msgraph-sdk-powershell icon indicating copy to clipboard operation
msgraph-sdk-powershell copied to clipboard

Published 20 hours ago verified publisher icon microsoftgraph

Microsoft.Graph.Teams Not Working 2.13.1 due to incorrect results from Find-MGGraphCommand

Open jhugery-blade opened this issue 1 year ago • 6 comments

So I have updated all Microsoft.Graph modules to 2.13.1. When running the following commands to be able to run a Get-MgTeam, an error is given indicating that TeamsSetting.Read.Group is not available in the resource. Here's the code snippet:

$cmdlets=@("get-mguser","get-mgTeam") $scopes=@() foreach($cmdlet in $cmdlets){ $perms=(Find-MgGraphCommand -Command $cmdlet|select -ExpandProperty permissions).name foreach ($perm in $perms){ if (($scopes|?{$_ -eq $perm}|measure).count -eq 0){$scopes+=$perm} } } if ((get-mgcontext|measure).count -eq 0){ Connect-MgGraph -Scopes $scopes }

and here's the error...

Connect-MgGraph : InteractiveBrowserCredential authentication failed: AADSTS650053: The application 'Microsoft Graph Command Line Tools' asked for scope 'TeamSettings.Read.Group' that doesn't exist on the resource '00000003-0000-0000-c000-000000000000'. Contact the app vendor. Trace ID: 70a37f20-cf7a-45c8-ae66-7d4519490a00 Correlation ID: a9c0313e-dab9-4029-8efd-371770ae3ef3 Timestamp: 2024-02-16 19:10:38Z At C:<path omitted>

  • Connect-MgGraph -Scopes $scopes

  • ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : NotSpecified: (:) [Connect-MgGraph], AuthenticationFailedException
    • FullyQualifiedErrorId : Microsoft.Graph.PowerShell.Authentication.Cmdlets.ConnectMgGraph

jhugery-blade avatar Feb 16 '24 19:02 jhugery-blade

Looks like Find-MgGraphCommand is returning TeamSettings.ReadWrite.Group instead of TeamSettings.Read.Group (https://graphpermissions.merill.net/permission/TeamSettings.Read.Group). There is no TeamSettings.ReadWrite.Group permission...

Find-MgGraphCommand -Command Get-MgTeam | Select-Object -ExpandProperty permissions

Name IsAdmin Description FullDescription

Directory.Read.All False Read directory data Allows the app to read data in your organiz… Directory.ReadWrite.All False Read and write directory data Allows the app to read and write data in yo… Group.Read.All False Read all groups Allows the app to read group properties and… Group.ReadWrite.All False Read and write all groups Allows the app to create groups, read all g… Team.ReadBasic.All False Get a list of all teams Get a list of all teams, without a signed-i… TeamSettings.Read.All False Read all teams' settings Read all team's settings, without a signed-… TeamSettings.Read.Group False Consent name unavailable Consent description unavailable TeamSettings.ReadWrite.All False Read and change all teams' settings Read and change all teams' settings, withou… TeamSettings.ReadWrite.Group False Consent name unavailable Consent description unavailable Team.ReadBasic.All False Get a list of all teams Get a list of all teams, without a signed-i… TeamSettings.Read.All False Read all teams' settings Read all team's settings, without a signed-… TeamSettings.ReadWrite.All False Read and change all teams' settings Read and change all teams' settings, withou

12Knocksinna avatar Feb 19 '24 14:02 12Knocksinna

That is what I am seeing.

jhugery-blade avatar Feb 19 '24 19:02 jhugery-blade

Maybe change the title then? The problem is not with the Teams module. The problem is more likely with the Find-MgGraphCommand cmdlet. It's a tad strong to say that a complete module is not working when all it is that a cmdlet returns a incorrect permission.

12Knocksinna avatar Feb 19 '24 19:02 12Knocksinna

I updated the title as requested.

jhugery-blade avatar Feb 20 '24 14:02 jhugery-blade

Hi @jhugery-blade thank you for logging this issue. Find-MgGraphCommand returns permissions as defined by the API owner here. image

For API related issues/questions we are not best placed to give an answer. Kindly raise an issue here https://developer.microsoft.com/en-us/graph/support so that the API owner can respond to it.

timayabi2020 avatar Mar 01 '24 08:03 timayabi2020

Thanks for looking into the issue.

From: Tim @.> Sent: Friday, March 1, 2024 8:55 AM To: microsoftgraph/msgraph-sdk-powershell @.> Cc: 12 Knocksinna (Gmail) @.>; Comment @.> Subject: Re: [microsoftgraph/msgraph-sdk-powershell] Microsoft.Graph.Teams Not Working 2.13.1 due to incorrect results from Find-MGGraphCommand (Issue #2598)

Hi @jhugery-bladehttps://github.com/jhugery-blade thank you for logging this issue. Find-MgGraphCommand returns permissions as defined by the API owner herehttps://learn.microsoft.com/en-us/graph/api/team-get?view=graph-rest-1.0&tabs=powershell. image.png (view on web)https://github.com/microsoftgraph/msgraph-sdk-powershell/assets/10947120/de5a270f-28a5-4274-b7e7-9ae03c41e4ee

For API related issues/questions we are not best placed to give an answer. Kindly raise an issue here https://developer.microsoft.com/en-us/graph/support so that the API owner can respond to it.

Reply to this email directly, view it on GitHubhttps://github.com/microsoftgraph/msgraph-sdk-powershell/issues/2598#issuecomment-1972775278, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AK45CIRLLWDLIOTO3X2TC2TYWA66RAVCNFSM6AAAAABDMQ2PJOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNZSG43TKMRXHA. You are receiving this because you commented.Message ID: @.@.>>

12Knocksinna avatar Mar 01 '24 12:03 12Knocksinna

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment.

microsoft-github-policy-service[bot] avatar Mar 05 '24 13:03 microsoft-github-policy-service[bot]