search

AzureAD / azure-activedirectory-powershell

This is a repo for Azure AD PowerShell scrips and samples
30 stars 27 forks source link

Set-MsolPasswordPolicy : Access Denied. You do not have permissions to call this cmdlet. #33

Closed kgundraju closed 1 year ago

kgundraju commented 1 year ago

Hi Team,

We are suddenly observing that Set-MsolPasswordPolicy and Set-MsolCompanySettings are giving Access Denied. You do not have permissions to call this cmdlet.

The user account is having global administrator privileges, and earlier it was working fine suddenly we are observing it today.

Code:

Install-Module -Name MSOnline Import-module MSOnline $passwd = ConvertTo-SecureString 'XXXX' -AsPlainText -Force $pscredential = New-Object System.Management.Automation.PSCredential('XXXXX', $passwd)

Connect-MSOlService -Credential $pscredential

Set-MsolPasswordPolicy -ValidityPeriod 60 -NotificationDays 14 -DomainName "XXXXX" -TenantId 'XXXX'

FYI Set-MsolDeviceRegistrationServicePolicy -MaximumDevicesPerUser 1 but it is working as expected.

kgundraju commented 1 year ago

Post checking the log file in C:\Users\\AppData\Local\Microsoft\Office365\Powershell path we observed that someone blocked to use MSOL power shell on our tenant, post allowing, it is working as expected. $body = (@{"blockMsolPowerShell"="false"} | ConvertTo-Json)