Closed JABlueSC closed 1 year ago
Could you please run
Update-M365DSCModule
This will update the module and remove old dependencies.
After running update I now get this:
2023/01/27 01:45:04]
{InvalidOperation}
Microsoft.Graph.PowerShell.Runtime.RestException`1[Microsoft.Graph.PowerShell.Models.IMicrosoftGraphODataErrorsOdataError]: You cannot perform the requested operation, required scopes are missing in the token.
"Error during Export:"
at Get-MgIdentityConditionalAccessPolicy
What version of PowerShell are you using and where are your modules installed (what path)?
Name Value
PSVersion 5.1.19041.2364 PSEdition Desktop PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...} BuildVersion 10.0.19041.2364 CLRVersion 4.0.30319.42000 WSManStackVersion 3.0 PSRemotingProtocolVersion 2.3 SerializationVersion 1.1.0.1
PS C:\WINDOWS\system32> export-m365dscconfiguration -credential $creds -components "AADConditionalAccessPolicy" -path c:\temp\365dsc1 -verbose VERBOSE: No existing connections to Microsoft Graph Exporting Microsoft 365 configuration for Components: AADConditionalAccessPolicy
Authentication methods specified:
VERBOSE: Loading module from path 'C:\Program Files\WindowsPowerShell\Modules\Microsoft365DSC\1.23.125.1\DSCResources\MSFT_AADAdministrativeUnit\MSFT_AADAdministrati veUnit.psm1'. VERBOSE: Importing function 'Export-TargetResource'. VERBOSE: Importing function 'Get-TargetResource'. VERBOSE: Importing function 'Set-TargetResource'. VERBOSE: Importing function 'Test-TargetResource'. VERBOSE: Loading module from path 'C:\Program Files\WindowsPowerShell\Modules\Microsoft365DSC\1.23.125.1\DSCResources\MSFT_AADApplication\MSFT_AADApplication.psm1'. VERBOSE: Importing function 'Export-TargetResource'. VERBOSE: Importing function 'Get-TargetResource'. VERBOSE: Importing function 'Set-TargetResource'. VERBOSE: Importing function 'Test-TargetResource'. VERBOSE: Loading module from path 'C:\Program Files\WindowsPowerShell\Modules\Microsoft365DSC\1.23.125.1\DSCResources\MSFT_AADAuthorizationPolicy\MSFT_AADAuthorizati onPolicy.psm1'. VERBOSE: Importing function 'Export-TargetResource'. VERBOSE: Importing function 'Get-TargetResource'. VERBOSE: Importing function 'Set-TargetResource'. VERBOSE: Importing function 'Test-TargetResource'. VERBOSE: Loading module from path 'C:\Program Files\WindowsPowerShell\Modules\Microsoft365DSC\1.23.125.1\DSCResources\MSFT_AADConditionalAccessPolicy\MSFT_AADConditi onalAccessPolicy.psm1'. VERBOSE: Importing function 'Export-TargetResource'. VERBOSE: Importing function 'Get-TargetResource'. VERBOSE: Importing function 'Set-TargetResource'. VERBOSE: Importing function 'Test-TargetResource'.
Looks like you have a conflicting dependency somewhere. What I would do is run the following lines to see if you have any conflicting modules and ensure you only have 1 instance of each module. If you find you have multiple ones, I would manually remove them.
$manifest = Import-PowerShellDataFile "C:\program files\windowspowershell\modules\Microsoft365DSC\1.23.125.1\Dependencies\Manifest.psd1"
$dependencies = $manifest.Dependencies
foreach ($dependency in $dependencies)
{
Get-Module $dependency.ModuleName -ListAvailable
}
[2023/02/01 03:53:58]
{InvalidOperation}
Microsoft.Graph.PowerShell.Runtime.RestException`1[Microsoft.Graph.PowerShell.Models.IMicrosoftGraphODataErrorsOdataError]: You cannot perform the requested operation, required scopes are missing in the token.
