merill / m365-gender-pronoun-kit

Helper scripts and guidance to add a Pronoun field (She/Her, They/Them, He/Him) to your Microsoft 365 tenant and display it in the Microsoft 365 profile card shown in Outlook, SharePoint, Delve...

MIT License

35 stars 1 forks source link

HTTP/1.1 400 Bad Request when running Set-ProfileCardPronoun.ps1 #8

Open artur-gawrych opened 2 years ago

artur-gawrych commented 2 years ago

Hello,

I've cloned the repo and when trying to run

.\Set-ProfileCardPronoun.ps1 -PronounAttribute extensionAttribute7

I'm getting this error message:

`Invoke-MgGraphRequest : PATCH https://graph.microsoft.com/beta/organization/626943f2-f827-4ac9-a162-0c28f72d8252/settings/profileCardProperties HTTP/1.1 400 Bad Request Transfer-Encoding: chunked Vary: Accept-Encoding Strict-Transport-Security: max-age=31536000 request-id: client-request-id: x-ms-ags-diagnostic: {"ServerInfo":{"DataCenter":"West Europe","Slice":"E","Ring":"5","ScaleUnit":"001","RoleInstance":"AM4PEPF0001511C"}} Date: Thu, 30 Jun 2022 15:04:52 GMT At C:\Users\user\OneDrive\Documents\GIT\m365-gender-pronoun-kit\src\Set-ProfileCardPronoun.ps1:46 char:11

$result = Invoke-MgGraphRequest -Uri $uri -Method PATCH -Body $bodyJs ...


+ CategoryInfo          : InvalidOperation: (Method: PATCH, ...-Length: 210
}:HttpRequestMessage) [Invoke-MgGraphRequest], HttpResponseException
+ FullyQualifiedErrorId : InvokeGraphHttpResponseException,Microsoft.Graph.PowerShell.Authentication.Cmdlets.InvokeMgGraphRequest`

Any ideas?

merill commented 2 years ago

Can you change line 46 to include a -Debug and try running again? That should hopefully provide some additional info on why it is failing.

$result = Invoke-MgGraphRequest -Uri $uri -Method PATCH -Body $bodyJson -Debug

artur-gawrych commented 2 years ago

I was able to get it working by changing the code on line 46 to:

$result = Invoke-MgGraphRequest -Uri $uri -Method POST -Body $bodyJson

I've change PATCH to POST.

Now, I'm having some difficulties with the Invoke-PronounSync. I'm getting this error when trying to run it.

At line:1 char:1
+ Get-PnPUserProfileProperty -Account artur@xxx.onmicrosoft.com
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : WriteError: (:) [Get-PnPUserProfileProperty], ServerUnauthorizedAccessException
    + FullyQualifiedErrorId : EXCEPTION,PnP.PowerShell.Commands.UserProfiles.GetUserProfileProperty

I've checked the API permissions and all looks good there.

merill commented 2 years ago

When you used PnPConnect did you connect with the url to SharePoint admin?

E.g.

$AdminCenterURL = "https://crescent-admin.sharepoint.com"

Connect to Tenant Admin

Connect-PnPOnline -URL $AdminCenterURL

artur-gawrych commented 2 years ago

I've run the Invoke-PronounSync.ps1 script.

.\Invoke-PronounSync.ps1 -Tenant xxx.onmicrosoft.com -Url 'https://xxx-admin.sharepoint.com' -ClientId <APPID> -Certificate '.\User Pronoun Sync App.pfx'

When trying to connect using your suggested method I got this error:

Connect-PnPOnline : AADSTS65001: The user or administrator has not consented to use the application with ID
'31359c7f-bd7e-475c-86db-fdb8c937548e' named 'PnP Management Shell'. Send an interactive authorization request for
this user and resource.

I've connected using the below command and accepted the consent to use the PnP Management Shell

Connect-PnPOnline -Url $adminurl -PnPManagementShell

While I was able to connect using Connect-PnPOnline -Url $adminurl, I am still getting the same error while running the script.