DenBir
commented
4 years ago Any new updates? I've the same issue.
Open bganapa opened 5 years ago
DenBir
commented
4 years ago Any new updates? I've the same issue.
bganapa
commented
4 years ago @DenBir Are you hitting this issue against Azure or AzureStack environment? Could you please clarify?
DenBir
commented
4 years ago @bganapa on Azure Stack 2002 (disconnected with ADFS). Tested with actual PS modules how is described here https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-powershell-install?view=azs-2002.
If I try with New-AzureRmRoleAssignment -ObjectId 'S-1-5-21-1xxx-xxxxxx-xxx' -Scope "/subscriptions/$UserSubscription" -RoleDefinitionName 'Reader' -Verbose I get this error message: "The content of your request was not valid, and the original object could not be deserialized. Exception message: 'Required property 'principalId' not found in JSON."
If I try with New-AzureRmRoleAssignment -ApplicationId 'S-1-5-21-1xxx-xxxxxx-xxx' -Scope "/subscriptions/$UserSubscription" -RoleDefinitionName 'Reader' -Verbose I get this error message: "The provided information does not map to an AD object id."
I test also the new Az modules in preview but the role assignment isn't yet supportet.
bganapa
commented
4 years ago @DenBir Your -ApplicationId should be a GUID as in the workaround mentioned above
New-AzureRmRoleAssignment -ApplicationId "b3fa7ab4-f7db-46bd-ae05-417c2b02b359" -Scope /subscriptions/6eeed9ed-5300-45a7-94d4-93582306b369/resourceGroups/sfpsfclusterrg -RoleDefinitionName Contributor
DenBir
commented
4 years ago @bganapa Now i untersrand this. Do you mean the GUID from the AD object. Ok I try it.
Thanks
DenBir
commented
4 years ago @bganapa
I test this with this command: New-AzureRmRoleAssignment -ApplicationId "bee4057d-82f0-4bb5-8d0d-e384f45a20f4" -Scope "/subscriptions/426f6804-2fb6-4fa9-8b7f-d15b11e45ed6" -RoleDefinitionName 'Reader'
But I get the following error message: The provided information does not map to an AD object id.
The GUID is correct. With Get-AzureRmAdUser can I check the account.
Description
New-AzureRmRoleAssignment : The content of your request was not valid, and the original object could not be deserialized. Exception message: 'Required property 'principalId' not found in JSON. Path 'properties', line 4, position 3.' At D:\setup\run.ps1:32 char:1
The request body is not passing in the principalId as part of the request body. The call to get the Principal from the graph succeeeded
WorkAround
Please use the -ApplicationId parameter set instead of -ObjectId parameter set
New-AzureRmRoleAssignment -ApplicationId "b3fa7ab4-f7db-46bd-ae05-417c2b02b359" -Scope /subscriptions/6eeed9ed-5300-45a7-94d4-93582306b369/resourceGroups/sfpsfclusterrg -RoleDefinitionName Contributor
Steps to reproduce
Module versions
AzureRM.Resources - 6.4.3
Debug output
PS C:\bala> New-AzureRmRoleAssignment -ObjectId S-1-5-21-874830109-2305128820-3143704404-1417 -Scope /subscriptions/6eeed9ed-5300-45a7-94d4-93582306b369/resourceGroups/sfpsfclusterrg -RoleDefinitionName Contributor DEBUG: 10:44:52 AM - NewAzureRoleAssignmentCommand begin processing with ParameterSet 'EmptyParameterSet'. DEBUG: 10:44:52 AM - using account id 'CloudAdmin@azurestack.local'... DEBUG: [Common.Authentication]: Authenticating using Account: 'CloudAdmin@azurestack.local', environment: 'AzureStackAdmin', tenant: '96f367d5-d75a-489b-bbee-79c022aaadd2 ' DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: 1fd0c883-bd00-403b-9057-24cdd7f6310c - AcquireTokenHandlerBase: === Token Acquisition started: Authority: https://adfs.local.azurestack.external/adfs/96f367d5-d75a-489b-bbee-79c022aaadd2/ Resource: https://graph.local.azurestack.external/ ClientId: 1950a258-227b-4e31-a9cf-717495945fc2 CacheType: Microsoft.Azure.Commands.Common.Authentication.AuthenticationStoreTokenCache (2 items) Authentication Target: User
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: 1fd0c883-bd00-403b-9057-24cdd7f6310c - TokenCache: Looking up cache for a token...
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: 1fd0c883-bd00-403b-9057-24cdd7f6310c - TokenCache: An item matching the requested resource was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: 1fd0c883-bd00-403b-9057-24cdd7f6310c - TokenCache: 56.701369755 minutes left until token in cache expires
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: 1fd0c883-bd00-403b-9057-24cdd7f6310c - TokenCache: A matching item (access token or refresh token or both) was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: 1fd0c883-bd00-403b-9057-24cdd7f6310c - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned: Access Token Hash: /tvoCkgu+XabTgrX78qyvQsuP6bybnN6+sh1tNq2gGI= Refresh Token Hash: Agg6z5h9aEVfTRAnXRSZykSsU2KHo+7kYlJwvH2ArQo= Expiration Time: 05/31/2019 18:41:34 +00:00 User Hash: J/itp1Wx1+8PLAzhOQmhKadBeERifJh5cT04K7e8y9Y=
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: - TokenCache: Serializing token cache with 2 items.
DEBUG: [Common.Authentication]: Authenticating using Account: 'CloudAdmin@azurestack.local', environment: 'AzureStackAdmin', tenant: '96f367d5-d75a-489b-bbee-79c022aaadd2 ' DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: a54de392-e3cf-462f-baf1-23036f7cf8a5 - AcquireTokenHandlerBase: === Token Acquisition started: Authority: https://adfs.local.azurestack.external/adfs/96f367d5-d75a-489b-bbee-79c022aaadd2/ Resource: https://adminmanagement.adfs.azurestack.local/96f367d5-d75a-489b-bbee-79c022aaadd2 ClientId: 1950a258-227b-4e31-a9cf-717495945fc2 CacheType: Microsoft.Azure.Commands.Common.Authentication.AuthenticationStoreTokenCache (2 items) Authentication Target: User
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: a54de392-e3cf-462f-baf1-23036f7cf8a5 - TokenCache: Looking up cache for a token...
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: a54de392-e3cf-462f-baf1-23036f7cf8a5 - TokenCache: An item matching the requested resource was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: a54de392-e3cf-462f-baf1-23036f7cf8a5 - TokenCache: 56.6951197233333 minutes left until token in cache expires
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: a54de392-e3cf-462f-baf1-23036f7cf8a5 - TokenCache: A matching item (access token or refresh token or both) was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: a54de392-e3cf-462f-baf1-23036f7cf8a5 - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned: Access Token Hash: tePa07dKV6xB562ktrfAvW3C9pEF420AYpNRPW8Rkg0= Refresh Token Hash: Agg6z5h9aEVfTRAnXRSZykSsU2KHo+7kYlJwvH2ArQo= Expiration Time: 05/31/2019 18:41:34 +00:00 User Hash: J/itp1Wx1+8PLAzhOQmhKadBeERifJh5cT04K7e8y9Y=
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: - TokenCache: Serializing token cache with 2 items.
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: 0629b09b-0e6d-4197-991a-2c61ffaead25 - AcquireTokenHandlerBase: === Token Acquisition started: Authority: https://adfs.local.azurestack.external/adfs/96f367d5-d75a-489b-bbee-79c022aaadd2/ Resource: https://graph.local.azurestack.external/ ClientId: 1950a258-227b-4e31-a9cf-717495945fc2 CacheType: Microsoft.Azure.Commands.Common.Authentication.AuthenticationStoreTokenCache (2 items) Authentication Target: User
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: 0629b09b-0e6d-4197-991a-2c61ffaead25 - TokenCache: Looking up cache for a token...
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: 0629b09b-0e6d-4197-991a-2c61ffaead25 - TokenCache: An item matching the requested resource was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: 0629b09b-0e6d-4197-991a-2c61ffaead25 - TokenCache: 56.701369755 minutes left until token in cache expires
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: 0629b09b-0e6d-4197-991a-2c61ffaead25 - TokenCache: A matching item (access token or refresh token or both) was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: 0629b09b-0e6d-4197-991a-2c61ffaead25 - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned: Access Token Hash: /tvoCkgu+XabTgrX78qyvQsuP6bybnN6+sh1tNq2gGI= Refresh Token Hash: Agg6z5h9aEVfTRAnXRSZykSsU2KHo+7kYlJwvH2ArQo= Expiration Time: 05/31/2019 18:41:34 +00:00 User Hash: J/itp1Wx1+8PLAzhOQmhKadBeERifJh5cT04K7e8y9Y=
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: - TokenCache: Serializing token cache with 2 items.
