We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi guys, I run a devops pipeline with this module configured like that:
Name: "" Action: "AdminAssign" DirectoryScopeId: "/administrativeUnits/" DependsOn: "[AADGroup]" Ensure: "Present" IsValidationOnly: False Principal: "" PrincipalType: "Group" RoleDefinition: "Privileged Authentication Administrator" ScheduleInfo: startDateTime: "2024-07-05T11:08:33Z" expiration: type: "noExpiration"
So the first run of the pipeline is ok and the role correctly assigned. From a "second run" of the pipeline we get this error:
##[error][RoleAssignmentExists] : The Role assignment already exists. + CategoryInfo : InvalidOperation: ({ Headers = , b...heduleRequest }:) [], CimException + FullyQualifiedErrorId : RoleAssignmentExists,Microsoft.Graph.Beta.PowerShell.Cmdlets.NewMgBetaRoleManagementDire ctoryRoleEligibilityScheduleRequest_CreateExpanded + PSComputerName : localhost VERBOSE: [fv-az524-586]: LCM: [ End Set ] [[AADRoleEligibilityScheduleRequest]::[EntraID]EntraID_Configuration] in 5.5520 seconds. ##[error]The PowerShell DSC resource
No problem with the DirectoryScopeId on "/" I think it is a bug.
Thank you in advance.
1.24.904.1
Azure Active Directory (Entra ID)
AADRoleEligibilityScheduleRequest: - Name: "<group-to-assingn-NameDescription>" Action: "AdminAssign" DirectoryScopeId: "/administrativeUnits/<AUId>" DependsOn: "[AADGroup]<group-to-assingn>" Ensure: "Present" IsValidationOnly: False Principal: "<group-to-assingn-Name>" PrincipalType: "Group" RoleDefinition: "Privileged Authentication Administrator" ScheduleInfo: startDateTime: "2024-07-05T11:08:33Z" expiration: type: "noExpiration"
##[error][RoleAssignmentExists] : The Role assignment already exists. + CategoryInfo : InvalidOperation: ({ Headers = , b...heduleRequest }:) [], CimException + FullyQualifiedErrorId : RoleAssignmentExists,Microsoft.Graph.Beta.PowerShell.Cmdlets.NewMgBetaRoleManagementDire ctoryRoleEligibilityScheduleRequest_CreateExpanded + PSComputerName : localhost VERBOSE: [fv-az524-586]: LCM: [ End Set ] [[AADRoleEligibilityScheduleRequest]<group-to-assingn-NameDescription>::[EntraID]EntraID_Configuration] in 5.5520 seconds. ##[error]The PowerShell DSC resource
git version 2.45.2.windows.1 Task PowerShell Version: 2.245.1
The text was updated successfully, but these errors were encountered:
I confirm, same problem on my side. I posted a comment on the similar post #3787
Sorry, something went wrong.
Successfully merging a pull request may close this issue.
Description of the issue
Hi guys,
I run a devops pipeline with this module configured like that:
Name: ""
Action: "AdminAssign"
DirectoryScopeId: "/administrativeUnits/"
DependsOn: "[AADGroup]"
Ensure: "Present"
IsValidationOnly: False
Principal: ""
PrincipalType: "Group"
RoleDefinition: "Privileged Authentication Administrator"
ScheduleInfo:
startDateTime: "2024-07-05T11:08:33Z"
expiration:
type: "noExpiration"
So the first run of the pipeline is ok and the role correctly assigned.
From a "second run" of the pipeline we get this error:
##[error][RoleAssignmentExists] : The Role assignment already exists.
+ CategoryInfo : InvalidOperation: ({ Headers = , b...heduleRequest }:) [], CimException
+ FullyQualifiedErrorId : RoleAssignmentExists,Microsoft.Graph.Beta.PowerShell.Cmdlets.NewMgBetaRoleManagementDire
ctoryRoleEligibilityScheduleRequest_CreateExpanded
+ PSComputerName : localhost
VERBOSE: [fv-az524-586]: LCM: [ End Set ]
[[AADRoleEligibilityScheduleRequest]::[EntraID]EntraID_Configuration] in
5.5520 seconds.
##[error]The PowerShell DSC resource
No problem with the DirectoryScopeId on "/"
I think it is a bug.
Thank you in advance.
Microsoft 365 DSC Version
1.24.904.1
Which workloads are affected
Azure Active Directory (Entra ID)
The DSC configuration
Verbose logs showing the problem
Environment Information + PowerShell Version
The text was updated successfully, but these errors were encountered: