New-UnifiedGroup in Azure Functions has multiple issues

[StfBauer]

Reporting an Issue or Missing Feature

Please confirm what it is that your reporting

Expected behavior

Create a new unified group including Teams Teams and set the owner correctly.

Actual behavior

I have running new-pnpunifiedgroup for a while now in an Azure Function. Now, this Azure Function (v1) should also create a team.

There are multiple issues I encountered.

Issue 1: Owner cannot be found

The command in the Azure Function:

$group = New-PnPUnifiedGroup -DisplayName $displayName -Description $name -MailNickname $alias -Owners @("my.emailaddress@example.com") -Members @("my.emailaddress@example.com") -CreateTeam -IsPrivate -Verbose
$group.SiteUrl

or

$group = New-PnPUnifiedGroup -DisplayName $displayName -Description $name -MailNickname $alias -Owners "my.emailaddress@example.com" -Members @("my.emailaddress@example.com") -CreateTeam -IsPrivate -Verbose
$group.SiteUrl

This results in the following error:

2019-12-10T08:09:33.372 [Error] New-PnPUnifiedGroup : Exception while invoking endpoint https://graph.microsoft.com/v1.0/groups/c6a71429-25dd-427e-8515-ef1721bde4d7/team.
at run.ps1: line 76
+ New-PnPUnifiedGroup
+ ___________________
    + CategoryInfo          : NotSpecified: (:) [New-PnPUnifiedGroup], ApplicationException
    + FullyQualifiedErrorId : System.ApplicationException,SharePointPnP.PowerShell.Commands.Graph.NewPnPUnifiedGroup
2019-12-10T08:09:33.388 [Error] Exception while executing function: Functions.ProvisionWebNew. Microsoft.Azure.WebJobs.Script: PowerShell script error. OfficeDevPnP.Core: Exception while invoking endpoint https://graph.microsoft.com/v1.0/groups/c6a71429-25dd-427e-8515-ef1721bde4d7/team. {
  "error": {
    "code": "InvalidRequest",
    "message": "Team owner not found for c6a71429-25dd-427e-8515-ef1721bde4d7.",
    "innerError": {
      "request-id": "1c3334a1-6755-49c0-92e3-ff0d433360bb",
      "date": "2019-12-10T08:09:33"
    }
  }
}.
2019-12-10T08:09:33.404 [Error] Function completed (Failure, Id=f330f70b-2043-4c44-9c28-b9c79adf689a, Duration=36809ms)

Issue 2: Creating without teams

When the previous command is executed in the Azure Function without creating the team the groups gets generated but the owners remain empty.

$group = New-PnPUnifiedGroup -DisplayName $displayName -Description $name -MailNickname $alias -Owners @("my.emailaddress@example.com") -Members @("my.emailaddress@example.com") -IsPrivate -Verbose
$group.SiteUrl

Also in addition the $group.SiteUrl is not returned...

Which version of the PnP-PowerShell Cmdlets are you using?

• [ ] PnP PowerShell for SharePoint 2013
• [ ] PnP PowerShell for SharePoint 2016
• [x] PnP PowerShell for SharePoint Online

What is the version of the Cmdlet module you are running?

PowerShell Version: 3.16.1912.0

How did you install the PnP-PowerShell Cmdlets?

• [ ] MSI Installed downloaded from GitHub
• [x] Installed through the PowerShell Gallery with Install-Module
• [ ] Other means

[ghost]

Thank you for reporting this issue. We will be triaging your incoming issue as soon as possible.

[jcollinsks]

I'm facing the same problem, works fine outside of my Azure Function, but running the powershell from an Azure function produces [Error] New-PnPUnifiedGroup : Exception while invoking endpoint https://graph.microsoft.com/v1.0/groups/2ae7e991-994b-402e-81fc-9c6b995f451f/team.

[isht3k]

Did you ever solve this? I am running that same command from a Runbook and getting a similar error (even though it works in my console just fine)

New-PnPUnifiedGroup : Exception while invoking endpoint

https://graph.microsoft.com/v1.0/groups/74fab116-27cf-4ad5-804f-cf3fc09930d5/team.

At line:23 char:1

• New-PnPUnifiedGroup -DisplayName $eve -Description $eve -MailNickname ...

• 
  
  + CategoryInfo          : NotSpecified: (:) [New-PnPMicrosoft365Group], ApplicationException
  
  + FullyQualifiedErrorId : System.ApplicationException,PnP.PowerShell.Commands.Graph.NewPnPMicrosoft365Group

[tarjeieo]

Same issue here! Works in console, fails from a runbook

Workaround is to create group without -CreateTeam parameter, and then after that invoke teams creation from the graph directly, like explained here: https://mmsharepoint.wordpress.com/2019/04/05/provision-microsoft-teams-with-azure-automation-part-ii/

EDIT: Better workaround is to just call Set-PnPUnifiedGroup -CreateTeam afterwards.