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method: GET
Absolute Uri: https://graph.local.azurestack.external/96f367d5-d75a-489b-bbee-79c022aaadd2/users/S-1-5-21-874830109-2305128820-3143704404-1417?api-version=1.6
Headers: x-ms-client-request-id : 1a92cb98-b7e2-47a7-bcab-5d66e79b9c25 accept-language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code: NotFound
Headers: Pragma : no-cache request-id : b5d19e58-aacc-4bbd-9ee0-b30d6d6f81af OData-Version : 4.0 Cache-Control : no-cache Date : Fri, 31 May 2019 17:44:52 GMT Server : Microsoft-IIS/10.0 X-Powered-By : ASP.NET
Body: { "error": { "code": "ResourceNotFound", "message": "User 'S-1-5-21-874830109-2305128820-3143704404-1417' not found." } }
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: edd69c56-b2dc-4b90-948f-14183fa8b17a - AcquireTokenHandlerBase: === Token Acquisition started: Authority: https://adfs.local.azurestack.external/adfs/96f367d5-d75a-489b-bbee-79c022aaadd2/ Resource: https://graph.local.azurestack.external/ ClientId: 1950a258-227b-4e31-a9cf-717495945fc2 CacheType: Microsoft.Azure.Commands.Common.Authentication.AuthenticationStoreTokenCache (2 items) Authentication Target: User
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: edd69c56-b2dc-4b90-948f-14183fa8b17a - TokenCache: Looking up cache for a token...
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: edd69c56-b2dc-4b90-948f-14183fa8b17a - TokenCache: An item matching the requested resource was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: edd69c56-b2dc-4b90-948f-14183fa8b17a - TokenCache: 56.701369755 minutes left until token in cache expires
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: edd69c56-b2dc-4b90-948f-14183fa8b17a - TokenCache: A matching item (access token or refresh token or both) was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: edd69c56-b2dc-4b90-948f-14183fa8b17a - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned: Access Token Hash: /tvoCkgu+XabTgrX78qyvQsuP6bybnN6+sh1tNq2gGI= Refresh Token Hash: Agg6z5h9aEVfTRAnXRSZykSsU2KHo+7kYlJwvH2ArQo= Expiration Time: 05/31/2019 18:41:34 +00:00 User Hash: J/itp1Wx1+8PLAzhOQmhKadBeERifJh5cT04K7e8y9Y=
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: - TokenCache: Serializing token cache with 2 items.
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method: GET
Absolute Uri: https://graph.local.azurestack.external/96f367d5-d75a-489b-bbee-79c022aaadd2/servicePrincipals/S-1-5-21-874830109-2305128820-3143704404-1417?api-version=1.6
Headers: x-ms-client-request-id : 828fce85-fe79-47fc-b24f-5fa93b5bf0ff accept-language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code: OK
Headers: Pragma : no-cache request-id : c61e42d0-9434-4d84-b1e9-e81264a6fda9 OData-Version : 4.0 Cache-Control : no-cache Date : Fri, 31 May 2019 17:44:52 GMT Server : Microsoft-IIS/10.0 X-Powered-By : ASP.NET
Body: { "@odata.context": "https://graph.local.azurestack.external:1443/96f367d5-d75a-489b-bbee-79c022aaadd2/$metadata#servicePrincipals/$entity", "objectType": "ServicePrincipal", "objectId": "S-1-5-21-874830109-2305128820-3143704404-1417", "deletionTimestamp": null, "displayName": "AzureStack-FrpProviders-Client", "appDisplayName": "AzureStack-FrpProviders-Resource", "replyUrls": [ "https://frpproviders.adfs.azurestack.local/96f367d5-d75a-489b-bbee-79c022aaadd2" ], "accountEnabled": true, "appId": "b3fa7ab4-f7db-46bd-ae05-417c2b02b359", "keyCredentials": [ { "endDate": "2021-05-29T14:17:01Z", "keyId": "00000000-0000-0000-0000-000000000000", "startDate": "2019-05-30T14:17:01Z", "type": "AsymmetricX509Cert", "usage": "Verify", "value": null }, { "endDate": "2021-05-29T14:16:59Z", "keyId": "00000000-0000-0000-0000-000000000000", "startDate": "2019-05-30T14:16:59Z", "type": "AsymmetricX509Cert", "usage": "Verify", "value": null } ], "publisherName": null, "servicePrincipalNames": [ "b3fa7ab4-f7db-46bd-ae05-417c2b02b359" ] }
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: d344b186-312c-498e-88e9-70e6f29ed89d - AcquireTokenHandlerBase: === Token Acquisition started: Authority: https://adfs.local.azurestack.external/adfs/96f367d5-d75a-489b-bbee-79c022aaadd2/ Resource: https://adminmanagement.adfs.azurestack.local/96f367d5-d75a-489b-bbee-79c022aaadd2 ClientId: 1950a258-227b-4e31-a9cf-717495945fc2 CacheType: Microsoft.Azure.Commands.Common.Authentication.AuthenticationStoreTokenCache (2 items) Authentication Target: User
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: d344b186-312c-498e-88e9-70e6f29ed89d - TokenCache: Looking up cache for a token...
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: d344b186-312c-498e-88e9-70e6f29ed89d - TokenCache: An item matching the requested resource was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: d344b186-312c-498e-88e9-70e6f29ed89d - TokenCache: 56.6927759266667 minutes left until token in cache expires
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: d344b186-312c-498e-88e9-70e6f29ed89d - TokenCache: A matching item (access token or refresh token or both) was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: d344b186-312c-498e-88e9-70e6f29ed89d - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned: Access Token Hash: tePa07dKV6xB562ktrfAvW3C9pEF420AYpNRPW8Rkg0= Refresh Token Hash: Agg6z5h9aEVfTRAnXRSZykSsU2KHo+7kYlJwvH2ArQo= Expiration Time: 05/31/2019 18:41:34 +00:00 User Hash: J/itp1Wx1+8PLAzhOQmhKadBeERifJh5cT04K7e8y9Y=
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: - TokenCache: Serializing token cache with 2 items.
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method: GET
Absolute Uri: https://adminmanagement.local.azurestack.external//subscriptions/6eeed9ed-5300-45a7-94d4-93582306b369/resourceGroups/sfpsfclusterrg/providers/Microsoft.Authorization/role Definitions?$filter=roleName eq 'Contributor'&api-version=2015-07-01
Headers: x-ms-client-request-id : b8dc48c9-9226-40a3-a888-f79a86fb5813 accept-language : en-US
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code: OK
Headers: Pragma : no-cache x-ms-request-id : 1e7d2551-ba3e-4dc8-a54d-cc92ee0690d2 x-ms-gateway-ESMET : DLT=0;PAS=4;DPT=3;GPT=0;SPT=0 x-ms-gateway-ESDIM : Result=S;RT=RoleD:GetRo;R=pasfe;RI=onebox;SC=OK;SliceKind=Test;FE=;LPSS=0;MPS=Master;DLOT=GRDS,GRDS;UF=0;LEUT=0;Version=V2 x-ms-gateway-service-instanceid: onebox X-Content-Type-Options : nosniff Strict-Transport-Security : max-age=31536000; includeSubDomains x-ms-ratelimit-remaining-subscription-reads: 14995 x-ms-correlation-request-id : 072362ea-f5dc-44ad-aef0-815e55bee306 x-ms-routing-request-id : LOCAL:20190531T174452Z:072362ea-f5dc-44ad-aef0-815e55bee306 Cache-Control : no-cache Date : Fri, 31 May 2019 17:44:52 GMT Server : Microsoft-IIS/10.0
Body: { "value": [ { "properties": { "roleName": "Contributor", "type": "BuiltInRole", "description": "Lets you manage everything except access to resources.", "assignableScopes": [ "/" ], "permissions": [ { "actions": [ "" ], "notActions": [ "Microsoft.Authorization//Delete", "Microsoft.Authorization/*/Write", "Microsoft.Authorization/elevateAccess/Action" ] } ], "createdOn": "2019-05-30T14:40:16.7378057Z", "updatedOn": "2019-05-30T14:40:16.7378057Z", "createdBy": null, "updatedBy": null }, "id": "/subscriptions/6eeed9ed-5300-45a7-94d4-93582306b369/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c", "type": "Microsoft.Authorization/roleDefinitions", "name": "b24988ac-6180-42a0-ab88-20f7382dd24c" } ], "nextLink": null }
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: a481f516-1254-4e27-887b-8f6323e94dbe - AcquireTokenHandlerBase: === Token Acquisition started: Authority: https://adfs.local.azurestack.external/adfs/96f367d5-d75a-489b-bbee-79c022aaadd2/ Resource: https://adminmanagement.adfs.azurestack.local/96f367d5-d75a-489b-bbee-79c022aaadd2 ClientId: 1950a258-227b-4e31-a9cf-717495945fc2 CacheType: Microsoft.Azure.Commands.Common.Authentication.AuthenticationStoreTokenCache (2 items) Authentication Target: User
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: a481f516-1254-4e27-887b-8f6323e94dbe - TokenCache: Looking up cache for a token...
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: a481f516-1254-4e27-887b-8f6323e94dbe - TokenCache: An item matching the requested resource was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Verbose: 1 : DEBUG: 05/31/2019 17:44:52: a481f516-1254-4e27-887b-8f6323e94dbe - TokenCache: 56.691213355 minutes left until token in cache expires
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: a481f516-1254-4e27-887b-8f6323e94dbe - TokenCache: A matching item (access token or refresh token or both) was found in the cache
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: a481f516-1254-4e27-887b-8f6323e94dbe - AcquireTokenHandlerBase: === Token Acquisition finished successfully. An access token was retuned: Access Token Hash: tePa07dKV6xB562ktrfAvW3C9pEF420AYpNRPW8Rkg0= Refresh Token Hash: Agg6z5h9aEVfTRAnXRSZykSsU2KHo+7kYlJwvH2ArQo= Expiration Time: 05/31/2019 18:41:34 +00:00 User Hash: J/itp1Wx1+8PLAzhOQmhKadBeERifJh5cT04K7e8y9Y=
DEBUG: Microsoft.IdentityModel.Clients.ActiveDirectory Information: 2 : DEBUG: 05/31/2019 17:44:52: - TokenCache: Serializing token cache with 2 items.
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method: PUT
Absolute Uri: https://adminmanagement.local.azurestack.external//subscriptions/6eeed9ed-5300-45a7-94d4-93582306b369/resourceGroups/sfpsfclusterrg/providers/Microsoft.Authorization/role Assignments/fa7a751c-c3bc-4bfa-affa-0d3f32afa840?api-version=2015-07-01
Headers: x-ms-client-request-id : cb01dddc-0189-4c2f-afb5-538243be9cdd accept-language : en-US
Body: { "properties": { "roleDefinitionId": "/subscriptions/6eeed9ed-5300-45a7-94d4-93582306b369/resourceGroups/sfpsfclusterrg/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180 -42a0-ab88-20f7382dd24c" } }
DEBUG: ============================ HTTP RESPONSE ============================
Status Code: BadRequest
Headers: Pragma : no-cache x-ms-request-id : 1782b58d-b046-4968-b542-144454b6177c x-ms-gateway-ESMET : DLT=0;PAS=2;DPT=0;GPT=0;SPT=0 x-ms-gateway-ESDIM : Result=UE;RT=RoleA:PutRo;R=pasfe;RI=onebox;SC=BadRequest;SliceKind=Test;FE=;MPS=Master;DLOT=NONE;UF=0;LEUT=0;Version=V2 x-ms-gateway-service-instanceid: onebox X-Content-Type-Options : nosniff Strict-Transport-Security : max-age=31536000; includeSubDomains x-ms-ratelimit-remaining-subscription-writes: 1195 x-ms-correlation-request-id : 937bbce6-1aa7-437e-a3d0-ec1eb588b9d1 x-ms-routing-request-id : LOCAL:20190531T174452Z:937bbce6-1aa7-437e-a3d0-ec1eb588b9d1 Cache-Control : no-cache Date : Fri, 31 May 2019 17:44:52 GMT Server : Microsoft-IIS/10.0
Body: { "error": { "code": "InvalidRequestContent", "message": "The content of your request was not valid, and the original object could not be deserialized. Exception message: 'Required property 'principalId' not foun d in JSON. Path 'properties', line 4, position 3.'" } }
New-AzureRmRoleAssignment : The content of your request was not valid, and the original object could not be deserialized. Exception message: 'Required property 'principalId' not found in JSON. Path 'properties', line 4, position 3.' At line:1 char:1
DEBUG: 10:44:52 AM - NewAzureRoleAssignmentCommand end processing. DEBUG: 10:44:52 AM - NewAzureRoleAssignmentCommand end processing.