"Error during Export:"
at Get-MgIdentityConditionalAccessPolicy
PS C:\WINDOWS\system32> $manifest = Import-PowerShellDataFile "C:\program files\windowspowershell\modules\Microsoft365DSC\1.23.201.1\Dependencies\Manifest.psd1" PS C:\WINDOWS\system32> $dependencies = $manifest.Dependencies PS C:\WINDOWS\system32> PS C:\WINDOWS\system32> foreach ($dependency in $dependencies)
{ Get-Module $dependency.ModuleName -ListAvailable }
Directory: C:\Program Files\WindowsPowerShell\Modules
ModuleType Version Name ExportedCommands
Manifest 1.3.0.6 DSCParser ConvertTo-DSCObject Script 3.1.0 ExchangeOnlineManagement {Get-ConnectionInformation, Get-EXOCasMailbox, Get-EXOMail... Script 1.21.0 Microsoft.Graph.Applications {Add-MgApplicationKey, Add-MgApplicationPassword, Add-MgSe... Script 1.21.0 Microsoft.Graph.Authentication {Connect-MgGraph, Disconnect-MgGraph, Get-MgContext, Get-M... Script 1.21.0 Microsoft.Graph.DeviceManagement {Get-MgDeviceManagement, Get-MgDeviceManagementAdvancedThr... Script 1.21.0 Microsoft.Graph.DeviceManagement... {Get-MgDeviceManagementApplePushNotificationCertificate, G... Script 1.21.0 Microsoft.Graph.DeviceManagement... {Get-MgDeviceManagementAndroidDeviceOwnerEnrollmentProfile... Script 1.21.0 Microsoft.Graph.Devices.Corporat... {Clear-MgDeviceAppMgtWindowInformationProtectionDeviceRegi... Script 1.21.0 Microsoft.Graph.Groups {Add-MgGroupDriveListContentTypeCopy, Add-MgGroupDriveList... Script 1.21.0 Microsoft.Graph.Identity.Directo... {Complete-MgDirectoryImpactedResource, Complete-MgDirector... Script 1.21.0 Microsoft.Graph.Identity.Governance {Add-MgAccessReviewDecision, Add-MgAccessReviewInstanceDec... Script 1.21.0 Microsoft.Graph.Identity.SignIns {Confirm-MgInformationProtectionSignature, Confirm-MgRisky... Script 1.21.0 Microsoft.Graph.Planner {Get-MgGroupPlanner, Get-MgGroupPlannerPlan, Get-MgGroupPl... Script 1.21.0 Microsoft.Graph.Teams {Add-MgChatMember, Add-MgTeamChannelMember, Add-MgTeamMemb... Script 1.21.0 Microsoft.Graph.Users {Get-MgUser, Get-MgUserCreatedObject, Get-MgUserDirectRepo... Script 1.21.0 Microsoft.Graph.Users.Actions {Add-MgUserChatMember, Add-MgUserDriveListContentTypeCopy,... Script 2.0.155 Microsoft.PowerApps.Administrati... {New-AdminPowerAppCdsDatabase, Get-AdminPowerAppCdsDatabas... Script 4.9.3 MicrosoftTeams {Add-TeamChannelUser, Add-TeamUser, Connect-MicrosoftTeams... Script 1.0.103 MSCloudLoginAssistant {Test-MSCloudLogin, Connect-M365Tenant, Invoke-MSCloudLogi... Manifest 1.12.0 PnP.PowerShell {Add-PnPAdaptiveScopeProperty, Add-PnPPropertyBagValue, Ad... Manifest 2.0.0.13 ReverseDSC {Get-DSCParamType, Get-DSCBlock, Get-DSCFakeParameters, Ge...
PS C:\WINDOWS\system32>
Are you still seeing this issue with the latest version of M365DSC? You can run Update-M365DSCModule to get the latest version.
No I still get following error:
[2023/02/15 02:38:36]
{InvalidOperation}
Microsoft.Graph.PowerShell.Runtime.RestException`1[Microsoft.Graph.PowerShell.Models.IMicrosoftGraphODataErrorsOdataError]: You cannot perform the requested operation, required scopes are missing in the token.
"Error during Export:"
at Get-MgIdentityConditionalAccessPolicy
Can you please share the output of running the following with us?
Get-Module "Microsoft.Graph.*" -ListAvailable
PS C:\WINDOWS\system32> Get-Module "Microsoft.Graph.*" -ListAvailable
Directory: C:\Program Files\WindowsPowerShell\Modules
ModuleType Version Name ExportedCommands
Script 1.21.0 Microsoft.Graph.Applications {Add-MgApplicationKey, Add-MgApplicationPassword, Add-MgServicePrincipalKey, Add-MgServicePrincipalPa...
Script 1.21.0 Microsoft.Graph.Authentication {Connect-MgGraph, Disconnect-MgGraph, Get-MgContext, Get-MgProfile...}
Script 1.21.0 Microsoft.Graph.DeviceManagement {Get-MgDeviceManagement, Get-MgDeviceManagementAdvancedThreatProtectionOnboardingStateSummary, Get-Mg...
Script 1.21.0 Microsoft.Graph.DeviceManagement... {Get-MgDeviceManagementApplePushNotificationCertificate, Get-MgDeviceManagementAuditEvent, Get-MgDevi...
Script 1.21.0 Microsoft.Graph.DeviceManagement... {Get-MgDeviceManagementAndroidDeviceOwnerEnrollmentProfile, Get-MgDeviceManagementAndroidForWorkEnrol...