PS: I have a mancrush on @wobba

[wobba]

Seems to me it could be a timing issue of sorts. As running the two commands is doing the exact same thing as running one command. Running with the createTeam option the first time is internally doing two calls in succession.

[isht3k]

You are right that when I seperated out the command it would work, but only if I waited for some time before running the createTeam command. I noticed that the New-PnPUnifiedGroup command does not set the Owners at all. If i were to run the Set-PnpUnifiedGroup command after to set the owner it works though..

$eve = "testing123" $gr = New-PnPUnifiedGroup -DisplayName $eve -Description $eve -MailNickname $eve -Owners "test@test"

[wobba]

Code wise "new" should add owners...look at the fiddler trace on the JSON payload. Weird stuff 🙂

[tarjeieo]

I had to add owner as member as well, to set the owner properly

[isht3k]

This is my sample code I am running from an Azure Runbook Connect-PnPOnline -Url 'tenant admin url' -ClientId "client id of azure ad app" -ClientSecret "client secret" $eve = "site and group name" $owners = @("test@test.com") $gr = New-PnPUnifiedGroup -DisplayName $eve -Description $eve -MailNickname $eve -Owners $owners -Members $owners #this doesn set the owner or member $gr = Get-PnPUnifiedGroup -Identity $eve Set-PnPUnifiedGroup -Identity $gr -Owners $owners -Members $owners # this works (why didn't it in the new command?) Set-PnPUnifiedGroup -Identity $gr -CreateTeam # this errors out, but if i were to run this command in the runbook again it would work Disconnect-PnPOnline

I had to separate out the command because the "new" is just not adding the owners even when I include members (again this works in my console - so frustrating!) So I also ran the command to Create the Team after that and it still errors, even though if I were to wait some time and then run the command to create the team it will work, I think you're right @wobba there is some timing issue going on. But that doesn't tell me why i get this error:

Set-PnPUnifiedGroup : {

"error": {

"code": "BadRequest",

"message": "Team owner not found for 04d10b65-f285-47e2-8448-70841fcdf3bd.",

"innerError": {

  "date": "2020-08-27T21:50:32",

  "request-id": "0c398f05-7560-4612-93c7-04b660a42279"

}

}

}

At line:20 char:1

• Set-PnPUnifiedGroup -Identity $gr -CreateTeam

• 
  
  + CategoryInfo          : InvalidOperation: (PnP.PowerShell....crosoft365Group:SetMicrosoft365Group) 

[Set-PnPMicrosoft365Group], HttpException

+ FullyQualifiedErrorId : GROUPUPDATEFAILED,PnP.PowerShell.Commands.Graph.SetMicrosoft365Group

[wobba]

The new cmdlet adds owners/members in the same call using OData binding when creating the Group, which should work fine. The Set cmdlet adds them afterwards. So not the exact same procedure.

If you look at https://docs.microsoft.com/en-us/graph/teams-create-group-and-team it's all described in details, and step #4 say you may have to wait as long as 15 minutes before you can create the team.

@gautamdsheth I see the code you added for teams creation uses a PUT request while the docs state POST. Should not matter, but maybe we should add a timeout and check on the CreateTeam request?

And there's an alternative way passing the groupid as a param.

POST https://graph.microsoft.com/beta/teams
Content-Type: application/json

{
  "template@odata.bind": "https://graph.microsoft.com/beta/teamsTemplates('standard')",
  "group@odata.bind": "https://graph.microsoft.com/v1.0/groups('groupId')"
}

[gautamdsheth]

@wobba - The v1 endpoint suggests that we use the PUT request as mentioned here - https://docs.microsoft.com/en-us/graph/api/team-put-teams?view=graph-rest-1.0&tabs=http

The PR that I opened here - https://github.com/pnp/PnP-Sites-Core/pull/2521/files - follows this pattern to retry the Create team call three times, with a 10 second delay between calls.

Happy to modify the PR as you suggest to the beta endpoint, however there could be an issue in case of non-standard tenants such as education tenants which would require I guess https://graph.microsoft.com/beta/teamsTemplates('educationClass') endpoint.

Thoughts ?

[wobba]

@gautamdsheth v1.0 is better and my bad. Maybe change retry to take a max timeout param, and then retry every minute/30 sec up to that limit? We should then add the same parameter to Posh, having a default of maybe 5 minutes. @PaoloPia @erwinvanhunen

[gautamdsheth]

@wobba - Have added the timeout parameter as you suggested. By default will have a 5 min wait time and will retry teams creation every 30 seconds for 5 mins.