You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am using the method of backing up all resources using App Certificate.
I am having issues with EXO* and O365*, as it relates to Exchange Roles.
All .Read. Application Graph Permissions as well as Exchange.ManageAsApp have been tested/granted and working without issue. This issue comes into play whereas there are no direct Graph perms for Exchange and as I understand Roles need to be added to the App.
Is "Exchange Administrator" the only Role that can be granted for this to work, even if I am only gathering resources, and not deploying? (read, not readwrite).
Where within the Official M365DSC is this specific documentation located? I see many issue tickets that contain generic articles how how to add Azure Roles to an App, however, I am looking specifically how M365DSC interacts with AzureAD Role permissions, and why permissions are required to be set a certain way. (for example, I see mentioned to add "Exchange Administrator", but I do not see specific detail on why it operates this way, or how adding other types of roles allows the use to read within the resources).
I am hoping this ticket helps define the specifics and added to documentation for easier access for other users.
The role assigned to application a-a-a-a-a isn't supported in this scenario. Please check online documentation for assigning correct Directory Roles to Azure AD
Application for EXO App-Only Authentication.
At C:\Program Files\WindowsPowerShell\Modules\ExchangeOnlineManagement\3.4.0\netFramework\ExchangeOnlineManagement.psm1:766 char:21
+ throw $_.Exception;
+ ~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [], SystemException
+ FullyQualifiedErrorId : The role assigned to application a-a-a-a-a isn't supported in this scenario. Please check online documentation for assigning correct Di
rectory Roles to Azure AD Application for EXO App-Only Authentication.
The text was updated successfully, but these errors were encountered:
@andikrueger also having issues with the O365 workload. What I don't understand is: when running Export-M365DSCConfiguration on the O365 workload with f.e. only component 'O365Group' it faults with: 'Connecting to {ExchangeOnline}...?'
Hello,
I am using the method of backing up all resources using App Certificate.
I am having issues with EXO* and O365*, as it relates to Exchange Roles.
All .Read. Application Graph Permissions as well as Exchange.ManageAsApp have been tested/granted and working without issue. This issue comes into play whereas there are no direct Graph perms for Exchange and as I understand Roles need to be added to the App.
Thanks.
Current error:
Connecting to {ExchangeOnline}...❌
The text was updated successfully, but these errors were encountered: