
Key : PSRemotingProtocolVersion
Value : 2.3
Name : PSRemotingProtocolVersion
Key : SerializationVersion
Value : 1.1.0.1
Name : SerializationVersion
