O365OrgCustomizationSetting - Problem with command #1599
Comments
NikCharlebois
added
Office 365 Admin
Pending Information
and removed
Exchange Online
Bug
|
We will need more information to troubleshoot. In what file are you seeing the IgnoreDehydratedFlag being used and on what line? We can't find any reference to that property anywhere in the latest versions. |
|
I retested this today. First, I ran the Export-M365DSC Cmdlet for the resource. Technically, that worked fine. Although the ps1 Export file did not contain any information about that res. (Node localhost was empty) Without modifying the MOF file from yesterday, I ran Start-DSCConfiguration -UseExisting again.
Since I cannot reproduce it today, I suggest we park this item or close it and then reopen it later in case the issue reoccurs. Thx! |
|
Thanks |
|
I tested the same again on vanilla tenants and I get the same error message. So the issue is reproduceable, unfortunately only one time on a new tenant since that setting cannot be set to its original state. I then waited 1h and started the same DSC configuration again. That time, the setting was applied correctly and the subsequent settings for EXO were also applied correctly. |
|
This is related to the fact that it takes some time for the isDehydrated property to get propagated to the tenant. One option would be to add a Sleep period after setting the property. This is something we are doing in other DSC modules (e.g., SharePointDSC when creating a new farm). @ykuijs thoughts? |
|
ok thanks. Yes, that would help. But this sleep command would be something that would need to be done in the code of that particular DSC res. Maybe you can check within MS how long it takes until the IsDehydrated settings becomes active to set the correct sleep time. |
|
From my experience, this setting can take up to 24 hours to replicate. Usually it's quicker. As long as we do not know the exact timings I wouldn't think about loops with sleeping threads. |
|
@T630Dev Is there any new information to share? |
Not really. From my experience, it took a few hours but I do not really have a solution how we will proceed. Either can find a technical solution with MS and can incorporate this in the DSC res or we need to implement a workaround so that after the tenant was provisioned, a ps cmdlet runs to set the IsDehydrated setting for this new tenant and then after one day, the DSC scripts start. |
|
I just had a look into the history of this resource. Back then, @NikCharlebois and I had a discussion about the delay (24 hours) for this setting to be replicated across Microsoft 365. (#136) From my experience with other settings within M365 I would recommend to go with a two phased approach (Like you suggested)
This resource is very "unique" and offers only the option to enable the customization settings. Having a sleep within this resource could cause further issues in pipelines or for users, that are not aware of this delay... We should add information to the verbose output and event log about this delay. |
|
For the moment the only thing we can do is warn the user that this setting can take up to 24 hours to apply. This will be included as part of release 1.22.720.1 |
Details of the scenario you tried and the problem that is occurring
Used the DSC Res O365OrgCustomizationSetting and the applied it to the target tenant.
Error is:
:The role assignment policy"Default Role Assignment Policy" wasn't found. Make sure that you typed the identity correctly.
When I execute manually a PS command against the tenant, the policy is there:
The given error message contains the below code:
Get-RoleAssignmentPolicy -DomainController $RoleDomainController -Organization $RoleOrganizationHierarchicalPath -IgnoreDehydratedFlag | Where {$_.Name -eq $raPolicyName};
However, the IgnoreDehydratedFlag seems to not exist any longer:
Verbose logs showing the problem
FailureCategory=Cmdlet-ScriptExecutionException] 1A838805,Microsoft.Exchange.Management.Deployment.EnableOrganizationCustomizationTask. Fehlermeldung: The following error was generated when
if (!$AdvancedHydrateableObjectsSharedEnabled)
{
$unifiedRAP = ($NewServicePlanSettings -eq $null -and -not $ServicePlanSettings.Organization.PerMBXPlanRoleAssignmentPolicyEnabled) -or ($NewServicePlanSettings -ne $null -and -not $NewServicePlanSettings.Organization.PerMBXPlanRoleAssignmentPolicyEnabled);
$raPolicyName = [Microsoft.Exchange.Data.Directory.SystemConfiguration.RoleAssignmentPolicy]::DefaultRoleAssignmentPolicyName;
$policyDescription = [Microsoft.Exchange.Data.Directory.SystemConfiguration.RoleAssignmentPolicy]::PrecannedRoleAssignmentPolicyDescription;
$raPolicy = $null;
Write-ExchangeSetupLog -info ("PerMBXPlanRoleAssignmentPolicyEnabled Task; unifiedRAP=" + $unifiedRAP);
if($unifiedRAP)
{
#Trying to find local RAP object with default name
$raPolicy = Get-RoleAssignmentPolicy -DomainController $RoleDomainController -Organization $RoleOrganizationHierarchicalPath -IgnoreDehydratedFlag | Where {$_.Name -eq $raPolicyName};
Write-ExchangeSetupLog -info ("PerMBXPlanRoleAssignmentPolicyEnabled Task; raPolicyFound=" + ($raPolicy -ne $null));
}
at System.Management.Automation.Runspaces.AsyncResult.EndInvoke()
at System.Management.Automation.PowerShell.EndInvoke(IAsyncResult asyncResult)
at Microsoft.Exchange.Configuration.MonadDataProvider.MonadPipelineProxy.ClosePipeline(MonadAsyncResult asyncResult)"..
Suggested solution to the issue
na
The DSC configuration that is used to reproduce the issue (as detailed as possible)
The text was updated successfully, but these errors were encountered: