powershell icon indicating copy to clipboard operation
powershell copied to clipboard

Published 20 hours ago verified publisher icon pnp

[BUG] Get-PnPTermGroup do not work with app permissions.

Open stvpwrs opened this issue 2 years ago • 3 comments

Reporting an Issue or Missing Feature

When using Get-PnPTermGroup with a connection created with app permissions the cmdlet fails with an out of index error or hangs an Azure Automation Runbook.

I believe this also impacts Get-PnPTerm.

Expected behavior

I expect this to return a collection of Term Groups.

Actual behavior

I have gotten a number of errors depending on how I try to call the code, but the example below just times out and suspends an Azure Automation Runbook with no error capture.

Often Value cannot be null. Parameter name: path but I believe this is because variables used to try and capture the result just time out and get assigned null.

I have also received Specified argument was out of the range of valid values. Parameter name: index when attempting to pass the result of Get-PnPTermGroup in a variable.

Steps to reproduce behavior

###############################################################################################
# Set Preferences
###############################################################################################

$ErrorActionPreference = 'Stop'

##############################################################################################
# Import Modules
###############################################################################################

$forPnPPowerShell = @{
	Force           = $true
	Name            = 'PnP.PowerShell'
	RequiredVersion = '1.11.0'
}
Import-Module @forPnPPowerShell

###############################################################################################
# Conenct to services
###############################################################################################

$appConnection = Get-AutomationConnection -Name 'APP_CONNECTION'

$withTheAppConnection = @{
    ClientID         = $appConnection.ApplicationId
    Tenant           = $appConnection.TenantId
    Thumbprint       = $appConnection.CertificateThumbprint
    Url              = 'https://tenant-admin.sharepoint.com'
}
Connect-PnPOnline @withTheAppConnection

Get-PnPTermGroup

What is the version of the Cmdlet module you are running?

ModuleType Version    Name
---------- -------    ----
Manifest   1.10.0     PnP.PowerShell

Which operating system/environment are you running PnP PowerShell on?

  • [ ] Windows
  • [ ] Linux
  • [ ] MacOS
  • [ ] Azure Cloud Shell
  • [ ] Azure Functions
  • [X] Other : Azure Automation Runbooks

stvpwrs avatar Aug 02 '22 20:08 stvpwrs

@stvpwrs have you given the app registration the required application permissions? e.g. TermStore.Read.All or TermStore.ReadWrite.All

CallumCrowley avatar Aug 04 '22 13:08 CallumCrowley

@CallumCrowley Yes the app has proper permissions.

stvpwrs avatar Aug 05 '22 15:08 stvpwrs

Hi @stvpwrs

Have you tried adding the SharePoint principal as term store admin?

For more info check: https://github.com/pnp/powershell/issues/1749#issuecomment-1090766211

milanholemans avatar Aug 07 '22 12:08 milanholemans

hi @stvpwrs , any update on this ? Can you try what @milanholemans suggested and let us know ?

gautamdsheth avatar Aug 23 '22 15:08 gautamdsheth

Closing due to lack of response.

gautamdsheth avatar Sep 06 '22 12:09 gautamdsheth

Hello, sorry for the lack of response here, this issue slipped my mind. I think we should leave it closed, I just ended up not using an automation account for this.

There was so much odd behavior with the automation account that the local client didn't have, I just stopped trying to troubleshoot it. I will say that all of the auth and permissions were correct and all the code would correctly run locally, just not in an automation account.

stvpwrs avatar Sep 06 '22 12:09 stvpwrs