search

microsoftgraph / msgraph-sdk-powershell

Powershell SDK for Microsoft Graph
https://www.powershellgallery.com/packages/Microsoft.Graph
Other
675 stars 156 forks source link

Microsoft.Graph.Files not working in Automation Account #2756

Open lucafrancescato opened 1 month ago

lucafrancescato commented 1 month ago

Describe the bug

I am trying to use the module Microsoft.Graph.Files from an Automation Account PowerShell 7.2 script, but I get the following error when printing the error out:

The term 'Get-MgUserDrive' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

Plus other errors that get printed, all of them are as follows:

OperationStopped: 
Line |
   3 |  … s' -Recurse -Include '*.ps1' -File | ForEach-Object { . $_.FullName }
     |                                                          ~~~~~~~~~~~~~
     | Exception of type 'System.OutOfMemoryException' was thrown.

I also tried with Get-MgDrive and I get the same error.

Expected behavior

The expected behavior is that the cmdlet works fine, returning the expected result, since I did install the required modules for the required runtime version, i.e. Microsoft.Graph.Authentication 2.19.0 and Microsoft.Graph.Files 2.19.0 for PowerShell 7.2.

How to reproduce

In an Automation Account:

  1. install module Microsoft.Graph.Authentication version 2.19.0 for PowerShell 7.2
  2. install module Microsoft.Graph.Files version 2.19.0 for PowerShell 7.2
  3. create a runbook for PowerShell 7.2
  4. execute Get-MgUserDrive in the runbook

SDK Version

2.19.0

Latest version known to work for scenario above?

No response

Known Workarounds

No response

Debug output

Click to expand log ``` ```

Configuration

Found in Automation Account

Other information

Found using PowerShell 7.2

petrhollayms commented 1 month ago

Hi @lucafrancescato ,

Thanks for reporting the issue! A few clarifying questions:

How did you install the module in Azure Automation, as described for example here? https://practical365.com/microsoft-graph-sdk-powershell-azure-automation/

Does the issue affect only the Get-MgUserDrive cmdlet or any other one as well?

Is the issue specific to Azure Automation runbooks, meaning you can install the cmdlet and use it locally without problems?

lucafrancescato commented 1 month ago

Hi @petrhollayms,

I confirm I installed the modules as described in the provided link, i.e. leveraging the "Add a module" button from the interface provided in the Azure portal.

I also tried using Get-MgDrive -DriveId $driveId and Get-MgShareItem -SharedDriveItemId $itemId, and I got the same error, as if the module wasn't there.

If I try in a local environment using a user account with Files.Read.All permissions, I have no issues in running the Get-MgUserDrive cmdlet:

petrhollayms commented 1 month ago

Hi @lucafrancescato ,

This looks like a memory limitation of the Automation environment, could you please try to increase the memory limit? See also https://github.com/MicrosoftDocs/azure-docs/blob/main/includes/azure-automation-service-limits.md

I am assuming you've assigned permissions to your Automation Acccount, can you please confirm?

Also, could you please attach the output when running the cmdlet with the -Debug parameter? See https://learn.microsoft.com/en-us/powershell/microsoftgraph/troubleshooting?view=graph-powershell-1.0#using--debug

lucafrancescato commented 1 month ago

Hi @petrhollayms, thanks for your help.

Permissions are correctly set, as I can see from the output of Disconnect-MgGraph:

...
Scopes: {Files.Read.All}
...

Regarding the memory limitation, I am not sure since there is nothing running in the Automation Account besides the code I tried to run with the Microsoft.Graph.Files module. Even if it was the case, I would not expect an error saying it cannot find the cmdlet.

With -Debug, I did not see anything new in the output. The full script I'm trying to run is:

try {
    Connect-MgGraph -Identity
    Get-MgUserDrive -UserId "some-user-id" -Debug
} catch {
    Write-Output $Error
} finally {
    Disconnect-MgGraph
}

The output is (omitting Connect-MgGraph -Identity and Disconnect-MgGraph outputs):

Get-MgUserDrive: 
Line |
   3 |      Get-MgUserDrive -UserId "some-user-id" -Debug
     |      ~~~~~~~~~~~~~~~
     | The term 'Get-MgUserDrive' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

OperationStopped: 
Line |
   3 |  … s' -Recurse -Include '*.ps1' -File | ForEach-Object { . $_.FullName }
     |                                                          ~~~~~~~~~~~~~
     | Exception of type 'System.OutOfMemoryException' was thrown.

OperationStopped: 
Line |
   3 |  … s' -Recurse -Include '*.ps1' -File | ForEach-Object { . $_.FullName }
     |                                                          ~~~~~~~~~~~~~
     | Exception of type 'System.OutOfMemoryException' was thrown.

OperationStopped: Exception of type 'System.OutOfMemoryException' was thrown.

OperationStopped: 
Line |
   3 |  … s' -Recurse -Include '*.ps1' -File | ForEach-Object { . $_.FullName }
     |                                                          ~~~~~~~~~~~~~
     | Exception of type 'System.OutOfMemoryException' was thrown.

OperationStopped: 
Line |
   3 |  … s' -Recurse -Include '*.ps1' -File | ForEach-Object { . $_.FullName }
     |                                                          ~~~~~~~~~~~~~
     | Exception of type 'System.OutOfMemoryException' was thrown.

I might try directly with Invoke-MgGraphRequest and see what happens. What do you think?

lucafrancescato commented 1 month ago

Hi @petrhollayms,

a quick update: I tried using Invoke-MgGraphRequest and it worked! I guess there's something wrong with the imported module Microsoft.Graph.Files.

Code:

try {
    Connect-MgGraph -Identity
    $userId = "some-user-id"
    $uri = "/v1.0/users/$userId/drives"
    $method = "GET"
    $res = Invoke-MgGraphRequest -Uri $uri -method $method
    Write-Output $res
} catch {
    Write-Output $Error
} finally {
    Disconnect-MgGraph
}
petrhollayms commented 1 month ago

Hi @lucafrancescato ,

Thank you for confirming that the workaround with Invoke-MgGraphRequest works.

We will try to reproduce it in our environment but this will take some time, so please keep using Invoke-MgGraphRequest for the time being and we keep this issue here open until we figured out the right solution for it, OK?

Similar issue also is #2516 where an alternative setup with using a hybrid worker was mentioned as the sandbox one has a memory limit of 400 MB, see https://learn.microsoft.com/en-us/azure/automation/automation-runbook-execution and https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/azure-subscription-service-limits#automation-limits

lucafrancescato commented 1 month ago

All clear, thank you very much Petr.