PrzemyslawKlys
commented
1 month ago Try using PS 7, it should provide better error reporting. Also do you have proper rights to upload files? As ReadWrite Emails? Send is not enough.
Open scriptkiddy666 opened 1 month ago
PrzemyslawKlys
commented
1 month ago Try using PS 7, it should provide better error reporting. Also do you have proper rights to upload files? As ReadWrite Emails? Send is not enough.
scriptkiddy666
commented
1 month ago Same with PS7 (do I have to "reinstall" the module for PS7?):
Yes, both, my managed identity and the app registration have Mail.Send and Mail.ReadWrite. (That should be fine, because it worked with the client secret for the same app registration.)
PrzemyslawKlys
commented
1 month ago You don't have to reinstall module.
Just to clarify:
PrzemyslawKlys
commented
1 month ago And I assume in all cases the mailbox does exists? The one you're sending it with?
scriptkiddy666
commented
1 month ago You don't have to reinstall module.
Just to clarify:
Does it work for 4MB plus with Connect-MgGraph and MgGraphRequest with ClientSecret? Yes. I just tried it again (also without executing Connect-MgGraph before) by just adding the -Credential parameter with the ClientSecret. Works like a charm. (The parameter -MgGraphRequeset was not added.)
It doesn't work with Connect-MgGraph and MgGraphRequest with Certificate? Yes. I used Connect-MgGraph with my certificate before executing Send-EmailMessage. (-Credential parameter of Send-EmailMessage removed and -MgGraphRequest added instead.)
And I assume in all cases the mailbox does exists? The one you're sending it with?
Correct. (It's the always the same mailbox and I also tried it with a different one, but the error is the same.)
scriptkiddy666
commented
1 month ago I'm now using the following workaround without the need for a client secret:
$null = Connect-AzAccount -Identity
[System.Object]$AccessToken = (Get-AzAccessToken -ResourceTypeName 'MSGraph' -AsSecureString -WarningAction 'SilentlyContinue').Token
[System.Object]$Credentials = ConvertTo-GraphCredential -MsalToken ([System.Net.NetworkCredential]::new('', $AccessToken).Password)
[System.String[]]$Attachments = @(XXX)
Send-EmailMessage -From 'XXX' -To 'XXX' -HTML "XXX" -Subject 'XXX' -Graph -ReplyTo "XXX" -Credential $Credentials -Attachment $Attachments -DoNotSaveToSentItems
Hi, maybe it's a bug, but I'm unable to send attachments which are bigger than 3 MB via a managed identity or a normal app registration with certificate based authentication. After creating a client secret for the same app registration it worked. (But I don't want to use a client secret.) Is it possible, that the function which handles the upload somehow doesn't use the already existing session? Because the upload doesn't work, but the email is send without problems (and without an attachment of course).
I used the following commands: Connect-MgGraph -Identity or Connect-MgGraph -ClientId $ClientId -TenantId $TenantId -CertificateThumbprint $Thumbprint
Send-EmailMessage -From 'XXX' -To 'XXX' -HTML "XXX" -Subject 'XXX' -Graph -ReplyTo "XXX" -MgGraphRequest -Attachment "C:\temp\XXX.pdf" -Verbose
(By using the parameter -Credential and the function ConvertTo-GraphCredential for generating the credential object and removing the parameter -MgGraphRequest it worked.)
Thanks, Markus