cli-microsoft365 icon indicating copy to clipboard operation
cli-microsoft365 copied to clipboard
verified publisher icon pnp

New command: m365 entra multitenant remove. Closes #6009

Open MartinM85 opened this issue 1 year ago • 1 comments

Closes #6009

MartinM85 avatar May 07 '24 08:05 MartinM85

Thank you @MartinM85, we'll try to review it ASAP!

milanholemans avatar May 07 '24 08:05 milanholemans

@Jwaegebaert I was facing the same issue. Based on my testing, I would avoid:

  • creating and removing a multitenant organization in a short time
  • removing and creating a multitenant organization in a short time

Removing a multitenant organization is definitely an asynchronous operation, but it's not mentioned in the doc for the Graph API v1.0.

The doc for beta: https://learn.microsoft.com/en-us/graph/api/multitenantorganization-delete-tenants?view=graph-rest-beta&tabs=http mentions

To allow for asynchronous processing, you must wait for up to 2 hours before removal of a tenant is completed.

I think the same applies to v1.0

MartinM85 avatar Aug 01 '24 05:08 MartinM85

Good find, @MartinM85! I hadn't checked the beta version of the graph docs either. We should definitely add a note about the 2-hour delay so users know it’s not instant, like I originally thought 😅.

I just tested a graph call, and it turns out my organization is inactive at the moment. Maybe we could improve the error messages like "Tenant is already being added in Multi-Tenant Organization." Instead, we could say something like, "Your Multi-Tenant organization is being removed; this can take up to 2 hours." The current error message doesn't really explain what's going on.

Also, another thing to add to the docs: we should mention that when removing a Multi-Tenant Organization, all associations with other tenants will be removed too.

Jwaegebaert avatar Aug 01 '24 07:08 Jwaegebaert

@Jwaegebaert The message Tenant is already being added in Multi-Tenant Organization is returned directly by the Graph API. No idea if we can change the error message.

MartinM85 avatar Aug 01 '24 09:08 MartinM85

The message Tenant is already being added in Multi-Tenant Organization is returned directly by the Graph API. No idea if we can change the error message.

Fair point. We should find a way to notify users about the delay. The note in the docs is a good start. I suggest logging something after the entire removal process. We could log a message to stderr at the end of the command about the time delay after removal. This way, it's logged but not part of the command output.

Jwaegebaert avatar Aug 01 '24 20:08 Jwaegebaert

@Jwaegebaert Added log message

MartinM85 avatar Aug 02 '24 06:08 MartinM85