You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
However, Groups supports assignment of Service Principals as members.
Additionally, New-MgGroup supports the assignment of service principals to groups.
Microsoft 365 DSC Version
v1.24.731.1
Which workloads are affected
Azure Active Directory (Entra ID)
The DSC configuration
AADGroup 'SECURITY GROUP FOR CUSTOM ROLE' {
DependsOn =@(
'[AADApplication]AADApplication-Microsoft365DSC''[AADServicePrincipal]Enterprise APP Service Principal'
)
DisplayName ='SECURITY GROUP FOR CUSTOM ROLE'###
MailNickname ='SECURITY GROUP FOR CUSTOM ROLE'#
Description ='SECURITY GROUP for assignment of custom role to service principal'# Id = ''
Owners =@()
Members =@(
'Entperise APP Service Principal'
)
# MemberOf = @()# GroupTypes = @()# MembershipRule = ''# MembershipRuleProcessingState = ''
SecurityEnabled =$true
MailEnabled =$false
IsAssignableToRole =$true
AssignedToRole =@(
'A CUSTOM ROLE'
)
Visibility ='Private'# AssignedLicenses =
Ensure ='Present'
ApplicationId =$ApplicationId
TenantId =$TenantId
CertificateThumbprint =$Thumbprint
}
Verbose logs showing the problem
N/A - not currently supported
Environment Information + PowerShell Version
OsName : Microsoft Windows Server 2022 Datacenter
OsOperatingSystemSKU : DatacenterServerEdition
OsArchitecture : 64-bit
WindowsVersion : 2009
WindowsBuildLabEx : 20348.1.amd64fre.fe_release.210507-1500
OsLanguage : en-US
OsMuiLanguages : {en-US}
Name Value
---------
PSVersion 5.1.20348.2582
PSEdition Desktop
PSCompatibleVersions {1.0,2.0,3.0,4.0...}
BuildVersion 10.0.20348.2582
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
The text was updated successfully, but these errors were encountered:
pangjaa
changed the title
AADGroup - ENHANCEMENT - Enterprise App Service Principal Assignment to Gorup
AADGroup - ENHANCEMENT - Enterprise App Service Principal Assignment to Group
Aug 20, 2024
Description of the issue
It is not currently possible to assign service principals to a group using
AADGroup
.This is because MSFT_AADGroup.psm1 only supports retrieving users.
However, Groups supports assignment of Service Principals as members.
Additionally, New-MgGroup supports the assignment of service principals to groups.
Microsoft 365 DSC Version
v1.24.731.1
Which workloads are affected
Azure Active Directory (Entra ID)
The DSC configuration
Verbose logs showing the problem
Environment Information + PowerShell Version
The text was updated successfully, but these errors were encountered: