AADGroup: owners, members, memberOf, AssignedToRole not set for new group #3629
Comments
|
a fix will be provided soon |
fasteiner
added a commit
to fasteiner/Microsoft365DSC
that referenced
this issue
Aug 31, 2023
…roup microsoft#3629 Co-authored-by: Thomas Subotitsch (EXTERN) @tbone4711
fasteiner
added a commit
to fasteiner/Microsoft365DSC
that referenced
this issue
Aug 31, 2023
…roup microsoft#3629 Co-authored-by: Thomas Subotitsch (EXTERN) @tbone4711
fasteiner
added a commit
to fasteiner/Microsoft365DSC
that referenced
this issue
Aug 31, 2023
…roup microsoft#3629 fix spelling mistakes Co-authored-by: Thomas Subotitsch (EXTERN) @tbone4711
NikCharlebois
added a commit
that referenced
this issue
Aug 31, 2023
…ies-not-set #3629 Fix AADGroup properties not set on creation
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Details of the scenario you tried and the problem that is occurring
The owners for the new created group are calculated wrong, based on the results of the function Get-TargetResource
which returns owners of the group, which doesn't exist previously.
Key Value
CertificateThumbprint XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Description tes group
Ensure Absent
MailNickname 00000000-0000-0000-0000-000000000000
SecurityEnabled True
ApplicationId 39d78897-eb22-4ecd-b616-09a5a82d156b
DisplayName testdelme230823
TenantId company.onmicrosoft.com
MailEnabled False
Owners {"[email protected]", "[email protected]"}
Verbose True
The code which causes the problem.
The function returns the same values as sent to the function Get-TargetResource, which is incorrect. Because afterwards a delta is calculated for the properties owners, members, memberOf, AssignedToRole.
Verbose logs showing the problem
12:58:55 �[33;1mVERBOSE: Testing configuration of AzureAD Groups�[0m
12:58:55 �[33;1mVERBOSE: Getting configuration of AzureAD Group�[0m
12:58:55 �[33;1mVERBOSE: Id was NOT specified�[0m
12:58:55 �[33;1mVERBOSE: Group was null, returning null�[0m
12:58:55 �[33;1mVERBOSE: Target Values: ApplicationId=***
12:58:55 CertificateThumbprint=***
12:58:55 Description=tes group
12:58:55 DisplayName=testdelme230823
12:58:55 Ensure=Present
12:58:55 MailEnabled=False
12:58:55 MailNickname=00000000-0000-0000-0000-000000000000
12:58:55 Owners=([email protected], [email protected])
12:58:55 SecurityEnabled=True
12:58:55 TenantId=***
12:58:55 Verbose=True�[0m
12:58:56 �[33;1mVERBOSE: Test-TargetResource returned False�[0m
12:58:57 �[33;1mVERBOSE: Setting configuration of Azure AD Groups�[0m
12:58:57 �[33;1mVERBOSE: Getting configuration of AzureAD Group�[0m
12:58:57 �[33;1mVERBOSE: Id was NOT specified�[0m
12:58:57 �[33;1mVERBOSE: Group was null, returning null�[0m
12:59:01 �[33;1mVERBOSE: Getting all Service Plans�[0m
12:59:01 �[33;1mVERBOSE: Creating new group {testdelme230823}�[0m
12:59:01 �[33;1mVERBOSE: Creating Group with Values: Description=tes group
12:59:01 DisplayName=testdelme230823
12:59:01 MailEnabled=False
12:59:01 MailNickname=00000000-0000-0000-0000-000000000000
12:59:01 SecurityEnabled=True
12:59:01 Verbose=True�[0m
12:59:01 �[33;1mVERBOSE: Performing the operation "New-MgGroup_CreateExpanded" on target "Call remote 'POST /groups' operation".�[0m
12:59:01 �[33;1mVERBOSE: Created Group 90862163-b09f-4e57-a000-9b366802a8e0�[0m
Suggested solution to the issue
Get-TargetResource should return no owners for a new group
The DSC configuration that is used to reproduce the issue (as detailed as possible)
The operating system the target node is running
OsName : Microsoft Windows 11 Enterprise
OsOperatingSystemSKU : EnterpriseEdition
OsArchitecture : 64-bit
WindowsVersion : 2009
WindowsBuildLabEx : 22621.1.amd64fre.ni_release.220506-1250
OsLanguage : en-US
OsMuiLanguages : {en-US, de-DE}
Version of the DSC module that was used ('dev' if using current dev branch)
1.23.830.1
Co-authored-by: Fabian Franz Steiner @fasteiner
The text was updated successfully, but these errors were encountered: