search

AzureAD / MSIdentityTools

Repository for the Microsoft Identity Tools PowerShell module which provides various tools for performing enhanced Identity administration activities.
https://aka.ms/msid
MIT License
229 stars 39 forks source link

Unable to execute Find-MsIdUnprotectedUsersWithAdminRoles #43

Closed albert-widjaja closed 3 months ago

albert-widjaja commented 9 months ago

Hi Microsoft Identity Team,

The Find-MsIdUnprotectedUsersWithAdminRoles cmdlet is not working, even after connecting to the MgGraph successfully:

PS C:\WINDOWS\system32> Connect-MgGraph
Welcome to Microsoft Graph!

Connected via delegated access using 14d82eec-204b-4c2f-b7e8-296a70dab67e
Readme: https://aka.ms/graph/sdk/powershell
SDK Docs: https://aka.ms/graph/sdk/powershell/docs
API Docs: https://aka.ms/graph/docs

NOTE: You can use the -NoWelcome parameter to suppress this message.

PS C:\WINDOWS\system32> Find-MsIdUnprotectedUsersWithAdminRoles -IncludeSignIns -Verbose #| Export-Csv -Path C:\Insecure.csv -NoTypeInformation
Find-MgGraphCommand : 'Get-MgUser' is not a valid Microsoft Graph PowerShell command. Please check the name and try again.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2165 char:35
+ ... gCommands = Find-MgGraphCommand -Command $CommandName -ApiVersion $Ap ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Find-MgGraphCommand

Cannot index into a null array.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2167 char:13
+             $MgCommand = $MgCommands[0]
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray

The property 'Count' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2168 char:17
+             if ($MgCommands.Count -gt 1) {
+                 ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

The property 'Command' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2184 char:13
+             $MgCommandLookup[$MgCommand.Command] = $MgCommand
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

Find-MgGraphCommand : 'Get-MgUserAuthenticationMethod' is not a valid Microsoft Graph PowerShell command. Please check the name and try again.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2165 char:35
+ ... gCommands = Find-MgGraphCommand -Command $CommandName -ApiVersion $Ap ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Find-MgGraphCommand

Cannot index into a null array.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2167 char:13
+             $MgCommand = $MgCommands[0]
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray

The property 'Count' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2168 char:17
+             if ($MgCommands.Count -gt 1) {
+                 ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

The property 'Command' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2184 char:13
+             $MgCommandLookup[$MgCommand.Command] = $MgCommand
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

Find-MgGraphCommand : 'Get-MgGroupMember' is not a valid Microsoft Graph PowerShell command. Please check the name and try again.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2165 char:35
+ ... gCommands = Find-MgGraphCommand -Command $CommandName -ApiVersion $Ap ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Find-MgGraphCommand

Cannot index into a null array.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2167 char:13
+             $MgCommand = $MgCommands[0]
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray

The property 'Count' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2168 char:17
+             if ($MgCommands.Count -gt 1) {
+                 ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

The property 'Command' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2184 char:13
+             $MgCommandLookup[$MgCommand.Command] = $MgCommand
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

Find-MgGraphCommand : 'Get-MgRoleManagementDirectoryRoleDefinition' is not a valid Microsoft Graph PowerShell command. Please check the name and try again.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2165 char:35
+ ... gCommands = Find-MgGraphCommand -Command $CommandName -ApiVersion $Ap ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Find-MgGraphCommand

Cannot index into a null array.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2167 char:13
+             $MgCommand = $MgCommands[0]
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray

The property 'Count' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2168 char:17
+             if ($MgCommands.Count -gt 1) {
+                 ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

The property 'Command' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2184 char:13
+             $MgCommandLookup[$MgCommand.Command] = $MgCommand
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

Find-MgGraphCommand : 'Get-MgRoleManagementDirectoryRoleAssignmentSchedule' is not a valid Microsoft Graph PowerShell command. Please check the name and try again.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2165 char:35
+ ... gCommands = Find-MgGraphCommand -Command $CommandName -ApiVersion $Ap ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Find-MgGraphCommand

Cannot index into a null array.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2167 char:13
+             $MgCommand = $MgCommands[0]
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray

The property 'Count' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2168 char:17
+             if ($MgCommands.Count -gt 1) {
+                 ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

The property 'Command' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2184 char:13
+             $MgCommandLookup[$MgCommand.Command] = $MgCommand
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

Find-MgGraphCommand : 'Get-MgRoleManagementDirectoryRoleEligibilitySchedule' is not a valid Microsoft Graph PowerShell command. Please check the name and try again.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2165 char:35
+ ... gCommands = Find-MgGraphCommand -Command $CommandName -ApiVersion $Ap ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Find-MgGraphCommand

Cannot index into a null array.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2167 char:13
+             $MgCommand = $MgCommands[0]
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray

The property 'Count' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2168 char:17
+             if ($MgCommands.Count -gt 1) {
+                 ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

The property 'Command' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2184 char:13
+             $MgCommandLookup[$MgCommand.Command] = $MgCommand
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

Find-MgGraphCommand : 'Get-MgAuditLogSignIn' is not a valid Microsoft Graph PowerShell command. Please check the name and try again.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2165 char:35
+ ... gCommands = Find-MgGraphCommand -Command $CommandName -ApiVersion $Ap ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Find-MgGraphCommand

Cannot index into a null array.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2167 char:13
+             $MgCommand = $MgCommands[0]
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray

The property 'Count' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2168 char:17
+             if ($MgCommands.Count -gt 1) {
+                 ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

The property 'Command' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.52\MSIdentityTools.psm1:2184 char:13
+             $MgCommandLookup[$MgCommand.Command] = $MgCommand
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

VERBOSE: Required Microsoft Graph Modules:

Thank you in advance.

merill commented 3 months ago

Can you install the Graph module, then restart the shell to test?

Install-Module Microsoft.Graph