Script 1.21.0 Microsoft.Graph.Devices.Corporat... {Clear-MgDeviceAppMgtWindowInformationProtectionDeviceRegistration, Get-MgDeviceAppMgt, Get-MgDeviceA...
Script 1.21.0 Microsoft.Graph.Groups {Add-MgGroupDriveListContentTypeCopy, Add-MgGroupDriveListContentTypeCopyFromContentTypeHub, Add-MgGr...
Script 1.21.0 Microsoft.Graph.Identity.Directo... {Complete-MgDirectoryImpactedResource, Complete-MgDirectoryRecommendation, Confirm-MgAdministrativeUn...
Script 1.21.0 Microsoft.Graph.Identity.Governance {Add-MgAccessReviewDecision, Add-MgAccessReviewInstanceDecision, Add-MgIdentityGovernanceAccessReview...
Script 1.21.0 Microsoft.Graph.Identity.SignIns {Confirm-MgInformationProtectionSignature, Confirm-MgRiskyServicePrincipalCompromised, Confirm-MgRisk...
Script 1.21.0 Microsoft.Graph.Planner {Get-MgGroupPlanner, Get-MgGroupPlannerPlan, Get-MgGroupPlannerPlanBucket, Get-MgGroupPlannerPlanDeta...
Script 1.21.0 Microsoft.Graph.Teams {Add-MgChatMember, Add-MgTeamChannelMember, Add-MgTeamMember, Add-MgTeamPrimaryChannelMember...}
Script 1.21.0 Microsoft.Graph.Users {Get-MgUser, Get-MgUserCreatedObject, Get-MgUserDirectReport, Get-MgUserExtension...}
Script 1.21.0 Microsoft.Graph.Users.Actions {Add-MgUserChatMember, Add-MgUserDriveListContentTypeCopy, Add-MgUserDriveListContentTypeCopyFromCont...
Something, somewhere is causing a conflict. At this stage, I would recommend manually removing all the dependencies specified in the manifest file and then running Update-M365DSCModule to start with a clean slate.
Recently I have seen a similar issue with dependencies not being properly available. Please run Get-Module and check if all modules are under c:\program file\windowspowershell\modules
Closing due to inactivity
Details of the scenario you tried and the problem that is occurring
Trying to export existing DSC config for AADCondtionalAccessPolicy and the export is empty. export-m365dscconfiguration -credential $creds -components "AADConditionalAccessPolicy" -path c:\temp366dsc
Verbose logs showing the problem
[2023/01/24 05:26:24] {NotSpecified} System.AggregateException: One or more errors occurred. ---> System.IO.FileNotFoundException: Could not load file or assembly 'Microsoft.Graph.Authentication.Core, Version=1.20.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified. at Microsoft.Graph.PowerShell.Module.d5.MoveNext()
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[TStateMachine](TStateMachine& stateMachine)
at Microsoft.Graph.PowerShell.Module.OnCmdletBeginProcessing(String id, CancellationToken cancellationToken, Funcd 4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Graph.PowerShell.Module.d35.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Graph.PowerShell.Cmdlets.GetMgIdentityConditionalAccessPolicy_List.d__78.MoveNext()
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task.ThrowIfExceptional(Boolean includeTaskCanceledExceptions)
at System.Threading.Tasks.Task.Wait(Int32 millisecondsTimeout, CancellationToken cancellationToken)
at Microsoft.Graph.PowerShell.Cmdlets.GetMgIdentityConditionalAccessPolicy_List.BeginProcessing()
at System.Management.Automation.Cmdlet.DoBeginProcessing()
at System.Management.Automation.CommandProcessorBase.DoBegin()
---> (Inner Exception #0) System.IO.FileNotFoundException: Could not load file or assembly 'Microsoft.Graph.Authentication.Core, Version=1.20.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system cannot find the file specified.
File name: 'Microsoft.Graph.Authentication.Core, Version=1.20.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35'
at Microsoft.Graph.PowerShell.Module.d 5.MoveNext()
at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[TStateMachine](TStateMachine& stateMachine)
at Microsoft.Graph.PowerShell.Module.OnCmdletBeginProcessing(String id, CancellationToken cancellationToken, Funcd4.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Graph.PowerShell.Module.d 35.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Microsoft.Graph.PowerShell.Cmdlets.GetMgIdentityConditionalAccessPolicy_List.d__78.MoveNext()
1 getEventData, Func
4 signal, InvocationInfo invocationInfo) at Microsoft.Graph.PowerShell.Module.1 getEventData, Func
4 signal, InvocationInfo invocationInfo) at Microsoft.Graph.PowerShell.Module.Suggested solution to the issue
NA
The DSC configuration that is used to reproduce the issue (as detailed as possible)