Export-M365DSCConfiguration: "Organization cannot be a Guid, please enter the name of the tenant instead." when exporting SC config

[jeremyhagan]

Details of the scenario you tried and the problem that is occurring

Use https://export.microsoft365dsc.com/ to generate the command to export from Security and Compliance Centre and Exchange
Select Cetrificate as the authentication method.
Run the command with an appropriate TenantId, AppId and Cert thumbprint.

Verbose logs showing the problem

VERBOSE: Dependencies were already successfully validated.
VERBOSE: ApplicationId, TenantId, CertificateThumbprint were specified. Connecting via Service Principal
Connecting to {ExchangeOnline}...VERBOSE: Returning precomputed version info: 3.1.0
VERBOSE: POST https://outlook.office365.com/adminapi/beta/bd13c3bf-aa4a-4fb4-a11c-fcf976c42a1d/InvokeCommand with -1-byte payload
VERBOSE: received 1306-byte response of content type application/json;charset=utf-8
✅
Connecting to {SecurityComplianceCenter}...VERBOSE: Returning precomputed version info: 3.1.0
VERBOSE: ModuleVersion: 3.1.0
VERBOSE: ConnectionContext Removed
❌
Organization cannot be a Guid, please enter the name of the tenant instead.

Suggested solution to the issue

The DSC configuration that is used to reproduce the issue (as detailed as possible)

# Getting application information for Application + Certificate authentication
$ApplicationId = "<GUID>"
$CertificateThumbprint = "<thumbprint>"
$TenantId = "<GUID>"

# Exporting resources using certificate
Export-M365DSCConfiguration -Components @("EXOAntiPhishPolicy", 
    "EXOAntiPhishRule", 
    "EXOAtpPolicyForO365", 
    "EXOHostedContentFilterPolicy", 
    "EXOHostedContentFilterRule", 
    "EXOHostedOutboundSpamFilterPolicy", 
    "EXOHostedOutboundSpamFilterRule", 
    "EXOMalwareFilterPolicy", 
    "EXOMalwareFilterRule", 
    "EXOSafeAttachmentPolicy", 
    "EXOSafeAttachmentRule", 
    "EXOSafeLinksPolicy", 
    "EXOSafeLinksRule", 
    "EXOTransportRule", 
    "SCAutoSensitivityLabelPolicy", 
    "SCAutoSensitivityLabelRule", 
    "SCDLPCompliancePolicy", 
    "SCDLPComplianceRule",
    "SCLabelPolicy", 
    "SCSensitivityLabel") -ApplicationId $ApplicationId -CertificateThumbprint $CertificateThumbprint -TenantId $TenantId

The operating system the target node is running

OsName : Microsoft Windows 10 Pro
OsOperatingSystemSKU : 48
OsArchitecture : 64-bit
WindowsVersion : 2009
WindowsBuildLabEx : 19041.1.amd64fre.vb_release.191206-1406
OsLanguage : en-US
OsMuiLanguages : {en-US}

Version of the DSC module that was used ('dev' if using current dev branch)

1.23.315.1

[ykuijs]

Please specify your tenant name (tenant.onmicrosoft.com) for $TenantId instead of your tenant GUID. That should work as expected.

[andikrueger]

@ykuijs Could we add a ValidateScript for the parameter:

[ValidateScript({
            try {
                [System.Guid]::Parse($_) | Out-Null
                $false
            } catch {
                $true
            }
        })]
[String]
$TenantId

[NikCharlebois]

Agreed that we should provide validation. PR is on its way.